Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Snort-Signatures
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Snort-sigs] Snort Community Rules Update

from [Sourcefire VRT] Network Security [Permanent Link]
Subject: [Snort-sigs] Snort Community Rules Update
Date: Fri, 27 Apr 2007 15:31:34 -0400 
This message is to announce the availability of an update for the Sourcefire 
community rule set, which can be downloaded free of cost or registration from 
http://www.snort.org/pub-bin/downloads.cgi.

New rules in this release are identified as SIDs 100000928-100000934. These 
rules cover a buffer overflow against the LANDesk Management Suite Alerting 
Service; an SQL injection attack agains the Xoops portal; and remote file 
inclusion attacks against the Drake CMS, Softerra Time-Assistant, and Aardvark 
web applications. Additionally, an update was made to SID 10000129 to make 
detection more accurate.

Sourcefire would like to thank Jared Braverman for submitting the update to SID 
100000129. As a reminder, anyone who wishes to submit rules or updates to 
existing rules may do so at http://www.snort.org/reg-bin/rulesubmit.cgi.

A list of modified rules and their SIDs follows.

Alex Kirk
Community Rules Maintainer
Sourcefire, Inc.

100000129 || COMMUNITY WEB-MISC Cisco IOS HTTP Router Management Service 
Infinite Loop DoS
100000928 || COMMUNITY EXPLOIT LANDesk Management Suite Alerting Service buffer 
overflow 
100000929 || COMMUNITY WEB-PHP Xoops module Articles SQL Injection Exploit 
100000930 || COMMUNITY WEB-PHP Drake CMS 404.php Local File Include 
Vulnerability 
100000931 || COMMUNITY WEB-PHP Softerra Time-Assistant remote include attempt 
100000932 || COMMUNITY WEB-PHP Softerra Time-Assistant remote include attempt 
100000933 || COMMUNITY WEB-PHP Aardvark button/settings_sql.php File Include 
Vulnerability 
100000934 || COMMUNITY WEB-PHP Aardvark button/new_day.php File Include 
Vulnerability 


-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Snort-sigs] Bleeding Edge Threats Daily Signature Changes, bleeding
Next by Date:  [Snort-sigs] Sourcefire VRT Certified Rules Update, Sourcefire VRT
Previous by Thread:  [Snort-sigs] Snort Community Rules Update, Alex Kirk
Next by Thread:  [Snort-sigs] revised edonkey sigs using flowbits, Russell Fulton
Indexes:  [Date] [Thread] [Top] [All Lists]