-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Sourcefire VRT Certified Snort Rules Update
Synopsis:
The Sourcefire VRT is aware of vulnerabilities affecting Trend Micro
ServerProtect. Additional rules have been added to the spyware-put, backdoor
and policy rule groups.
Details:
Trend Micro ServerProtect Buffer Overflows CVE-2007-4218:
Multiple buffer overflows in the ServerProtect service (SpntSvc.exe) in Trend
Micro ServerProtect for Windows before Security Patch 4 allow remote attackers
to execute arbitrary code via certain RPC requests to certain TCP ports.
More information is available from
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4218.
Rules to detect attacks targeting this vulnerability are included in this
release and are identified as SIDs 12309 through 12347.
As a result of ongoing research, the Sourcefire VRT has added multiple rules to
the spyware-put, backdoor and policy rule groups.
For a complete list of new and modified rules please see:
http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2007-08-28.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Cygwin)
iD8DBQFG1DFioFlcG+k7cPwRAhcYAJ4nq4eSex2KsXj82gRvz7Pr9f8ERACfWm3B
SxNih2thDrsq+wz+StLW8yQ=
=8AcQ
-----END PGP SIGNATURE-----
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
