[Snort-sigs] Sourcefire VRT Certified Snort Rules Update 2011-11-08
research at ...435...
Tue Nov 8 12:32:09 EST 2011
-----BEGIN PGP SIGNED MESSAGE-----
Sourcefire VRT Certified Snort Rules Update
The Sourcefire VRT is aware of vulnerabilities affecting hosts using
the Microsoft Windows operating system.
Microsoft Security Advisory MS11-083:
The Microsoft Windows implementation of the TCP/IP networking stack
contains a programming error that may allow a remote attacker to
execute code or cause a Denial of Service (DoS) on an affected system.
A previously released rule will detect attacks targeting this
vulnerability and is included in this release with updated reference
information. It is identified with GID 1, SID 19678.
Microsoft Security Advisory MS11-085:
The Microsoft Windows Address Book component contains a programming
error that may allow a remote attacker to execute code on an affected
system. The problem occurs when the application attempts to process a
malicious Windows Address Book Library file.
Rules to detect attacks targeting this vulnerability are included in
this release and are identified with GID 1, SIDs 20541 and 20542.
For a complete list of new and modified rules please see:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the Snort-sigs