Today's VRT Certified Rule release has coverage for a vulnerability in Oracle Internet Directory and CUPS. There are also a few new rules added in chat.rules and others.

Oracle Internet Directory Denial of Service (CVE-2008-2595):
Oracle Internet Directory contains a programming error that may allow a remote attacker to cause a Denial of Service (DoS) against the application. This issue does not require authentication.

CUPS Integer Overflow (CVE-2008-5286):
A vulnerability in the _cupsImageReadPNG function in CUPS may allow a remote attacker to execute code on a vulnerable system.

Here's the link to today's release: