Snort mailing list archives
apparent discrepancies at http://www.snort.org/vrt/
From: Tim Maletic <tmaletic () gmail com>
Date: Thu, 12 Feb 2009 14:09:01 -0500
At http://www.snort.org/vrt/advisories/vrt-rules-2009-02-10.html, we see the following GID|SIDs listed: GID 3, SIDs 15304 and 15305. GID 3, SIDs 15301 and 15302. GID 1, SIDs 15127 through 15144. GID 3, SIDs 15298, 15299 and 15303. But at http://www.snort.org/vrt/docs/ruleset_changelogs/2_8/changes-2009-02-10.html, we see this list: New rules: 15307 <-> WEB-ACTIVEX Microsoft Animation Control ActiveX clsid access (web-activex.rules, High) 15308 <-> WEB-ACTIVEX Microsoft Animation Control ActiveX clsid unicode access (web-activex.rules, High) 15309 <-> WEB-ACTIVEX Microsoft Animation Control ActiveX function call access (web-activex.rules, High) 15310 <-> WEB-ACTIVEX Microsoft Animation Control ActiveX function call unicode access (web-activex.rules, High) 15311 <-> WEB-ACTIVEX Research In Motion AxLoader ActiveX clsid access (web-activex.rules, High) 15312 <-> WEB-ACTIVEX Research In Motion AxLoader ActiveX clsid unicode access (web-activex.rules, High) 15313 <-> WEB-ACTIVEX Research In Motion AxLoader ActiveX function call access (web-activex.rules, High) 15314 <-> WEB-ACTIVEX Research In Motion AxLoader ActiveX function call unicode access (web-activex.rules, High) 15315 <-> WEB-ACTIVEX Akamai DownloadManager ActiveX clsid access (web-activex.rules, High) 15316 <-> WEB-ACTIVEX Akamai DownloadManager ActiveX clsid unicode access (web-activex.rules, High) 15317 <-> WEB-ACTIVEX Akamai DownloadManager ActiveX function call access (web-activex.rules, High) 15318 <-> WEB-ACTIVEX Akamai DownloadManager ActiveX function call unicode access (web-activex.rules, High) Can someone explain the discrepancy? Why do the SIDs in the advisory not appear in the changelog? -tm ------------------------------------------------------------------------------ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- apparent discrepancies at http://www.snort.org/vrt/ Tim Maletic (Feb 12)
- Re: apparent discrepancies at http://www.snort.org/vrt/ Nigel Houghton (Feb 12)
- Re: apparent discrepancies at http://www.snort.org/vrt/ Tim Maletic (Feb 12)
- Re: apparent discrepancies at http://www.snort.org/vrt/ Nigel Houghton (Feb 12)
- Re: apparent discrepancies at http://www.snort.org/vrt/ Tim Maletic (Feb 12)
- Re: apparent discrepancies at http://www.snort.org/vrt/ Nigel Houghton (Feb 12)