Sourcefire VRT Rules Update

Date: 2008-11-11

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.8.

The format of the file is:

sid - Message (rule group)

New rules:
15013 <-> WEB-MISC Adobe Portable Document Format file download attempt (web-misc.rules)
15014 <-> WEB-CLIENT Adobe Reader and Acrobat util.printf buffer overflow attempt (web-client.rules)

Updated rules:
3693 <-> WEB-MISC IBM WebSphere j_security_check overflow attempt (web-misc.rules)
6469 <-> EXPLOIT RealVNC connection attempt (exploit.rules)
6470 <-> EXPLOIT RealVNC authentication types sent attempt (exploit.rules)
6471 <-> EXPLOIT RealVNC password authentication bypass vulnerability attempt (exploit.rules)