Sourcefire VRT Rules Update

Date: 2010-09-10

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.9.0.0.

The format of the file is:

sid - Message (rule group, priority)

New rules:
17234 <-> SPECIFIC-THREATS VBMania mass mailing worm activity (specific-threats.rules, High)
17235 <-> SPECIFIC-THREATS VBMania mass mailing worm download attempt (specific-threats.rules, High)
17236 <-> WEB-CLIENT Mozilla Firefox nsPropertyTable PropertyList memory corruption attempt (web-client.rules, High)
17237 <-> WEB-CLIENT XBM file download (web-client.rules, Low)
17238 <-> WEB-CLIENT ACD Systems ACDSee Products XBM file handling buffer overflow attempt (web-client.rules, High)
17239 <-> IMAP Alt-N MDaemon IMAP server CREATE command buffer overflow attempt (imap.rules, Medium)
17240 <-> IMAP Alt-N MDaemon IMAP server CREATE command buffer overflow attempt (imap.rules, Medium)