[Snort-sigs] Sourcefire VRT Certified Rules Update

Sourcefire VRT research at ...435...
Fri Apr 13 16:55:38 EDT 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sourcefire VRT Certified Rules Update

Synopsis:
The Sourcefire VRT is aware of vulnerabilities affecting hosts using
the Microsoft DNS Server Service.


Details:
Microsoft Security Advisory (935964):
Microsoft DNS Server Service is prone to a vulnerability that may allow
a remote attacker to execute code on an affected system. This issue is
present in the RPC interface of servers using Microsoft's
implementation of DNS.

In order to detect attacks targeting this vulnerability, the dcerpc
preprocessor must be configured to use 'autodetect'. This is the
default behavior for the preprocessor.

Rules to detect attacks targeting this vulnerability are included in
this release and are identified as SIDs 10518 through 10697


For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2007-04-13.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGH+5JoFlcG+k7cPwRAtDXAJ4stb/YoB1Blcgp0c/TlSCmkFgZ/wCgg+sC
ws7wDzkjrsRjNAA9HYdzlBs=
=LW3O
-----END PGP SIGNATURE-----




More information about the Snort-sigs mailing list