Sourcefire VRT Rules Update
Date: 2010-11-09
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.9.0.1.
The format of the file is:
sid - Message (rule group, priority)
Updated rules: 5713 <-> WEB-CLIENT Windows Metafile invalid header size integer overflow (web-client.rules, High) 8470 <-> DELETED BACKDOOR superspy 2.0 beta runtime detection - get system info (deleted.rules, High) 8471 <-> DELETED BACKDOOR superspy 2.0 beta runtime detection - get system info 2 (deleted.rules, High) 8472 <-> DELETED BACKDOOR superspy 2.0 beta runtime detection - screen capture 2 (deleted.rules, High) 8473 <-> DELETED BACKDOOR superspy 2.0 beta runtime detection - screen capture (deleted.rules, High) 8474 <-> DELETED BACKDOOR superspy 2.0 beta runtime detection - processes/active windows manage 2 (deleted.rules, High) 8475 <-> DELETED BACKDOOR superspy 2.0 beta runtime detection - processes/active windows manage (deleted.rules, High) 12634 <-> EXPLOIT Microsoft Kodak Imaging large offset malformed tiff 2 (exploit.rules, High) 13363 <-> EXPLOIT Cisco Unified Communications Manager heap overflow attempt (exploit.rules, High)
