Sourcefire VRT Certified Snort Rules Update 2010-09-23

[Research <research () sourcefire com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Sourcefire VRT Certified Snort Rules Update

Synopsis:
The Sourcefire VRT is aware of a vulnerability affecting Microsoft .NET
applications.

Details:
Microsoft .NET Framework Information Disclosure (CVE-2010-3332):
The Microsoft .NET Framework discloses enough information in error
responses that an attacker is able to decrypt and modify encrypted
data. The attacker is also able to forge cookies and obtain application
files via an Oracle padding attack.

Rules to detect attacks targeting this vulnerability are included in
this release and are identified with GID 3, SIDs 17428 and 17429.

Additionally, the Sourcefire VRT has added and modified multiple rules
in the chat, dos, exploit, ftp, icmp, imap, mysql, netbios, oracle,
shellcode, specific-threats tftp, web-activex, web-client and web-misc
rule sets to provide coverage for emerging threats from these
technologies.

For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2010-09-23.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFMm6tqQcQOxItLLaMRArwsAJ4r7mvpjnzoQpsMxSVdhavU+0hAKgCffSQB
+TFpz1QVGkhn3mtDlrM5noE=
=qYRE
-----END PGP SIGNATURE-----


------------------------------------------------------------------------------
Nokia and AT&T present the 2010 Calling All Innovators-North America contest
Create new apps & games for the Nokia N8 for consumers in  U.S. and Canada
$10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing
Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store 
http://p.sf.net/sfu/nokia-dev2dev
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs