[Snort-sigs] Sourcefire VRT Certified Snort Rules Update 2011-07-26

Research research at ...435...
Tue Jul 26 18:18:41 EDT 2011


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Sourcefire VRT Certified Snort Rules Update

Synopsis:
The Sourcefire VRT is aware of vulnerabilities affecting products from
Oracle Corporation.

Details:
Oracle Database Server (CVE-2011-0799):
Oracle Database Server contains a programming error that may allow a
remote, unauthenticated attacker to access data residing on an affected
system. The attack vector is an SQL injection vulnerability using the
Oracle Warehouse Builder User account.

Rules to detect attacks targeting this vulnerability are included in
this release and are identified with GID 1, SIDs 19599 and 19600.

Oracle Sun Products Suite (CVE-2011-2260):
The Oracle GlassFish Server component in the Oracle Sun Products Suite
contains a programming error that may allow a remote attacker to
execute a cross-site scripting attack.

A rule to detect attacks targeting this vulnerability is included in
this release and is identified with GID 1, SID 19605.

Additionally, the Sourcefire VRT has added and modified multiple rules
in the backdoor, blacklist, botnet-cnc, exploit, netbios,
specific-threats, spyware-put and web-client rule sets to provide
coverage for emerging threats from these technologies.

For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2011-07-26.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFOLz1BaBoqZBVJfwMRAj40AJoC5MqyQeqW6Y+hM9BNmU0P2qmEbACeNIdU
Wufr63WFnT7FBpEqNHyAhw0=
=sX79
-----END PGP SIGNATURE-----





More information about the Snort-sigs mailing list