Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Snort Subscriber Rules Update 2023-03-14

From: Research <research () sourcefire com>
Date: Tue, 14 Mar 2023 19:50:07 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Talos Snort Subscriber Rules Update

Synopsis:
Talos is aware of vulnerabilities affecting products from Microsoft
Corporation.

Details:
Microsoft Vulnerability CVE-2023-23410:
A coding deficiency exists in Microsoft Windows HTTP.sys that may lead
to an escalation of privilege.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with:
Snort 2: GID 1, SIDs 61464 through 61465,
Snort 3: GID 1, SID 300460.

Microsoft Vulnerability CVE-2023-23416:
A coding deficiency exists in Windows Cryptographic Services that may
lead to remote code execution.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with:
Snort 2: GID 1, SIDs 61466 through 61467,
Snort 3: GID 1, SID 300461.

Talos also has added and modified multiple rules in the deleted,
malware-other, os-windows, policy-other, protocol-scada and
server-webapp rule sets to provide coverage for emerging threats from
these technologies.


For a complete list of new and modified rules please see:

https://www.snort.org/advisories
-----BEGIN PGP SIGNATURE-----

iQIcBAEBAgAGBQJkEM/qAAoJEMzg39Iewam/8eQP/Rp1ipyQbkmJlrk06cQcUgoZ
gTMwSDJy88qUXno/DIysfjWbj5kjcoP8tM7yuJ1kSmSUbhv+Nd9s38r6NVcE8CaD
BKKB+WEEXyHDK3r4CutN012P7iNvH988eRXrpwzYrEjsBdB33H/aw2MrPnBKpifu
E3OUNbak6S0vQTq8xzz0Wn3hTSS+DJYR0lvujEMOX4/dQyvwwNgDRh0AHzKEmsEF
R4qYPsn02DNezNk7XPe6N3JLqWigqHc2SuKK7BXec6tPyLWOwjz9ifafKwI6W+CM
RhDZz6gLBvtgEyow8EPXxDNjgUVG/Z+7y0rVnT3f4x8R6MOs8TLIRe7UQ4/dpV0c
dyUuLLHdh3aUE3z2QMqo5W9lz9BU0PnuHvvfseNuFQzVuNcogWFBDdaBeCw0M//c
6nVwIbdhVPJTXU8daZkxx1cHTOcaqSmZu8oRRyvoJWg199TE0M/msmpjideQz+uo
KsgLM6AQFQuvIAPHCebnw17mnANNJIe31IrFWtYjAZQM+gpfOVfvZhu4tp2f3/s/
+aFY6yIoP7lS5S+oR4P2DtV2uQ9hg0pCMfl8jPo6LyQhabL7MgwcqOlrthr6/jDE
Co/E45jnkNI1K0KL/CdYaROrotCqULfryIgHLszutj7B+GKAEdCTwFreQGqc+F73
wL6VMve5hfpwIyOeluKg
=WNaM
-----END PGP SIGNATURE-----

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort org
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!
Previous By Date Next
Previous By Thread Next

Current thread: