Snort mailing list archives
Re: Apache Struts Vulnerabilities
From: Yap Ji Wen <jwyap1016 () gmail com>
Date: Tue, 6 Aug 2013 12:04:54 +0800
Hi Joel, Thank you for the response and confirmation. Very much appreciated. Rgds, Jiwen On Mon, Aug 5, 2013 at 10:20 PM, Joel Esler <jesler () sourcefire com> wrote:
We are working on coverage on these now. On Sun, Aug 4, 2013 at 10:59 PM, Yap Ji Wen <jwyap1016 () gmail com> wrote:Hi Waldo Kitty, Thank you for the response! Yes I did a grep on all Struts related signatures, including those without CVE references, but I could not find any coverage for CVE-2013-2135<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2135> CVE-2013-2134<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2134> Hence wanted to double confirm if there really is no coverage for them yet. Regards On Sun, Aug 4, 2013 at 5:53 PM, waldo kitty <wkitty42 () windstream net>wrote:On 8/4/2013 03:10, Yap Ji Wen wrote:I understand VRT already has 2251 covered, Though I would like furtherfind outf the rest of the CVEs as above are also covered? If so, could anyonekindlypoint me to the specific sigs?have you tried grep? the following will show you all the rules in your rules sets with CVE-2013-* references... grep -i -E "reference:\W*cve,2013-....;" /path/to/your/*rules*/*.rules that can be refined to list only the CVEs like so... grep -hio -E "reference:\W*cve,2013-....;" /path/to/your/*rules*/*.rules for the sake of clarity, the vulnerabilities you speak of may be detected but simply do not have the CVE reference in them... it could be that the rule was written before the CVE was announced and it simply has not been revisited and updated to reflect the CVE reference... -- NOTE: No off-list assistance is given without prior approval. Please keep mailing list traffic on the list unless private contact is specifically requested and granted. ------------------------------------------------------------------------------ Get your SQL database under version control now! Version control is standard for application code, but databases havent caught up. So what steps can you take to put your SQL databases under version control? Why should you start doing it? Read more to find out. http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!------------------------------------------------------------------------------ Get your SQL database under version control now! Version control is standard for application code, but databases havent caught up. So what steps can you take to put your SQL databases under version control? Why should you start doing it? Read more to find out. http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!-- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire
------------------------------------------------------------------------------ Get your SQL database under version control now! Version control is standard for application code, but databases havent caught up. So what steps can you take to put your SQL databases under version control? Why should you start doing it? Read more to find out. http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktrk
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Apache Struts Vulnerabilities Yap Ji Wen (Aug 04)
- Re: Apache Struts Vulnerabilities waldo kitty (Aug 04)
- Re: Apache Struts Vulnerabilities Yap Ji Wen (Aug 04)
- Re: Apache Struts Vulnerabilities Joel Esler (Aug 05)
- Re: Apache Struts Vulnerabilities Yap Ji Wen (Aug 05)
- Re: Apache Struts Vulnerabilities Joel Esler (Aug 06)
- Re: Apache Struts Vulnerabilities Yap Ji Wen (Aug 06)
- Re: Apache Struts Vulnerabilities Yap Ji Wen (Aug 04)
- Re: Apache Struts Vulnerabilities waldo kitty (Aug 04)