[Snort-sigs] Sourcefire VRT Certified Rules Update
research at ...435...
Fri Apr 13 16:55:38 EDT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Sourcefire VRT Certified Rules Update
The Sourcefire VRT is aware of vulnerabilities affecting hosts using
the Microsoft DNS Server Service.
Microsoft Security Advisory (935964):
Microsoft DNS Server Service is prone to a vulnerability that may allow
a remote attacker to execute code on an affected system. This issue is
present in the RPC interface of servers using Microsoft's
implementation of DNS.
In order to detect attacks targeting this vulnerability, the dcerpc
preprocessor must be configured to use 'autodetect'. This is the
default behavior for the preprocessor.
Rules to detect attacks targeting this vulnerability are included in
this release and are identified as SIDs 10518 through 10697
For a complete list of new and modified rules please see:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the Snort-sigs