[Snort-sigs] Sourcefire VRT Certified Snort Rules Update 2010-11-04
research at ...435...
Thu Nov 4 15:36:04 EDT 2010
-----BEGIN PGP SIGNED MESSAGE-----
Sourcefire VRT Certified Snort Rules Update
The Sourcefire VRT is aware of vulnerabilities affecting Microsoft
Internet Explorer and ProFTP.
Microsoft Security Advisory (CVE-2010-3962):
Microsoft Internet Explorer contains a programming error that may allow
a remote attacker to execute code on a vulnerable system. The error
occurs when the application attempts to access an invalid flag
reference after an object is deleted.
A rule to detect attacks targeting this issue is included in this
release and is identified with GID 3, SID 18062.
ProFTP Remote Code Execution (CVE-2010-3867):
ProFTP contains a programming error that may allow a remote attacker to
execute code on an affected system.
The FTP-Telnet preprocessor will detect attacks targeting this issue
with GID 125 SID 1.
Additionally, multiple rules have been added to the spyware-put,
specific-threats, blacklist and phishing-spam rule sets to provide
coverage for emerging threats from these technologies.
For a complete list of new and modified rules please see:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the Snort-sigs