Snort :: Changes 2008-07-11

Sourcefire VRT Rules Update

Date: 2008-07-11

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version CURRENT.

The format of the file is:

sid - Message (rule group)

New rules:
13912 <-> SPECIFIC-THREATS isComponentInstalled Metasploit attack attempt (specific-threats.rules)
13913 <-> WEB-CLIENT AcroPDF.PDF ActiveX function call access (web-client.rules)
13914 <-> WEB-CLIENT AcroPDF.PDF ActiveX function call unicode access (web-client.rules)

Updated rules:
4678 <-> WEB-CLIENT quicktime movie file transfer (web-client.rules)
7020 <-> WEB-CLIENT isComponentInstalled function buffer overflow (web-client.rules)
9626 <-> WEB-CLIENT AcroPDF.PDF ActiveX clsid access (web-client.rules)
9627 <-> WEB-CLIENT AcroPDF.PDF ActiveX clsid unicode access (web-client.rules)

Snort

Sourcefire VRT Rules Update

Date: 2008-07-11

Snort Links

Community

Sourcefire