This message is to announce the availability of an update for the
Sourcefire community rule set, which can be downloaded free of cost or
registration from http://www.snort.org/pub-bin/downloads.cgi.
New rules in this release are identified as SIDs 100000180-100000188.
They include a spoofing attack for SIP-enabled phones, denials of
service for two game servers, acccess to a JBoss applet which is
susceptible to a buffer overflow, and multiple information gathering
attempts.
Sourcefire would like to thank rmkml for submitting these rules. As a
reminder, anyone who wishes to submit rules may do so at
http://www.snort.org/reg-bin/rulesubmit.cgi.
A list of new rules and their SIDs follows.
Alex Kirk
Community Rules Maintainer
Sourcefire, Inc.
100000180 || COMMUNITY EXPLOIT SIP UDP spoof attempt
100000181 || COMMUNITY GAME FlatFrag game dos exploit
100000182 || COMMUNITY GAME Battle Carry attempt
100000183 || COMMUNITY WEB-ATTACKS SAP WAS syscmd acces
100000184 || COMMUNITY WEB-MISC JBoss JMXInvokerServlet access
100000185 || COMMUNITY WEB-MISC apache directory list attempt
100000186 || COMMUNITY WEB-PHP phpinfo access
100000187 || COMMUNITY WEB-PHP XSS attempt
100000188 || COMMUNITY WEB-PHP Vubb Path attempt
-------------------------------------------------------
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server. Download
it for free - -and be entered to win a 42" plasma tv or your very own
Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
