Snort :: Changes 2009-04-21

Sourcefire VRT Rules Update

Date: 2009-04-21

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version CURRENT.

The format of the file is:

sid - Message (rule group, priority)

New rules:
15476 <-> VIRUS Waledac spam bot HTTP POST request (virus.rules, Low)
15477 <-> EXPLOIT Oracle BEA WebLogic overlong JESSIONID buffer overflow attempt (exploit.rules, Medium)
15478 <-> SPECIFIC-THREATS Adobe Flash Player invalid object reference code execution attempt (specific-threats.rules, High)
15479 <-> EXPLOIT RealNetworks Helix Server RTSP Request Proxy-Require header heap buffer overflow attempt (exploit.rules, High)

Snort

Sourcefire VRT Rules Update

Date: 2009-04-21

Snort Links

Community

Sourcefire