Snort mailing list archives

Re: CVE-2016-1287

From: "Joel Esler (jesler)" <jesler () cisco com>
Date: Thu, 11 Feb 2016 22:02:17 +0000

It’s been available as a Shared Object rule to subscribers since late November, registered users (as a Shared Object 
rule) 30 days after that (late December), in the balanced (default to on) policy.   We just moved it from Shared Object 
to open yesterday.

As far as “does it cover IKEv1”, yes, it does.   We’ll get the msg updated.  Thanks.


--
Joel Esler
Manager, Talos Group




On Feb 11, 2016, at 3:12 PM, Elliot Anderson <new.http.451 () gmail com<mailto:new.http.451 () gmail com>> wrote:

Thanks Joel,

can you clarify how is it we have coverage for 2016 February 10 16:00  GMT published CVE since November? Also does it 
cover IKEv1 as well (as the sig 36903 naming suggest it is IKEv2).

Thanks,
Elliot


On 11 Feb 2016, at 19:58, Joel Esler (jesler) <jesler () cisco com<mailto:jesler () cisco com>> wrote:

Coverage has been out for this vulnerability since November.


--
Joel Esler
Manager, Talos Group




On Feb 11, 2016, at 10:27 AM, Elliot Anderson <new.http.451 () gmail com<mailto:new.http.451 () gmail com>> wrote:

Hello SF,

anything for coverage on CVE-2016-1287 with the upcomming SEU rollout?

Thanks,
Elliot
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net<mailto:Snort-sigs () lists sourceforge net>
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org<http://www.snort.org/>


Please visit http://blog.snort.org<http://blog.snort.org/> for the latest news about Snort!

------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!

Current thread:

CVE-2016-1287 Elliot Anderson (Feb 11)
- Re: CVE-2016-1287 Joel Esler (jesler) (Feb 11)
  - Re: CVE-2016-1287 James Lay (Feb 11)
    - Re: CVE-2016-1287 Y M (Feb 11)
    - Re: CVE-2016-1287 James Lay (Feb 11)
  - Re: CVE-2016-1287 Elliot Anderson (Feb 11)
    - Re: CVE-2016-1287 Joel Esler (jesler) (Feb 11)
    - Re: CVE-2016-1287 Elliot Anderson (Feb 11)