Snort mailing list archives
Community Rule Update
From: Alex Kirk <alex.kirk () sourcefire com>
Date: Fri, 01 Apr 2005 14:36:17 -0500
This message is to announce the availability of an update for the Sourcefire community rule set, which can be downloaded free of cost or registration from http://www.snort.org/pub-bin/downloads.cgi.
New rules in this release are identified as SIDs 100000125-100000132. They cover several vulnerabilities, including buffer overflows against the Sentinel License Manager and the GoodTech telnet server, remote script injection in the PHP Form Mail package, and denials of service against Cisco IOS HTTP servers and the PY Software Active Webcam Websever.
Additionally, user Alexandru Ionica <gremlin () networked ro> submitted a rule which looks for rogue proxy servers running in an organization's network. Anyone who wishes to submit rules may do so at http://www.snort.org/reg-bin/rulesubmit.cgi.
Alex Kirk Community Rules Maintainer Sourcefire, Inc. ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Community Rule Update Alex Kirk (Apr 02)
- <Possible follow-ups>
- Community Rule Update Alex Kirk (Apr 05)