[Snort-sigs] Sourcefire VRT Certified Snort Rules Update

research at ...435... research at ...435...
Mon Oct 20 13:58:13 EDT 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sourcefire VRT Certified Snort Rules Update

Synopsis:
The Sourcefire VRT is aware of a vulnerability affecting the BEA
WebLogic Product Suite.

Details:
BEA WebLogic Buffer Overflow (CVE-2008-4008):
BEA WebLogic Server Plugins for Apache contain a vulnerability that may
allow a remote attacker to execute code on a vulnerable system. The
problem occurs when the application processes overly long
Transfer-Encoding parameters, which are copied to an insufficiently
sized buffer, leading to a stack overflow.

A rule to detect attacks targeting this vulnerability is included in
this release and is identified with GID 1, SID 14771.

Additionally, the Sourcefire VRT has added multiple rules to the
web-client category to provide coverage for emerging threats targeting
web clients.

For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2008-10-20.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFI/Keq8GAEVQeoGrMRAjerAJ9NW1ARE50HLrOqPa5WMbmqqqSrlgCgjrgG
wRAarVBWSuGzYF6ivpdd7zY=
=e/T9
-----END PGP SIGNATURE-----




More information about the Snort-sigs mailing list