[Snort-sigs] Sourcefire VRT Certified Snort Rules Update

research at ...435... research at ...435...
Tue Jun 26 15:15:25 EDT 2007


Sourcefire VRT Certified Snort Rules Update

Synopsis:
The Sourcefire VRT is aware of vulnerabilities affecting Firebird SQL database server and Microsoft Internet Explorer.

Details:
Firebird SQL Remote Buffer Overflow (CVE-2007-3181):
Firebird SQL suffers from a programming error that may allow remote attackers to overflow a fixed length buffer and execute code on a vulnerable system.

A rule to detect attacks targeting this vulnerability is included in this release and is identified as SID 12009.

Microsoft Internet Explorer CSS Code Execution (CVE-2007-1750):
Microsoft Internet Explorer suffers from poor programming that may allow remote attackers to execute code by using a specially crafted Cascading Style Sheets (CSS) tag.

A rule to detect attacks targeting this vulnerability is included in this release and is identified as SID 11967.

Microsoft Internet Explorer URL Spoofing (CVE-2007-1499):
Microsoft Internet Explorer is vulnerable to phishing attacks when a URL is passed as an argument via a res: URI.

A rule to detect attacks targeting this vulnerability is included in this release and is identified as SID 12014.

For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2007-06-26.html

-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sourcefire VRT Certified Snort Rules Update

Synopsis:
The Sourcefire VRT is aware of vulnerabilities affecting Firebird SQL database server and Microsoft Internet Explorer.

Details:
Firebird SQL Remote Buffer Overflow (CVE-2007-3181):
Firebird SQL suffers from a programming error that may allow remote attackers to overflow a fixed length buffer and execute code on a vulnerable system.

A rule to detect attacks targeting this vulnerability is included in this release and is identified as SID 12009.

Microsoft Internet Explorer CSS Code Execution (CVE-2007-1750):
Microsoft Internet Explorer suffers from poor programming that may allow remote attackers to execute code by using a specially crafted Cascading Style Sheets (CSS) tag.

A rule to detect attacks targeting this vulnerability is included in this release and is identified as SID 11967.

Microsoft Internet Explorer URL Spoofing (CVE-2007-1499):
Microsoft Internet Explorer is vulnerable to phishing attacks when a URL is passed as an argument via a res: URI.

A rule to detect attacks targeting this vulnerability is included in this release and is identified as SID 12014.

For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2007-06-26.html

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Cygwin)

iD8DBQFGgVNOoFlcG+k7cPwRAtKZAKCnh3WOtlbUeRZ+x6SgeZ0KCv2FfgCgrS8S
EMseOK+FxJ0Fu5vpXSMb9YI=
=mYAo
-----END PGP SIGNATURE-----


More information about the Snort-sigs mailing list