[Snort-sigs] Sourcefire VRT Certified Snort Rules Update 2010-07-22

Research research at ...435...
Thu Jul 22 14:09:59 EDT 2010


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Sourcefire VRT Certified Snort Rules Update

Synopsis:
The Sourcefire VRT is aware of vulnerabilities affecting Microsoft
Windows and Siemens SCADA products.

Details:
Microsoft Windows Shell Shortcut Vulnerability (CVE-2010-2568):
Microsoft Windows Shell contains a vulnerability that may allow a
remote attacker to execute code on an affected system.

Rules to detect attacks targeting these vulnerabilities and are
included in this release and are identified with GID 1, SIDs 17042 and
17043.

Siemens Simatic WinCC and PCS 7 Vulnerability (CVE-2010-2772):
Siemens Simatic WinCC and PCS 7 SCADA systems use a known hard coded
password which can allow a remote attacker to gain unauthorized access
to vulnerable systems. This is currently being exploited in the wild by
the Stuxnet worm.

A rule to detect attacks targeting this vulnerability is included in
this release and is identified with GID 1, SID 17044.

For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2010-07-22.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFMSIl3QcQOxItLLaMRAg69AKCeb4oj5fjyjjFNL417oxK+4sxUZgCeKu5Z
hz8DrElr8IhqOoWgvUg0vIA=
=Pfg3
-----END PGP SIGNATURE-----





More information about the Snort-sigs mailing list