About two months ago, we found a vulnerability in the Winamp 5.55 MAKI script parsing module. We reported our findings to AOL. AOL then released Winamp version 5.552 with the fix. Here are the details: Winamp MAKI Parsing Integer Overflow Vulnerability Vendor: AOL/Nullsoft Sev
Thanks for the inquiries. Here are rules that detect attacks against IIS 6.0 with WebDAV enabled. (see yesterdays post for details) alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"WEB-IIS Microsoft IIS 6.0 WebDAV COPY remote authentication bypass attempt"; flow:to_se
Microsoft Security Advisory (971491) published on May 18, 2009 concerns a vulnerability in IIS that may allow unauthorized access to an area of a website that would normally be protected. An attack against IIS 6.0 with WebDAV enabled was published at milw0rm (http://www.milw0rm.
It has been two months since I joined the VRT. Since then, I have learned a lot about Snort and want to share some tactics with other people who are new to Snort (as I was). More precisely, I want to talk about how to write good Snort rules with performance in mind. First of all