Snort mailing list archives
Sourcefire VRT Certified Snort Rules Update 2013-05-14
From: Research <research () sourcefire com>
Date: Tue, 14 May 2013 14:44:02 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sourcefire VRT Certified Snort Rules Update Synopsis: The Sourcefire VRT is aware of vulnerabilities affecting products from Microsoft Corporation. Details: Microsoft Security Advisory MS13-037: Internet Explorer suffers from programming errors that may lead to information disclosure or remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 26624, 26625, 26629 through 26631, 26633 through 26638, 26641, and 26642. Microsoft Security Advisory MS13-038: Internet Explorer suffers from a programming error that may lead to remote code execution. Previously released rules will detect attacks targeting this vulnerability and have been updated with the appropriate reference information. They are included in this release and are identified with GID 1, 26569, 26570, 26571, and 26572. Microsoft Security Advisory MS13-039: A programming error exists in the Windows 2012 Server HTTP subsystem that may allow a remote attacker to cause a permanent Denial of Service (DoS) against an affected system. A rule to detect attacks targeting this vulnerability is included in this release and is identified with GID 1, SID 26632. Microsoft Security Advisory MS13-040: The .NET Framework suffers from a programming error that may allow an attacker to bypass XML authentication. Rules to detect attacks targeting this vulnerability are included in this release and are identified with GID 1, SIDs 26639 and 26640 Microsoft Security Advisory MS13-044: Microsoft Visio suffers from a programming error that may expose affected systems to information disclosure. Rules to detect attacks targeting this vulnerability are included in this release and are identified with GID 1, SIDs 26626 through 26628. Microsoft Security Advisory MS13-045: Microsoft Windows Live Essentials contains programming errors that may expose affected systems to information disclosure. Rules to detect attacks targeting this vulnerability are included in this release and are identified with GID 1, SIDs 26622 and 26623/ Additionally, the Sourcefire VRT has added and modified multiple rules in the browser-ie, browser-other, browser-plugins, exploit-kit, file-office, file-other, indicator-obfuscation, malware-cnc, policy-other and server-webapp rule sets to provide coverage for emerging threats from these technologies. For a complete list of new and modified rules please see: http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2013-05-14.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFRkoXyQLjqI2QiHVMRAkqfAKCnMeWgRr/+KCW5VxQU8NnHLx94fACeNq7M 0IiMeFzmekedLNTmjWJI5U0= =PVsM -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Sourcefire VRT Certified Snort Rules Update 2013-05-14 Research (May 14)