[Snort-sigs] Sourcefire VRT Certified Snort Rules Update 2013-05-14

Research research at ...435...
Tue May 14 14:44:02 EDT 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Sourcefire VRT Certified Snort Rules Update

Synopsis:
The Sourcefire VRT is aware of vulnerabilities affecting products from
Microsoft Corporation.

Details:
Microsoft Security Advisory MS13-037:
Internet Explorer suffers from programming errors that may lead to
information disclosure or remote code execution.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 26624, 26625, 26629
through 26631, 26633 through 26638, 26641, and 26642.

Microsoft Security Advisory MS13-038:
Internet Explorer suffers from a programming error that may lead to
remote code execution.

Previously released rules will detect attacks targeting this
vulnerability and have been updated with the appropriate reference
information. They are included in this release and are identified with
GID 1, 26569, 26570, 26571, and 26572.

Microsoft Security Advisory MS13-039:
A programming error exists in the Windows 2012 Server HTTP subsystem
that may allow a remote attacker to cause a permanent Denial of Service
(DoS) against an affected system.

A rule to detect attacks targeting this vulnerability is included in
this release and is identified with GID 1, SID 26632.

Microsoft Security Advisory MS13-040:
The .NET Framework suffers from a programming error that may allow an
attacker to bypass XML authentication.

Rules to detect attacks targeting this vulnerability are included in
this release and are identified with GID 1, SIDs 26639 and 26640

Microsoft Security Advisory MS13-044:
Microsoft Visio suffers from a programming error that may expose
affected systems to information disclosure.

Rules to detect attacks targeting this vulnerability are included in
this release and are identified with GID 1, SIDs 26626 through 26628.

Microsoft Security Advisory MS13-045:
Microsoft Windows Live Essentials contains programming errors that may
expose affected systems to information disclosure.

Rules to detect attacks targeting this vulnerability are included in
this release and are identified with GID 1, SIDs 26622 and 26623/

Additionally, the Sourcefire VRT has added and modified multiple rules
in the browser-ie, browser-other, browser-plugins, exploit-kit,
file-office, file-other, indicator-obfuscation, malware-cnc,
policy-other and server-webapp rule sets to provide coverage for
emerging threats from these technologies.

For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2013-05-14.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFRkoXyQLjqI2QiHVMRAkqfAKCnMeWgRr/+KCW5VxQU8NnHLx94fACeNq7M
0IiMeFzmekedLNTmjWJI5U0=
=PVsM
-----END PGP SIGNATURE-----





More information about the Snort-sigs mailing list