Rule release for today, Thursday April 8th, 2010
Mostly some small fixes, couple of reference changes and some new rules. Check it out here
Rule release for today - March 30th, 2010
Microsoft Security Advisory (MS10-018): Microsoft Internet Explorer contains several programming errors that may allow a remote attacker to execute code on an affected system. Details here: http://www.snort.org/vrt/advisories/2010/03/30/vrt-rules-2010-03-30.html
Rule release for today - March 23rd, 2010
Apple Safari RCE (CVE-2010-0049): Apple Safari contains a programming error that may allow a remote atttacker to execute code on an affected system. The issue presents itself when the browser fails to properly process certain HTML elements concerning RTL text. Additionally, as a
Rule release for today - March 17th, 2010
A maintenance release mostly, lots of changes to rules and quite a few deletions. Two new rules added. Check out the changes here
Rule release for today - March 10th, 2010
Microsoft Internet Explorer (2010-0806): Microsoft Internet Explorer contains a programming error that may allow a remote attacker to execute code on an affected system. Check it here Oh, and the rule is a shared object rule, so the changelog won't actually show it. If you
March 2010 Vulnerability Report
This month, Alain discusses the two patches from Microsoft, 0day vulnerabilities in Apache, Opera, Internet Explorer and finishes with VRT activity in March.
Rule release for today - March 9th, 2010
Microsoft Security Advisory (MS10-016): Microsoft Windows Movie Maker contains a programming error that may allow a remote attacker to execute code on an affected system. Microsoft Security Advisory (MS10-017): Microsoft Excel contains several programming errors that may allow a
Rule release for today - March 4th, 2010
We added multiple rules to the specific-threats, spyware-put, web-client, backdoor, and web-misc rule sets as well as making a whole lot of modifications to existing rules. Just a bit of a clean up. Details here: http://www.snort.org/vrt/advisories/2010/03/04/vrt-rules-2010-03-0
Rule release for today - February 26th 2010
Microsoft Internet Explorer contains a programming error that may allow a remote attacker to execute commands on a vulnerable system. The attacker needs to supply VBScript to invoke winhlp32.exe, which can then be used to execute commands via a specially crafted .HLP file. http: