-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Sourcefire VRT Certified Snort Rules Update
Synopsis:
The Sourcefire VRT is aware of a vulnerability affecting hosts using Microsoft
Excel. This release also includes additions to the spyware-put and backdoor
rule categories.
Details:
Microsoft Security Bulletin MS07-036:
A memory corruption vulnerability exists in the way Microsoft Excel processes
files. The vulnerability is a result of insufficient data validation while
processing the Version field in a BOF record. A remote attacker can exploit
this vulnerability by enticing the target user to open a crafted Excel file,
potentially causing arbitrary code to be injected and executed in the security
context of the current user.
A rule to detect attacks targeting this vulnerability is included in this
release and is identified as SID 12184.
In addition, as a result of ongoing research, the VRT has added rules to the
backdoor and spyware-put rule categories.
For a complete list of new and modified rules please see:
http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2007-08-01.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Cygwin)
iD8DBQFGsLzooFlcG+k7cPwRAri9AJ9vRyNFOJxb9gtx3OSv0wOVbtOJOgCdHrw3
AgbW+I9V5mmXESIxo3JX+BM=
=6H22
-----END PGP SIGNATURE-----
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
