Snort mailing list archives
Re: Apache Struts Vulnerabilities
From: waldo kitty <wkitty42 () windstream net>
Date: Sun, 04 Aug 2013 05:53:42 -0400
On 8/4/2013 03:10, Yap Ji Wen wrote:
I understand VRT already has 2251 covered, Though I would like further find out f the rest of the CVEs as above are also covered? If so, could anyone kindly point me to the specific sigs?
have you tried grep? the following will show you all the rules in your rules sets with CVE-2013-* references... grep -i -E "reference:\W*cve,2013-....;" /path/to/your/*rules*/*.rules that can be refined to list only the CVEs like so... grep -hio -E "reference:\W*cve,2013-....;" /path/to/your/*rules*/*.rules for the sake of clarity, the vulnerabilities you speak of may be detected but simply do not have the CVE reference in them... it could be that the rule was written before the CVE was announced and it simply has not been revisited and updated to reflect the CVE reference... -- NOTE: No off-list assistance is given without prior approval. Please keep mailing list traffic on the list unless private contact is specifically requested and granted. ------------------------------------------------------------------------------ Get your SQL database under version control now! Version control is standard for application code, but databases havent caught up. So what steps can you take to put your SQL databases under version control? Why should you start doing it? Read more to find out. http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Apache Struts Vulnerabilities Yap Ji Wen (Aug 04)
- Re: Apache Struts Vulnerabilities waldo kitty (Aug 04)
- Re: Apache Struts Vulnerabilities Yap Ji Wen (Aug 04)
- Re: Apache Struts Vulnerabilities Joel Esler (Aug 05)
- Re: Apache Struts Vulnerabilities Yap Ji Wen (Aug 05)
- Re: Apache Struts Vulnerabilities Joel Esler (Aug 06)
- Re: Apache Struts Vulnerabilities Yap Ji Wen (Aug 06)
- Re: Apache Struts Vulnerabilities Yap Ji Wen (Aug 04)
- Re: Apache Struts Vulnerabilities waldo kitty (Aug 04)