[Snort-sigs] Sourcefire VRT Certified Snort Rules Update

Sourcefire VRT research at ...435...
Mon Jun 11 18:16:18 EDT 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sourcefire VRT Certified Snort Rules Update

Synopsis:
The Sourcefire VRT is aware of vulnerabilities affecting Yahoo
Messenger Webcam and Microsoft Office ActiveX controls.

Details:
Yahoo Messenger Webcam ActiveX Control (CVE-2007-3148 and
CVE-2007-3147):
A buffer overflow condition in the Yahoo Messenger Webcam ActiveX
control may allow remote attackers to execute code on an affected
machine.

Rules to detect attacks targeting this vulnerability are included in
this release and are identified as SIDs 11818 through 11825.

Microsoft Office 2000 ActiveX Control (CVE-2007-2903):
A buffer overflow condition in the Microsoft Office 2000 ActiveX
control may allow remote attackers to cause a Denial of Service (DoS)
against an affected host.

Rules to detect attacks targeting this vulnerability are included in
this release and are identified as SIDs 11622 and 11623.

Numerous other new rules and modifications to existing rules are also
included in this release.

Note: In order to use the rules for Snort version 2.6, the Snort version
MUST BE Snort 2.6.1.5. The rules for Snort CURRENT are for the Snort
version from cvs HEAD.

For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2007-06-11.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGbcmyoFlcG+k7cPwRAi7+AKC1JMmMrYIgVO5Vf3yuOvSntn3QbgCfRkiD
O4iVk/O8/bVL36XeKMdP+LU=
=CyXk
-----END PGP SIGNATURE-----




More information about the Snort-sigs mailing list