Sourcefire VRT Certified Snort Rules Update 2013-05-14

[Research <research () sourcefire com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Sourcefire VRT Certified Snort Rules Update

Synopsis:
The Sourcefire VRT is aware of vulnerabilities affecting products from
Microsoft Corporation.

Details:
Microsoft Security Advisory MS13-037:
Internet Explorer suffers from programming errors that may lead to
information disclosure or remote code execution.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 26624, 26625, 26629
through 26631, 26633 through 26638, 26641, and 26642.

Microsoft Security Advisory MS13-038:
Internet Explorer suffers from a programming error that may lead to
remote code execution.

Previously released rules will detect attacks targeting this
vulnerability and have been updated with the appropriate reference
information. They are included in this release and are identified with
GID 1, 26569, 26570, 26571, and 26572.

Microsoft Security Advisory MS13-039:
A programming error exists in the Windows 2012 Server HTTP subsystem
that may allow a remote attacker to cause a permanent Denial of Service
(DoS) against an affected system.

A rule to detect attacks targeting this vulnerability is included in
this release and is identified with GID 1, SID 26632.

Microsoft Security Advisory MS13-040:
The .NET Framework suffers from a programming error that may allow an
attacker to bypass XML authentication.

Rules to detect attacks targeting this vulnerability are included in
this release and are identified with GID 1, SIDs 26639 and 26640

Microsoft Security Advisory MS13-044:
Microsoft Visio suffers from a programming error that may expose
affected systems to information disclosure.

Rules to detect attacks targeting this vulnerability are included in
this release and are identified with GID 1, SIDs 26626 through 26628.

Microsoft Security Advisory MS13-045:
Microsoft Windows Live Essentials contains programming errors that may
expose affected systems to information disclosure.

Rules to detect attacks targeting this vulnerability are included in
this release and are identified with GID 1, SIDs 26622 and 26623/

Additionally, the Sourcefire VRT has added and modified multiple rules
in the browser-ie, browser-other, browser-plugins, exploit-kit,
file-office, file-other, indicator-obfuscation, malware-cnc,
policy-other and server-webapp rule sets to provide coverage for
emerging threats from these technologies.

For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2013-05-14.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFRkoXyQLjqI2QiHVMRAkqfAKCnMeWgRr/+KCW5VxQU8NnHLx94fACeNq7M
0IiMeFzmekedLNTmjWJI5U0=
=PVsM
-----END PGP SIGNATURE-----


------------------------------------------------------------------------------
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a single console and one unified framework. Download a free trial.
http://p.sf.net/sfu/alienvault_d2d
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!