[Snort-sigs] Sourcefire VRT Certified Snort Rules Update

research at ...435... research at ...435...
Tue Feb 3 17:33:30 EST 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sourcefire VRT Certified Snort Rules Update

Synopsis:
As a result of ongoing research, the Sourcefire VRT has added multiple
rules to the web-activex, specific-threats and chat rule sets to
provide coverage for emerging threats from these technologies.

Details:
As a result of ongoing research, the Sourcefire VRT has added multiple
rules to the web-activex, specific-threats and chat rule sets to
provide coverage for emerging threats from these technologies.

Microsoft Security Advisory MS08-067:
After continued research into a vulnerability affecting the Microsoft
implementation of DCE/RPC, the Sourcefire VRT has made improvements to
the rules that detect attacks targeting this vulnerability in order to
enhance performance.

The updated rules to detect attacks targeting this vulnerability are
included in this release and are identified with GID 3, SIDs 14773
through 14985.

For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2009-02-03.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFJiK7O8GAEVQeoGrMRAu5vAJ9B1jFzeTFejfZ3mUL1WzFS1s3kagCaA5VQ
6wsDHEGzxvttdfiIWrmqtgI=
=JBMh
-----END PGP SIGNATURE-----




More information about the Snort-sigs mailing list