Documents

The following setup guides have been contributed by members of the Snort Community for your use. Comments and questions on these documents should be submitted directly to the author by clicking on their names below.


Latest rule documents - Search
1-50458
This event is generated when there is a HiddenWasp initial deployment script download attempt.
1-50457
This event is generated when there is a HiddenWasp initial deployment script download attempt.
1-50456
This event is generated when there is a HiddenWasp trojan variant outbound connection.
1-50455
This event is generated when an IBM WebSphere Application Server remote code execution attempt is detected. An attacker can upload and run an executable file through this vulnerability.
1-50454
Summary: DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 allows remote attackers to execute arbitrary code via a crafted GIF file, aka "DirectShow Arbitrary Memory Overwrite Vulnerability." Impact: CVSS base score 9.3 CVSS impact score 10.0 CVSS exploitability score 8.6 confidentialityImpact COMPLETE integrityImpact COMPLETE availabilityImpact COMPLETE Detailed Information: Affected Systems: microsoft windows_7 * microsoft windows_8 - microsoft windows_server_2003 * microsoft windows_server_2008 * microsoft windows_server_2008 r2 microsoft windows_server_2012 - microsoft windows_vista * microsoft windows_xp * microsoft windows_xp - Attack Scenarios: Ease of Attack: False Positives: None known False Negatives: None known Corrective Action: Contributors: Talos research team. This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology. For more information see [nvd].
1-50453
Summary: DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 allows remote attackers to execute arbitrary code via a crafted GIF file, aka "DirectShow Arbitrary Memory Overwrite Vulnerability." Impact: CVSS base score 9.3 CVSS impact score 10.0 CVSS exploitability score 8.6 confidentialityImpact COMPLETE integrityImpact COMPLETE availabilityImpact COMPLETE Detailed Information: Affected Systems: microsoft windows_7 * microsoft windows_8 - microsoft windows_server_2003 * microsoft windows_server_2008 * microsoft windows_server_2008 r2 microsoft windows_server_2012 - microsoft windows_vista * microsoft windows_xp * microsoft windows_xp - Attack Scenarios: Ease of Attack: False Positives: None known False Negatives: None known Corrective Action: Contributors: Talos research team. This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology. For more information see [nvd].