Tuesday, August 25, 2009

Rule release for today - August 25 2009

A maintenance release this one, a few new rules and some performance enhancements. Also, make sure you are using the dcerpc2 preprocessor now since these rule releases no longer include any of the flowbit rules that used to be needed for some DCERPC related vulnerabilities.

As a result of ongoing research, the Sourcefire VRT has added multiple rules to the web-activex, web-misc, specific-threats, exploit and chat rule sets to provide coverage for emerging threats from these technologies.

Advisory and changelog link here: http://www.snort.org/vrt/advisories/2009/08/25/vrt-rules-2009-08-25.html

No comments:

Post a Comment