Network Security: Detailed info on [Snort-sigs] Sourcefire VRT Certified Rules Update

Subject:	[Snort-sigs] Sourcefire VRT Certified Rules Update
Date:	Thu, 06 Jul 2006 18:36:54 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sourcefire VRT Certified Rules Update

Synopsis:
The Sourcefire VRT is aware of a number of vulnerabilities affecting
several web browsers, including Internet Explorer and Firefox. This
rule pack contains a number of rules to detect these issues.

Details:
The Sourcefire VRT is aware of a number of vulnerabilities affecting
web browser client applications. This rule pack contains a number of
rules to address these issues.

These rules are identified as sids 7003 through 7018.

New rules:
7003 - WEB-CLIENT ADODB.Recordset ActiveX function call access
(web-client.rules)
7004 - WEB-CLIENT Internet.HHCtrl.1 ActiveX function call access
(web-client.rules)
7005 - WEB-CLIENT OutlookExpress.AddressBook ActiveX function call
access (web-client.rules)
7006 - WEB-CLIENT ASControls.InstallEngineCtl ActiveX function call
access (web-client.rules)
7007 - WEB-CLIENT AxDebugger.Document.1 ActiveX function call access
(web-client.rules)
7008 - WEB-CLIENT DirectAnimation.DAUserData ActiveX function call
access (web-client.rules)
7009 - WEB-CLIENT DirectAnimation.StructuredGraphicsControl ActiveX
function call access (web-client.rules)
7010 - WEB-CLIENT HtmlDlgSafeHelper.HtmlDlgSafeHelper.1 ActiveX
function call access (web-client.rules)
7011 - WEB-CLIENT HtmlDlgSafeHelper.HtmlDlgSafeHelper ActiveX function
call access (web-client.rules)
7012 - WEB-CLIENT Internet.PopupMenu.1 ActiveX function call access
(web-client.rules)
7013 - WEB-CLIENT Microsoft.ISCatAdm ActiveX function call access
(web-client.rules)
7014 - WEB-CLIENT NMSA.ASFSourceMediaDescription.1 ActiveX function
call access (web-client.rules)
7015 - WEB-CLIENT NMSA.MediaDescription ActiveX function call access
(web-client.rules)
7016 - WEB-CLIENT Object.Microsoft.DXTFilter ActiveX function call
access (web-client.rules)
7017 - WEB-CLIENT RDS.DataControl ActiveX function call access
(web-client.rules)
7018 - WEB-CLIENT Sysmon ActiveX function call access
(web-client.rules)

Updated rules:
~ 580 - RPC portmap nisd request UDP (rpc.rules)
~ 824 - WEB-CGI php.cgi access (web-cgi.rules)
1951 - RPC mountd TCP mount request (rpc.rules)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (Darwin)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFErZCGMpm0ve0NhMcRAqHfAJ9DtbKa1+dTYmxOB2Kd71N1iNi7WgCghY5M
rRLZPMl07XrD2UuHwI29IzA=
=cxWv
-----END PGP SIGNATURE-----

Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs

<Prev in Thread]	Current Thread	[Next in Thread>
[Snort-sigs] Sourcefire VRT Certified Rules Update, Sourcefire VRT [Snort-sigs] Sourcefire VRT Certified Rules Update, Sourcefire VRT [Snort-sigs] Sourcefire VRT Certified Rules Update, Sourcefire VRT [Snort-sigs] Sourcefire VRT Certified Rules Update, Sourcefire VRT <= [Snort-sigs] Sourcefire VRT Certified Rules Update, Sourcefire VRT [Snort-sigs] Sourcefire VRT Certified Rules Update, Sourcefire VRT

Previous by Date:	[Snort-sigs] Bleedingsnort.com Daily Update, bleeding
Next by Date:	[Snort-sigs] Bleedingsnort.com Daily Update, bleeding
Previous by Thread:	[Snort-sigs] Sourcefire VRT Certified Rules Update, Sourcefire VRT
Next by Thread:	[Snort-sigs] Sourcefire VRT Certified Rules Update, Sourcefire VRT
Indexes:	[Date] [Thread] [Top] [All Lists]