[Snort-sigs] Sourcefire VRT Certified Snort Rules Update 2009-12-08

evilghost at ...3397... evilghost at ...3397...
Tue Dec 8 15:15:08 EST 2009


Hello.  The change log is 404, again.  I depend on the Change Log.  I 
cried, but just once this time since 
http://www.snort.org/vrt/docs/ruleset_changelogs/CURRENT/changes-2009-12-08.html 
seems to work.

http://www.snort.org/vrt/docs/ruleset_changelogs/2_8/changes-2009-12-08.html 
is 404.

Cheers,
evilghost

Research wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> From: VRT Advisory Builder <vrtbuild at ...435...>
> To: Matt Watchinski <mwatchinski at ...435...>, Lurene Grenier <lgrenier at ...253...435...>, Marketing <steve.kane at ...435...>, Clint Brown <cbrown at ...435...>
> Cc: Nigel Houghton <nigel at ...435...>, Dave Parrish <dparrish at ...435...>, John Leone <jleone at ...435...>
> Reply-To: Nigel Houghton <nigel at ...435...>
> X-Mailer: VRT Rule Pack Auto Mailer 2.0
> Subject: Sourcefire VRT Certified Snort Rules Update 2009-12-08 FINAL
>
> Sourcefire VRT Certified Snort Rules Update
>
> Synopsis:
> The Sourcefire VRT is aware of multiple vulnerabilities affecting
> Microsoft products.
>
> Details:
> Microsoft Security Advisory MS09-070:
> A vulnerability in Microsoft Active Directory may allow a remote
> attacker to execute code on an affected system.
>
> A rule to detect attacks targeting this vulnerability is included in
> this release and is identified with GID 3, SID 16312.
>
> Microsoft Security Advisory MS09-071:
> A vulnerability in the Microsoft Challenge Handshake Authentication
> Protocol (MS-CHAPv2) may allow a remote attacker to escalate privileges
> on an affected system. This does not require authentication to exploit.
>
> A rule to detect attacks targeting this vulnerability is included in
> this release and is identified with GID 3, SID 16329.
>
> Microsoft Security Advisory MS09-072:
> Microsoft Internet Explorer contains several vulnerabilities that may
> allow a remote attacker to execute code on a vulnerable system.
>
> Rules to detect attacks targeting these vulnerabilities are included in
> this release and are identified with GID 3, SIDs 16317, 16326 and
> 16330.
>
> Additionally, previously released rules that will also detect attacks
> targeting these vulnerabilities are identified with GID 1, SIDs 15638,
> 15639, 16159 through 16166, 16310 and 16311.
>
> Microsoft Security Advisory MS09-073:
> The Microsoft Word converter fails to correctly validate user-supplied
> input. As a result, an attacker may leverage this error to execute code
> on an affected system.
>
> A rule to detect attacks targeting this vulnerability is included in
> this release and is identified with GID 3, SID 16314.
>
> Microsoft Security Advisory MS09-074:
> Microsoft Project contains a programming error that may allow a remote
> attacker to execute code on an affected system via the use of a
> specially crafted file.
>
> A rule to detect attacks targeting this vulnerability is included in
> this release and is identified with GID 1, SID 16328.
>
> For a complete list of new and modified rules please see:
>
> http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2009-12-08.html
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.6 (GNU/Linux)
>
> iD8DBQFLHornQcQOxItLLaMRAi18AJ4gt/AkUbtatL8KHWQw6oNxzNhXnACgjuez
> U078gMlSa6iyoirefj3B85g=
> =S3Nc
> -----END PGP SIGNATURE-----
>
>
> ------------------------------------------------------------------------------
> Return on Information:
> Google Enterprise Search pays you back
> Get the facts.
> http://p.sf.net/sfu/google-dev2dev
> _______________________________________________
> Snort-sigs mailing list
> Snort-sigs at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/snort-sigs
>   




More information about the Snort-sigs mailing list