[Snort-sigs] Sourcefire VRT Certified Rules Update
research at ...435...
Tue Apr 17 17:59:48 EDT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Sourcefire VRT Certified Rules Update
The Sourcefire VRT is aware of vulnerabilities affecting hosts using
the Microsoft DNS Server Service. This release enhances the detection
capabilities for this vulnerability.
Microsoft Security Advisory (935964):
Microsoft DNS Server Service is prone to a vulnerability that may allow
a remote attacker to execute code on an affected system. This issue is
present in the RPC interface of servers using Microsoft's
implementation of DNS.
In order to detect attacks targeting this vulnerability, the DCE/RPC
preprocessor must be configured to use 'autodetect'. This is the
default behavior for the preprocessor.
The Sourcefire VRT has continued research into this issue. As a result,
this release provides improved detection for attacks targeting this
For a complete list of new and modified rules please see:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the Snort-sigs