Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Citrix CVE-2019-19781

From: Rees Bevan via Snort-sigs <snort-sigs () lists snort org>
Date: Tue, 14 Jan 2020 18:01:39 -0700
Hello list,

 

The Talos blog post here:
https://blog.talosintelligence.com/2020/01/snort-rules-cve-2019-19781.html
mentions three rules, signatures  52512, 52513, and 52603.  The blog
indicates that the rules have been available since 12/24/19.

 

My environment includes Sourcefire NGIPS and snort sensors running with the
VRT subscription.  I cannot locate these rules in either place.  We are
using "Security over Connectivity" on both the pulledpork config and the
NGIPS config.   I have grepped the rules files on our snort sensors and I
see current rules, but not 52512, 52513, and 52603.   On the NGIPS, I have
sorted the intrusion rules by priority and tried searching by signatures and
keywords, but no luck.  

 

Where should I be looking for these rules?

 

Rees Bevan, CISSP, GCIA, MCSE

rbevan () swcp com

 


_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort org
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!
Previous By Date Next
Previous By Thread Next

Current thread: