[Snort-sigs] Sourcefire VRT Certified Snort Rules Update

research at ...435... research at ...435...
Tue Feb 26 18:13:26 EST 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sourcefire VRT Certified Snort Rules Update

Synopsis:
The Sourcefire VRT is aware of vulnerabilities affecting Apple QuickTime and Citrix MetaFrame.

Details:
Apple QuickTime Buffer Overflow (CVE-2008-0033):
Apple QuickTime contains a buffer overflow condition that may allow a remote attacker to execute code on a vulnerable system. The problem occurs when QuickTime attempts to process malformed movie files that contain an invalid Image Descriptor atom size.

A rule to detect attacks targeting this vulnerability is included in this release and is identified as SID 13517.

Apple QuickTime Buffer Overflow (CVE-2008-0234):
Apple QuickTime contains a buffer overflow condition that may allow a remote attacker to execute code on a vulnerable system. The problem occurs when QuickTime attempts to process a long Reason-Phrase response to an rtsp request.

A rule to detect attacks targeting this vulnerability is included in this release and is identified as SID 13516.

Citrix MetaFrame Buffer Overflow (CVE-2008-0356):
Citrix MetaFrame Presentation Server contains a buffer overflow condition that may allow a remote attacker to execute code on an affected system. The problem occurs when the service attempts to process TCP packets containing an invalid size value.

A rule to detect attacks targeting this vulnerability is included in this release and is identified as SID 13519.

For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2008-02-26.html

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Cygwin)

iD8DBQFHxHbNoFlcG+k7cPwRAk9WAKCZMifDRNSWETxWjvNYWRr8izIrFwCeOWXT
x4UR6gBx7bsbcIm7t6lWYcQ=
=5fPg
-----END PGP SIGNATURE-----





More information about the Snort-sigs mailing list