[Snort-sigs] Sourcefire VRT Certified Snort Rules Update

research at ...435... research at ...435...
Wed Nov 28 14:45:26 EST 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sourcefire VRT Certified Snort Rules Update

Synopsis:
The Sourcefire VRT is aware of a vulnerability in Apple QuickTime and has added multiple rules in the spyware-put and backdoor categories to provide coverage for emerging spyware and Trojan Horse threats.

Details:
Apple QuickTime RTSP buffer overflow (VU#659761):
Apple QuickTime contains a buffer overflow vulnerability that may allow a remote attacker to execute code on an affected system. The problem occurs in the handling of Content-Type header information.

Rules to detect attacks targeting this vulnerability are included in this release and are identified as SIDs 12741 and 12742.

Additionaly, as a result of ongoing research, the Sourcefire VRT has added multiple rules to the spyware-put and backdoor rule sets to provide coverage for emerging threats from these technologies.

For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2007-11-28.html

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Cygwin)

iD8DBQFHTbdKoFlcG+k7cPwRAt64AJsHMBRKYMbiuxgBQmfaFLFhvjpxvQCeOnsa
ysZSoEAGlPU4EelXrBs2Uuc=
=EmaT
-----END PGP SIGNATURE-----





More information about the Snort-sigs mailing list