Snort :: Changes 2009-01-20

Sourcefire VRT Rules Update

Date: 2009-01-20

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.7.

The format of the file is:

sid - Message (rule group, priority)

New rules:
15236 <-> WEB-CLIENT ACD Systems ACDSee XPM file format overflow attempt (web-client.rules, High)
15237 <-> WEB-MISC Java .class file download attempt (web-misc.rules, Low)
15238 <-> SPECIFIC-THREATS Apple QuickTime for Java toQTPointer function memory corruption attempt (specific-threats.rules, High)
15239 <-> WEB-MISC RealMedia format file download attempt (web-misc.rules, Low)
15240 <-> WEB-MISC RealMedia format file download attempt (web-misc.rules, Low)
15241 <-> MULTIMEDIA VideoLAN VLC real.c ReadRealIndex real demuxer integer overflow attempt (multimedia.rules, High)
15242 <-> WEB-CLIENT HP OpenView Network Node Manager Toolbar.exe HTTP request buffer overflow attempt (web-client.rules, High)

Snort

Sourcefire VRT Rules Update

Date: 2009-01-20

Snort Links

Community

Sourcefire