Snort :: Changes 2008-10-28

Sourcefire VRT Rules Update

Date: 2008-10-28

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.7.

The format of the file is:

sid - Message (rule group)

New rules:
14773 <-> SPECIFIC-THREATS CA ARCserve LGServer handshake buffer overflow attempt (specific-threats.rules)
14777 <-> DNS single byte encoded name response (dns.rules)
14778 <-> WEB-CLIENT Dart Communications PowerTCP FTP ActiveX clsid access (web-client.rules)
14779 <-> WEB-CLIENT Dart Communications PowerTCP FTP ActiveX clsid unicode access (web-client.rules)
14780 <-> WEB-CLIENT Dart Communications PowerTCP FTP ActiveX function call access (web-client.rules)
14781 <-> WEB-CLIENT Dart Communications PowerTCP FTP ActiveX function call unicode access (web-client.rules)

Updated rules:
2381 <-> WEB-MISC Checkpoint Firewall-1 HTTP parsing format string vulnerability attempt (web-misc.rules)

Snort

Sourcefire VRT Rules Update

Date: 2008-10-28

Snort Links

Community

Sourcefire