Snort mailing list archives
Sourcefire VRT Certified Snort Rules Update 2011-03-24
From: Research <research () sourcefire com>
Date: Thu, 24 Mar 2011 15:10:33 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sourcefire VRT Certified Snort Rules Update Synopsis: The Sourcefire VRT is aware of a problem concerning digital certificates issued by Comodo. Additionally, this release adds and modifies rules in several categories. Details: Comodo Digital Certificate Authority Fraud: The Sourcefire VRT is aware of the existance of nine fraudulent digital certificates issued by Comodo. Using these certificates, an attacker may be able to spoof content, perform various phishing attacks or perform man-in-the-middle attacks on sites and users relying on these certificates for identification purposes. Rules to detect attacks targeting this vulnerability are included in this release and are identified with GID 1, SIDs 18565 through 18573. Additionally, the Sourcefire VRT has added and modified multiple rules in the ftp, imap, specific-threats, spyware-put, web-activex and web-client rule sets to provide coverage for emerging threats from these technologies. For a complete list of new and modified rules please see: http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2011-03-24.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFNi5TKQcQOxItLLaMRAl0nAJ9iAOhBCdrppNEItec8xGXHjdt7bwCeLwc1 KqE0miMyg2aOc+83agJnfe0= =5Arf -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ Enable your software for Intel(R) Active Management Technology to meet the growing manageability and security demands of your customers. Businesses are taking advantage of Intel(R) vPro (TM) technology - will your software be a part of the solution? Download the Intel(R) Manageability Checker today! http://p.sf.net/sfu/intel-dev2devmar _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org
Current thread:
- Sourcefire VRT Certified Snort Rules Update 2011-03-24 Research (Mar 24)