[Snort-sigs] Sourcefire VRT Certified Snort Rules Update 2011-07-26
research at ...435...
Tue Jul 26 18:18:41 EDT 2011
-----BEGIN PGP SIGNED MESSAGE-----
Sourcefire VRT Certified Snort Rules Update
The Sourcefire VRT is aware of vulnerabilities affecting products from
Oracle Database Server (CVE-2011-0799):
Oracle Database Server contains a programming error that may allow a
remote, unauthenticated attacker to access data residing on an affected
system. The attack vector is an SQL injection vulnerability using the
Oracle Warehouse Builder User account.
Rules to detect attacks targeting this vulnerability are included in
this release and are identified with GID 1, SIDs 19599 and 19600.
Oracle Sun Products Suite (CVE-2011-2260):
The Oracle GlassFish Server component in the Oracle Sun Products Suite
contains a programming error that may allow a remote attacker to
execute a cross-site scripting attack.
A rule to detect attacks targeting this vulnerability is included in
this release and is identified with GID 1, SID 19605.
Additionally, the Sourcefire VRT has added and modified multiple rules
in the backdoor, blacklist, botnet-cnc, exploit, netbios,
specific-threats, spyware-put and web-client rule sets to provide
coverage for emerging threats from these technologies.
For a complete list of new and modified rules please see:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the Snort-sigs