Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Sourcefire VRT Certified Snort Rules Update 2015-01-13

From: Research <research () sourcefire com>
Date: Tue, 13 Jan 2015 19:45:24 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Sourcefire VRT Certified Snort Rules Update

Synopsis:
The VRT is aware of vulnerabilities affecting products from Microsoft
Corporation.

Details:
Microsoft Security Bulletin MS15-001:
A coding deficiency exists in Microsoft Windows that may lead to an
escalation of privilege.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 32965 through 32966.

Microsoft Security Bulletin MS15-002:
A coding deficiency exists in Microsoft Telnet Server that may lead to
remote code execution.

A rule to detect attacks targeting this vulnerability is included in
this release and is identified with GID 1, SID 33050.

Microsoft Security Bulletin MS15-004:
A coding deficiency exists in the Microsoft CTSWebProxy ActiveX control
that may lead to an escalation of privilege.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 33051 through 33052.

Microsoft Security Bulletin MS15-007:
A coding deficiency exists in Microsoft RADIUS services on domain
controllers that may lead to a Denial of Service (DoS).

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 33048 through 33049.

Microsoft Security Bulletin MS15-008:
A coding deficiency exists in Microsoft WebDAV that may lead to an
escalation of privilege.

A rule to detect attacks targeting this vulnerability is included in
this release and is identified with GID 3, SID 33053.

The VRT has added and modified multiple rules in the blacklist,
browser-plugins, file-multimedia and protocol-telnet rule sets to
provide coverage for emerging threats from these technologies.

For a complete list of new and modified rules please see:

https://www.snort.org/advisories
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFUtXVLQLjqI2QiHVMRAhh0AJ0QCcKN0QaaVSeK+U1Yl+/2fLgXWACdG6gq
CvpeEm77MyCgQD0HVyuc/2M=
=msjh
-----END PGP SIGNATURE-----


------------------------------------------------------------------------------
New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
GigeNET is offering a free month of service with a new server in Ashburn.
Choose from 2 high performing configs, both with 100TB of bandwidth.
Higher redundancy.Lower latency.Increased capacity.Completely compliant.
http://p.sf.net/sfu/gigenet
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: