Snort mailing list archives
Citrix CVE-2019-19781
From: Rees Bevan via Snort-sigs <snort-sigs () lists snort org>
Date: Tue, 14 Jan 2020 18:01:39 -0700
Hello list, The Talos blog post here: https://blog.talosintelligence.com/2020/01/snort-rules-cve-2019-19781.html mentions three rules, signatures 52512, 52513, and 52603. The blog indicates that the rules have been available since 12/24/19. My environment includes Sourcefire NGIPS and snort sensors running with the VRT subscription. I cannot locate these rules in either place. We are using "Security over Connectivity" on both the pulledpork config and the NGIPS config. I have grepped the rules files on our snort sensors and I see current rules, but not 52512, 52513, and 52603. On the NGIPS, I have sorted the intrusion rules by priority and tried searching by signatures and keywords, but no luck. Where should I be looking for these rules? Rees Bevan, CISSP, GCIA, MCSE rbevan () swcp com
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists snort org https://lists.snort.org/mailman/listinfo/snort-sigs Please visit http://blog.snort.org for the latest news about Snort! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!
Current thread:
- Citrix CVE-2019-19781 Rees Bevan via Snort-sigs (Jan 14)
- Re: Citrix CVE-2019-19781 Joel Esler (jesler) via Snort-sigs (Jan 14)
- Re: Citrix CVE-2019-19781 Rees Bevan via Snort-sigs (Jan 14)
- Re: Citrix CVE-2019-19781 Joel Esler (jesler) via Snort-sigs (Jan 15)
- Re: Citrix CVE-2019-19781 Rees Bevan via Snort-sigs (Jan 15)
- Re: Citrix CVE-2019-19781 Joel Esler (jesler) via Snort-sigs (Jan 15)
- Re: Citrix CVE-2019-19781 rbevan via Snort-sigs (Jan 15)
- Re: Citrix CVE-2019-19781 Joel Esler (jesler) via Snort-sigs (Jan 15)
- Re: Citrix CVE-2019-19781 Rees Bevan via Snort-sigs (Jan 14)
- Re: Citrix CVE-2019-19781 Joel Esler (jesler) via Snort-sigs (Jan 14)