[Snort-sigs] Sourcefire VRT Certified Snort Rules Update 2012-03-22
research at ...435...
Thu Mar 22 14:30:45 EDT 2012
-----BEGIN PGP SIGNED MESSAGE-----
Sourcefire VRT Certified Snort Rules Update
This release adds and modifies rules in several categories.
Microsoft Security Advisory MS12-020:
Microsoft Windows Remote Desktop suffers from programming errors that
may allow a remote attacker to execute code on a vulnerable system.
A rule identified with GID 3, SID 21619 has been added in this release
in order to improve detection of attacks and to improve performance.
This rule replaces the rules identified with GID 1, SIDs 21571, 21572
and 21592. These rules have been deleted in this release.
Additionally, the Sourcefire VRT has added and modified multiple rules
in the backdoor, chat, dns, dos, exploit, file-identify, imap, misc,
netbios, policy, pop3, scada, shellcode, smtp, specific-threats, sql,
web-activex, web-client and web-php rule sets to provide coverage for
emerging threats from these technologies.
For a complete list of new and modified rules please see:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the Snort-sigs