Sourcefire VRT Certified Snort Rules Update 2010-11-04

[Research <research () sourcefire com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Sourcefire VRT Certified Snort Rules Update

Synopsis:
The Sourcefire VRT is aware of vulnerabilities affecting Microsoft
Internet Explorer and ProFTP.

Details:
Microsoft Security Advisory (CVE-2010-3962):
Microsoft Internet Explorer contains a programming error that may allow
a remote attacker to execute code on a vulnerable system. The error
occurs when the application attempts to access an invalid flag
reference after an object is deleted.

A rule to detect attacks targeting this issue is included in this
release and is identified with GID 3, SID 18062.

ProFTP Remote Code Execution (CVE-2010-3867):
ProFTP contains a programming error that may allow a remote attacker to
execute code on an affected system.

The FTP-Telnet preprocessor will detect attacks targeting this issue
with GID 125 SID 1.

Additionally, multiple rules have been added to the spyware-put,
specific-threats, blacklist and phishing-spam rule sets to provide
coverage for emerging threats from these technologies.

For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2010-11-04.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFM0weEQcQOxItLLaMRAtWwAJ4g70VXCyVM0SPli3tXPoK1FkXOCgCgjUZB
VI0yVSQWvI7oOznygmEjnzU=
=3DbS
-----END PGP SIGNATURE-----


------------------------------------------------------------------------------
The Next 800 Companies to Lead America's Growth: New Video Whitepaper
David G. Thomson, author of the best-selling book "Blueprint to a 
Billion" shares his insights and actions to help propel your 
business during the next growth cycle. Listen Now!
http://p.sf.net/sfu/SAP-dev2dev
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs