[Snort-sigs] Sourcefire VRT Certified Snort Rules Update 2010-02-26

evilghost at ...3397... evilghost at ...3397...
Fri Feb 26 16:23:48 EST 2010


Changelog is 404.

-evilghost

Research wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> Sourcefire VRT Certified Snort Rules Update
>
> Synopsis:
> The Sourcefire VRT is aware of a vulnerability affecting Microsoft
> Internet Explorer.
>
> Details:
> Microsoft Internet Explorer Command Execution:
> Microsoft Internet Explorer contains a programming error that may allow
> a remote attacker to execute commands on a vulnerable system. The
> attacker needs to supply VBScript to invoke winhlp32.exe, which can
> then be used to execute commands via a specially crafted .HLP file.
>
> A rule to detect attacks targeting this vulnerability is included in
> this release and is identified with GID 1, SID 16452.
>
> For a complete list of new and modified rules please see:
>
> http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2010-02-26.html
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.6 (GNU/Linux)
>
> iD8DBQFLiDgnQcQOxItLLaMRAvEaAJ9rpY1fUgU+FqlTRm66BLe1CBJGXACfW11A
> QGugTZe+7KTde2i/54mF+L0=
> =DBm/
> -----END PGP SIGNATURE-----
>
>
> ------------------------------------------------------------------------------
> Download Intel® Parallel Studio Eval
> Try the new software tools for yourself. Speed compiling, find bugs
> proactively, and fine-tune applications for parallel performance.
> See why Intel Parallel Studio got high marks during beta.
> http://p.sf.net/sfu/intel-sw-dev
> _______________________________________________
> Snort-sigs mailing list
> Snort-sigs at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/snort-sigs
>
>   




More information about the Snort-sigs mailing list