[Snort-sigs] Sourcefire VRT Certified Snort Rules Update

research at ...435... research at ...435...
Tue Nov 13 17:46:33 EST 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sourcefire VRT Certified Snort Rules Update

Synopsis:
The Sourcefire VRT is aware of a vulnerability affecting hosts using Microsoft Windows XP and Microsoft Windows Server 2003.

Details:
Microsoft Security Bulletin MS07-061:
The URL handling in Windows XP and Windows Server 2003, with Windows Internet Explorer 7 installed, allows remote attackers to execute arbitrary programs via invalid "%" sequences.

Previously released rules are able to detect attacks targeting this vulnerability and are identified as SIDs 12643, 12664, 12687 and 12688.


For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2007-11-13.html

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Cygwin)

iD8DBQFHOf8joFlcG+k7cPwRAmDwAJ9r4cygU99wVHAjFbVNaMIhRwiAgwCfaUJx
aDIMow4sX44CexIeAo0sFCk=
=xuIN
-----END PGP SIGNATURE-----





More information about the Snort-sigs mailing list