[Snort-sigs] Sourcefire VRT Certified Rules Update
research at ...435...
Thu Feb 1 20:08:06 EST 2007
-----BEGIN PGP SIGNED MESSAGE-----
Sourcefire VRT Certified Rules Update
The Sourcefire Vulnerability Research Team (VRT) is aware of
vulnerabilities affecting BrightStor ARCserve Backup and has added a
number of rules to the specific-threats and backdoor categories.
BrightStor ARCserve CVE-2007-0169:
Computer Associates BrightStor ARCserve Backup Suite is vulnerable to
multiple remote buffer-overflow attacks due to poor checking of
user-supplied data to the application.
Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified as SIDs 10117 through 10122.
Specific Threats Update:
Multiple rules have been added in the specific-threats category to
provide further coverage for the Peacomm trojan and problems relating
to weak authentication with some Voice over IP (VoIP) telephones.
Rules to detect activity from the Peacomm trojan are included in this
release and are identified as SIDs 10113 and 10114.
Rules to detect attempts to exploit VoIP telephones are included in
this release and are identified as SIDs 10123 and 10124.
For a complete list of new and modified rules please see:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the Snort-sigs