Sourcefire VRT Rules Update

Date: 2008-07-15

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.7.

The format of the file is:

sid - Message (rule group)

New rules:
13898 <-> POLICY iTunes client request for server info (policy.rules)
13899 <-> POLICY iTunes client login attempt (policy.rules)
13900 <-> POLICY iTunes server multicast DNS response (policy.rules)
13901 <-> NETBIOS SMB server response heap overflow attempt (netbios.rules)
13915 <-> WEB-MISC backup file download attempt (web-misc.rules)
13916 <-> EXPLOIT Alt-N SecurityGateway username buffer overflow attempt (exploit.rules)
13917 <-> WEB-CLIENT Apple QuickTime MOV file string handling integer overflow attempt (web-client.rules)
13918 <-> WEB-CLIENT Apple QuickTime MOV file string handling integer overflow attempt (web-client.rules)
13919 <-> WEB-CLIENT Apple QuickTime MOV file string handling integer overflow attempt (web-client.rules)
13920 <-> WEB-CLIENT Apple Quicktime Obji Atom parsing stack buffer overflow attempt (web-client.rules)