[Snort-sigs] Sourcefire VRT Certified Snort Rules Update

research at ...435... research at ...435...
Tue Feb 5 16:13:43 EST 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sourcefire VRT Certified Snort Rules Update

Synopsis:
The Sourcefire VRT is aware of multiple vulnerabilities affecting ActiveX controls and has expanded coverage for CVE-2007-2446.

Details:
Samba Buffer Overflow (CVE-2007-2446):
Samba is prone to multiple buffer overflow conditions that may allow a remote attacker to execute code on a vulnerable host.

Rules to detect attacks targeting these vulnerabilities are included in this release and are identified as SIDs 13367 through 13414.

Additional rules are included in this release to detect attacks targeting ActiveX controls from SwiftView and Facebook Photo Uploader.

For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2008-02-05.html

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Cygwin)

iD8DBQFHqLa9oFlcG+k7cPwRArsfAJ4yKUiQZEpVtApXHvaNBnfcbZyG8ACgkUXB
9GqRUxZ0oTNoqSM2q91rDBo=
=jsR4
-----END PGP SIGNATURE-----





More information about the Snort-sigs mailing list