Snort mailing list archives
Snort Subscriber Rules Update 2017-11-14
From: Research <research () sourcefire com>
Date: Tue, 14 Nov 2017 19:14:29 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Talos Snort Subscriber Rules Update Synopsis: Talos is aware of vulnerabilities affecting products from Microsoft Corporation. Details: Microsoft Vulnerability CVE-2017-11791: A coding deficiency exists in Microsoft Scripting Engine that may lead to information disclosure. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 44819 through 44820. Microsoft Vulnerability CVE-2017-11837: A coding deficiency exists in Microsoft Scripting Engine that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 44809 through 44810. Microsoft Vulnerability CVE-2017-11840: A coding deficiency exists in Microsoft Scripting Engine that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 44811 through 44812. Microsoft Vulnerability CVE-2017-11841: A coding deficiency exists in Microsoft Scripting Engine that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 44813 through 44814. Microsoft Vulnerability CVE-2017-11843: A coding deficiency exists in Microsoft Scripting Engine that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 44815 through 44816. Microsoft Vulnerability CVE-2017-11845: A coding deficiency exists in Microsoft Edge that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 44817 through 44818. Microsoft Vulnerability CVE-2017-11846: A coding deficiency exists in Microsoft Scripting Engine that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 44845 through 44846. Microsoft Vulnerability CVE-2017-11847: A coding deficiency exists in Microsoft Windows Kernel that may lead to elevation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 44833 through 44834. Microsoft Vulnerability CVE-2017-11854: A coding deficiency exists in Microsoft Word that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 44838 through 44839. Microsoft Vulnerability CVE-2017-11855: A coding deficiency exists in Microsoft Internet Explorer that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 44831 through 44832. Microsoft Vulnerability CVE-2017-11856: A coding deficiency exists in Microsoft Internet Explorer that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 44829 through 44830. Microsoft Vulnerability CVE-2017-11858: A coding deficiency exists in Microsoft Scripting Engine that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 44827 through 44828. Microsoft Vulnerability CVE-2017-11861: A coding deficiency exists in Microsoft Scripting Engine that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 44825 through 44826. Microsoft Vulnerability CVE-2017-11869: A coding deficiency exists in Microsoft Scripting Engine that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 44823 through 44824. Microsoft Vulnerability CVE-2017-11873: A coding deficiency exists in Microsoft Scripting Engine that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 44843 through 44844. Microsoft Vulnerability CVE-2017-11878: A coding deficiency exists in Microsoft Excel that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 44821 through 44822. Talos also has added and modified multiple rules in the browser-ie, file-image, file-office, file-other, file-pdf, indicator-compromise, os-windows and server-webapp rule sets to provide coverage for emerging threats from these technologies. For a complete list of new and modified rules please see: https://www.snort.org/advisories -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJaC0CUAAoJEPE/nha8pb+tFWcQALvPAlpAiGaUUAFqwYh6lN0K hIHvJKDdHnDaVoxC8Up0hJomQaAkfe6vaBVhQDvdx1mA5i6ua+XQuP/YOHaKl4dA 87qkAaCegpfnMogO76Nhmm9l4YR27VNRHAZUCfn5/eLqMyYqdL09W6HQ6EIP0meR Nv0/LSh0gpIwAi3l+cN57R+JpJ9HXWIaWJF77sBDm6J5hw9WfZofmNiZbiXDuepm PmPnjgfYw5tDFxXGtsvQ7X1iY0tSqWI1V7KQG61SOXHdZLykikFIg60tMQiarziu hGMMwqPPnsKo3VZ3vc5bdlKeH2Efd3gMt+Ij0aLcqyFH7AAX6zf/z/I9yg4Eaa4U A6Zx7D8Z6NNmZP5dvyypetzkrTtf4l8aFyylVH3vm7QR4vj+Wy1U7f3ygQqQF/8F dle5x9q+C8d+F+Ky8HvRmOdaFCT/yPLkcVZKKa/DqbkA8q9P7Ab873VjDMdPQFCB Rq8965l2W7QytbUTFxlYA530ySW9l1Rsu95LQsiAM7DD/xbmQzCgo90Qf99z9i5s txq/VMWUO1FDmhPzpEtN5e/v3+cIgljbqX3hldjL2r3IXAFgy4GV+L18HKUy8gE+ 8x0Rld9DGEfy2RTenGUARqgHWRC4Kepqd41HNTvbYw9ep/qWUBAPeqpfi6YG93BS vt7r1tzDbQ+Pq4J2Ad/T =yIoi -----END PGP SIGNATURE----- _______________________________________________ Snort-sigs mailing list Snort-sigs () lists snort org https://lists.snort.org/mailman/listinfo/snort-sigs Please visit http://blog.snort.org for the latest news about Snort! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!
Current thread:
- Snort Subscriber Rules Update 2017-11-14 Research (Nov 14)