Thursday, September 23, 2010

Rule Release for Today, Thursday September 23rd, 2010

Microsoft .NET Framework Information Disclosure (CVE-2010-3332):
The Microsoft .NET Framework discloses enough information in error responses that an attacker is able to decrypt and modify encrypted data. The attacker is also able to forge cookies and obtain application files via an Oracle padding attack.

Get some: http://www.snort.org/vrt/advisories/2010/09/23/vrt-rules-2010-09-23.html

No comments:

Post a Comment