[Snort-sigs] Sourcefire VRT Certified Snort Rules Update

Sourcefire VRT research at ...435...
Wed Jun 13 19:15:56 EDT 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sourcefire VRT Certified Snort Rules Update

Synopsis:
The Sourcefire VRT is aware of vulnerabilities affecting hosts using
Microsoft products.

Details:
Microsoft Security Bulletin MS07-031:
The Windows Schannel Security Package may allow a remote attacker to
execute code on an affected host. The issue occurs when processing
certificate files during an SSL handshake.

A rule to detect attacks targeting this vulnerability is included in
this release and is identified as SID 11947.

Microsoft Security Bulletin MS07-035:
The Microsoft Windows Win32 API fails to correctly handle user-supplied
data. This may allow a remote attacker to execute code on a vulnerable
system.

A rule to detect attacks targeting this vulnerability is included in
this release and is identified as SID 11838.

For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2007-06-13.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGcHqsoFlcG+k7cPwRAjI3AJ42nxSgBOvgHa5ISNZv8O0bnE75xACeJNnj
MFhrrj2YGZyNeslUik9Vgs0=
=aojt
-----END PGP SIGNATURE-----




More information about the Snort-sigs mailing list