-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Sourcefire VRT Certified Rules Update
Synopsis:
The Sourcefire VRT is aware of vulnerabilities affecting hosts using
Microsoft UPnP service and the Microsoft Agent.
Details:
Microsoft Security Bulletin (MS07-019):
Microsoft Universal Plug and Play does not correctly handle malformed
HTTP requests. This may allow an attacker to overflow a buffer and
execute code on a vulnerable host.
A rule to detect attacks targeting this vulnerability is included in
this release and is identified as SID 10475
Microsoft Security Bulletin (MS07-020):
Microsoft Agent does not correctly handle malformed URLs. This may
allow an attacker to cause a buffer overflow condition to occur and
subsequently, execute code on an affected system.
Previously released rules will generate events when attempts are made
to exploit this condition. These rules are identified as SIDs 4172 and
8846 through 8856. In addition, new rules are included in this release
to detect attacks targeting this vulnerability and are identified as
SIDs 10465 and 10474.
For a complete list of new and modified rules please see:
http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2007-04-10.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGHFQAoFlcG+k7cPwRApGhAJ0bWH8WQE+HYXgbhLVX9z3qT3pRmgCgzxyt
qGxcW996C8C8SX4GM3haOOk=
=qjXo
-----END PGP SIGNATURE-----
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
