Sourcefire VRT Certified Snort Rules Update 2012-03-22

[Research <research () sourcefire com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Sourcefire VRT Certified Snort Rules Update

Synopsis:
This release adds and modifies rules in several categories.

Details:
Microsoft Security Advisory MS12-020:
Microsoft Windows Remote Desktop suffers from programming errors that
may allow a remote attacker to execute code on a vulnerable system.

A rule identified with GID 3, SID 21619 has been added in this release
in order to improve detection of attacks and to improve performance.

This rule replaces the rules identified with GID 1, SIDs 21571, 21572
and 21592. These rules have been deleted in this release.

Additionally, the Sourcefire VRT has added and modified multiple rules
in the backdoor, chat, dns, dos, exploit, file-identify, imap, misc,
netbios, policy, pop3, scada, shellcode, smtp, specific-threats, sql,
web-activex, web-client and web-php rule sets to provide coverage for
emerging threats from these technologies.

For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2012-03-22.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFPa22ZaBoqZBVJfwMRAvhZAKCu1MFHygi5J8cVtEws7g0lzvGZkQCfdxT7
4Y/7z/4yU284sYHe+u85yPc=
=Ubs/
-----END PGP SIGNATURE-----


------------------------------------------------------------------------------
This SF email is sponsosred by:
Try Windows Azure free for 90 days Click Here 
http://p.sf.net/sfu/sfd2d-msazure
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!