Snort mailing list archives
Re: MS Access Snapshot Viewer zero day
From: Nigel Houghton <nigel () sourcefire com>
Date: Wed, 09 Jul 2008 11:38:51 -0400
On 7/9/08 11:00 AM, "Tommy Cansanay" <toortog () gmail com> wrote:
Anybody detected this yet? http://www.microsoft.com/technet/security/advisory/955179.mspx Initial look shows... http://pstgroup.blogspot.com/2008/07/exploitmicrosoft-office-snapshot-viewer.h tml (but I guess this is a PoC). Next question: Anybody seen/created an initial sig yet (either here or at ET?) Not sure if there's any relation, but closest search I found related to MSAccess ActiveX is http://www.snort.org/pub-bin/sigs.cgi?sid=4229
http://www.snort.org/vrt/docs/ruleset_changelogs/CURRENT/changes-2008-07-08. html -- Nigel Houghton Resident Hooligan SF VRT ------------------------------------------------------------------------- Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW! Studies have shown that voting for your favorite open source project, along with a healthy diet, reduces your potential for chronic lameness and boredom. Vote Now at http://www.sourceforge.net/community/cca08 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- MS Access Snapshot Viewer zero day Tommy Cansanay (Jul 09)
- Re: MS Access Snapshot Viewer zero day Nigel Houghton (Jul 09)