Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Sourcefire VRT Certified Snort Rules Update 2011-11-07

From: Research <research () sourcefire com>
Date: Mon, 7 Nov 2011 15:21:55 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Sourcefire VRT Certified Snort Rules Update

Synopsis:
The Sourcefire VRT is aware of a vulnerability affecting hosts using
the Microsoft Windows operating system.

Details:
Microsoft Security Advisory (2639658):
The Microsoft Windows TrueType font parsing engine contains a
vulnerability that may allow a remote attacker to execute code on an
affected system. A succesful exploitation of this vulnerability may
allow the attacker to execute code in kernel mode. This vulnerability
is also related to the Duqu malware.

A rule to detect attacks targeting this vulnerability is included in
this release and is identified with GID 3, SID 20539.

For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2011-11-07.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFOuD3jaBoqZBVJfwMRAijNAJ4yOFdL/V2CFglhG9RPvXNFedh5aQCfTTA/
gHwQDTqtv4MaT4dFBeKy3r0=
=ARH6
-----END PGP SIGNATURE-----


------------------------------------------------------------------------------
RSA(R) Conference 2012
Save $700 by Nov 18
Register now
http://p.sf.net/sfu/rsa-sfdev2dev1
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: