[Snort-sigs] Sourcefire VRT Certified Snort Rules Update

research at ...435... research at ...435...
Wed Feb 20 16:01:55 EST 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sourcefire VRT Certified Snort Rules Update

Synopsis:
The Sourcefire VRT is aware of vulnerabilities affecting Adobe Acrobat, Adobe Acrobat Reader and Microsoft Active Directory.

Details:
Adobe Acrobat and Adobe Acrobat Reader (CVE-2008-0655):
Adobe Acrobat and Adobe Acrobat Reader are prone to multiple vulnerabilities that may allow a remote attacker to execute code on a vulnerable system.

Rules to detect attacks targeting these vulnerabilities are included in this release and are identified as SIDs 13477 and 13478.

Microsoft Security Bulletin (MS08-003):
A vulnerability in Active Directory may allow a remote attacker to cause a Denial of Service (DoS) condition on a vulnerable host.

A shared object rule to detect attacks targeting this vulnerability is included in this release and is identified with GID 3 and SID 13475.

Note: The detection functionality in SID 13475 is only available when using Snort version 2.8.0.2. This rule will not work with prior versions of Snort.

For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2008-02-20.html

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Cygwin)

iD8DBQFHvF7WoFlcG+k7cPwRAkb+AKC5jIZi/ybkGrX0dlmc2pOur/RvRQCcCJKc
c4qDK4Kl/Pqsc+MmJdMmW4g=
=FzWR
-----END PGP SIGNATURE-----





More information about the Snort-sigs mailing list