Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Snort-Signatures
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Snort-sigs] Sourcefire VRT Certified Snort Rules Update

from [research] Network Security [Permanent Link]
Subject: [Snort-sigs] Sourcefire VRT Certified Snort Rules Update
Date: Wed, 12 Dec 2007 01:00:19 -0500 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sourcefire VRT Certified Snort Rules Update

Synopsis:
The Sourcefire VRT is aware of multiple vulnerabilities affecting Microsoft 
products.

Details:
Microsoft Security Bulletin (MS07-063):
A vulnerability in the Microsoft implementation of Server Message Block Version 
2 (SMBv2) may allow a remote attacker to execute code of their choosing on an 
affected system.

Rules to detect attacks targeting this vulnerability are included in this 
release and are identified as SIDs 12946 and 12947.

Microsoft Security Bulletin (MS07-064):
Microsoft DirectX suffers from a programming error that may allow a remote 
attacker to execute code on a vulnerable machine with the privileges of the 
current user.

Rules to detect attacks targeting this vulnerability are included in this 
release and are identified as SIDs 12971 and 12983.

Microsoft Security Bulletin (MS07-065):
Microsoft Message Queuing Service (MSMQ) fails to correctly validate user input 
before copying to a fixed length buffer. This may allow a remote attacker to 
execute code on a vulnerable system.

Rules to detect attacks targeting this vulnerability are included in this 
release and are identified as SIDs 12977 through 12982.

Microsoft Security Bulletin (MS07-068):
Microsoft Windows Media Format Runtime suffers from a programming error that 
may allow a remote attacker to execute code on a vulnerable system via a 
malformed Advanced Systems Format (ASF) file.

A rule to detect attacks targeting this vulnerability is included in this 
release and is identified as SID 12972.

Microsoft Security Bulletin (MS07-069):
Microsoft Internet Explorer may allow a remote attacker to execute code on a 
vulnerable system via ActiveX controls.

Rules to detect attacks targeting this vulnerability are included in this 
release and are identified as SIDs 12948 through 12970.

Additionally, previously released rules will also detect attacks targeting this 
vulnerability and are identified as SIDs 4167 and 12393 through 12412.

For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2007-12-11.html

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Cygwin)

iD8DBQFHX10doFlcG+k7cPwRAs0uAKDNljplFykjSvkmDxie2cvdDlyfngCeIKvV
2Stbwpy86Gf4Pu+2GxSwMXg=
=eUMK
-----END PGP SIGNATURE-----


-------------------------------------------------------------------------
SF.Net email is sponsored by: 
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://sourceforge.net/services/buy/index.php
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Snort-sigs] HELP: More explanation for sid:10135, Paul Schmehl
Next by Date:  [Snort-sigs] Bleeding Edge Threats Daily Signature Changes, bleeding
Previous by Thread:  [Snort-sigs] Sourcefire VRT Certified Snort Rules Update, research
Next by Thread:  [Snort-sigs] Sourcefire VRT Certified Snort Rules Update, research
Indexes:  [Date] [Thread] [Top] [All Lists]