Sourcefire VRT Rules Update

Date: 2007-08-21

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.3.

The format of the file is:

sid - Message (rule group)

New rules:
12285 <-> WEB-CLIENT Excel Workspace file download (web-client.rules)
12286 <-> WEB-CLIENT PCRE character class double free overflow attempt (web-client.rules)

Updated rules:
12064 <-> WEB-IIS w3svc _vti_bin null pointer dereference attempt (web-iis.rules)
12277 <-> EXPLOIT Microsoft IE CSS memory corruption exploit (exploit.rules)
12279 <-> WEB-CLIENT Microsoft XML substringData integer overflow attept (web-client.rules)