[Snort-sigs] Sourcefire VRT Certified Snort Rules Update 2010-07-22
research at ...435...
Thu Jul 22 14:09:59 EDT 2010
-----BEGIN PGP SIGNED MESSAGE-----
Sourcefire VRT Certified Snort Rules Update
The Sourcefire VRT is aware of vulnerabilities affecting Microsoft
Windows and Siemens SCADA products.
Microsoft Windows Shell Shortcut Vulnerability (CVE-2010-2568):
Microsoft Windows Shell contains a vulnerability that may allow a
remote attacker to execute code on an affected system.
Rules to detect attacks targeting these vulnerabilities and are
included in this release and are identified with GID 1, SIDs 17042 and
Siemens Simatic WinCC and PCS 7 Vulnerability (CVE-2010-2772):
Siemens Simatic WinCC and PCS 7 SCADA systems use a known hard coded
password which can allow a remote attacker to gain unauthorized access
to vulnerable systems. This is currently being exploited in the wild by
the Stuxnet worm.
A rule to detect attacks targeting this vulnerability is included in
this release and is identified with GID 1, SID 17044.
For a complete list of new and modified rules please see:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the Snort-sigs