-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Sourcefire VRT Certified Snort Rules Update
Synopsis:
The Sourcefire VRT is aware of vulnerabilities affecting Samba, Skype and Apple
QuickTime.
Details:
Samba Buffer Overflow (CVE-2007-6015):
A stack based buffer overflow condition is present in nmbd in certain versions
of Samba. A remote attacker may be able to execute code on an affected system
via a GETDC mailslot request.
A rule to detect attacks targeting this vulnerability is included in this
release and is identified as SID 13291.
Skype Technologies Heap Corruption (CVE-2007-5989):
A programming error in the Skype URI handler may allow a remote attacker to
cause memory corruption, which may lead to code execution.
A rule to detect attacks targeting this vulnerability is included in this
release and is identified as SID 13292.
Apple QuickTime Buffer Overflow (CVE-2007-4675):
Apple QuickTime does not perform adequate checks on user supplied data in
QuickTime Virtual Reality movie files. A remote attacker may use this flaw to
cause a buffer overflow and execute code on an affected system.
A rule to detect attacks targeting this vulnerability is included in this
release and is identified as SID 13293.
For a complete list of new and modified rules please see:
http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2008-01-10.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Cygwin)
iD8DBQFHho7/oFlcG+k7cPwRAiSNAKC6wAfZTsVnp9Kc+/UTYumzLv5HrwCgnVUg
VCerEKaXu2VcCDqwAYm/OZk=
=zCg6
-----END PGP SIGNATURE-----
-------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
