[prev in list] [next in list] [prev in thread] [next in thread]
List: dragonidsuser
Subject: Re: [Dragonidsuser] [+] NIDS Signature Update(7.2/7.3): Tue Dec
From: "Bosa, Patrick" <pbosa () enterasys ! com>
Date: 2008-12-23 20:20:57
Message-ID: E3E024F020717945AA56F6EDFF68D68F049A9BA784 () MAEXCEVS1 ! ets ! enterasys ! com
[Download RAW message or body]
Thanks, Mike.
-----Original Message-----
From: dragonidsuser-bounces@enterasys.com \
[mailto:dragonidsuser-bounces@enterasys.com] On Behalf Of Michael \
Shirk
Sent: Tuesday, December 23, 2008 3:04 PM
To: dragonidsuser
Subject: [Dragonidsuser] [+] NIDS Signature Update(7.2/7.3): Tue Dec 23 14:55:42 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160
The following NIDS signature updates are available via liveupdate for
Dragon version 7.2/7.3:
NOTE: Sometime next week, we will be putting out an update that will
create a new classification called STANDARD-IPS. This group will aide in
the management of IPS signatures. Some of the signatures had their
dynamic-logging modified. The update will take some time to complete
once the liveupdate has been started.
MS-SQL:STORED-PROC-OVERFLOW
UPDATE-TYPE: New Signature
CLASSIFICATION: ATTACKS
DESCRIPTION: There is a heap overflow vulnerability in Microsoft SQL
Server that can lead to remote code execution. The vulnerability is in
the sp_replwritetovarbin stored procedure call. There is currently no
patch for this vulnerability. Check the dynamic data for a large buffer
passed to the stored procedure.
REFERENCE: URLREF
http://www.microsoft.com/technet/security/advisory/961040.mspx
REFERENCE: CVE
CVE-2008-4270
- --
Michael Shirk
Security Research Engineer
Enterasys Networks, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEAREDAAYFAklRRAoACgkQXWThkXZdgOcABQCdHgoEFEtJO+2P1fStSS2hDzD4
GQwAoMP1ctAXjhMGKX26U1WKmdKAEIov
=cCsc
-----END PGP SIGNATURE-----
_______________________________________________
Dragonidsuser mailing list
Dragonidsuser@enterasys.com
_______________________________________________
Dragonidsuser mailing list
Dragonidsuser@enterasys.com
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic