Snort mailing list archives
Sourcefire VRT Certified Snort Rules Update 2012-03-22
From: Research <research () sourcefire com>
Date: Thu, 22 Mar 2012 14:30:45 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sourcefire VRT Certified Snort Rules Update Synopsis: This release adds and modifies rules in several categories. Details: Microsoft Security Advisory MS12-020: Microsoft Windows Remote Desktop suffers from programming errors that may allow a remote attacker to execute code on a vulnerable system. A rule identified with GID 3, SID 21619 has been added in this release in order to improve detection of attacks and to improve performance. This rule replaces the rules identified with GID 1, SIDs 21571, 21572 and 21592. These rules have been deleted in this release. Additionally, the Sourcefire VRT has added and modified multiple rules in the backdoor, chat, dns, dos, exploit, file-identify, imap, misc, netbios, policy, pop3, scada, shellcode, smtp, specific-threats, sql, web-activex, web-client and web-php rule sets to provide coverage for emerging threats from these technologies. For a complete list of new and modified rules please see: http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2012-03-22.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFPa22ZaBoqZBVJfwMRAvhZAKCu1MFHygi5J8cVtEws7g0lzvGZkQCfdxT7 4Y/7z/4yU284sYHe+u85yPc= =Ubs/ -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ This SF email is sponsosred by: Try Windows Azure free for 90 days Click Here http://p.sf.net/sfu/sfd2d-msazure _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Sourcefire VRT Certified Snort Rules Update 2012-03-22 Research (Mar 22)