Sourcefire VRT Rules Update

Date: 2010-08-12

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.8.6.1.

The format of the file is:

sid - Message (rule group, priority)

New rules:
17137 <-> WEB-MISC HP Intelligent Management Center information disclosure attempt (web-misc.rules, Medium)
17138 <-> EXPLOIT iSCSI target multiple implementations iSNS stack buffer overflow attempt (exploit.rules, High)
17139 <-> EXPLOIT Symantec Alert Management System HNDLRSVC arbitrary command execution attempt (exploit.rules, High)
17140 <-> WEB-MISC OpenView Network Node Manager OvJavaLocale buffer overflow attempt (web-misc.rules, High)

Updated rules:
13911 <-> WEB-CLIENT Microsoft search file download attempt (web-client.rules, Low)
16785 <-> SPECIFIC-THREATS AwingSoft Winds3D Player SceneURL method command execution attempt (specific-threats.rules, High)