Sourcefire VRT Rules Update

Date: 2009-07-28

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.8.

The format of the file is:

sid - Message (rule group, priority)

New rules:
15730 <-> SPECIFIC-THREATS Delf Trojan POST attempt (specific-threats.rules, High)

Updated rules:
2656 <-> WEB-MISC SSLv2 Client_Hello Challenge Length overflow attempt (web-misc.rules, High)
12421 <-> EXPLOIT RealNetworks Helix RTSP long transport header (exploit.rules, High)
13695 <-> EXPLOIT RealNetworks Helix RTSP long setup request exploit attempt (exploit.rules, High)
13901 <-> NETBIOS SMB server response heap overflow attempt (netbios.rules, High)
15166 <-> WEB-CLIENT VideoLAN VLC Media Player RealText buffer overflow attempt (web-client.rules, High)