[Snort-sigs] Sourcefire VRT Certified Snort Rules Update 2013-04-09

Research research at ...435...
Tue Apr 9 13:34:21 EDT 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Sourcefire VRT Certified Snort Rules Update

Synopsis:
The Sourcefire VRT is aware of vulnerabilities affecting products from
Microsoft Corporation.

Details:
Microsoft Security Bulletin MS13-029:
Microsoft Remote Desktop Client contains programming errors that may
allow a remote attacker to execute code on a vulnerable system.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 26355 through 26365.


Microsoft Security Bulletin MS13-032:
A vulnerability in Microsoft Active Directory could lead to a denial of
service.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SID 26354.

Additionally, the Sourcefire VRT has added and modified multiple rules
in the bad-traffic, blacklist, browser-ie, browser-plugins, deleted,
dos, exploit-kit, file-other, indicator-compromise,
indicator-obfuscation, malware-cnc, malware-other, netbios, os-windows,
protocol-ftp and server-webapp rule sets to provide coverage for
emerging threats from these technologies.

For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2013-04-09.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFRZFEfaBoqZBVJfwMRAnxLAJ0eoHPnPfWMwHQ8fm6gEqVa5ALZGQCeIQzy
/qI/Hqqkz4iK9XO2sUTKBFg=
=Rt9C
-----END PGP SIGNATURE-----





More information about the Snort-sigs mailing list