'Re: [Dragonidsuser] [+] NIDS Signature Update(7.2/7.3): Tue Dec'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       dragonidsuser
Subject:    Re: [Dragonidsuser] [+] NIDS Signature Update(7.2/7.3): Tue Dec
From:       "Bosa, Patrick" <pbosa () enterasys ! com>
Date:       2008-12-23 20:20:57
Message-ID: E3E024F020717945AA56F6EDFF68D68F049A9BA784 () MAEXCEVS1 ! ets ! enterasys ! com
[Download RAW message or body]

Thanks, Mike.

-----Original Message-----
From: dragonidsuser-bounces@enterasys.com \
                [mailto:dragonidsuser-bounces@enterasys.com] On Behalf Of Michael \
                Shirk
Sent: Tuesday, December 23, 2008 3:04 PM
To: dragonidsuser
Subject: [Dragonidsuser] [+] NIDS Signature Update(7.2/7.3): Tue Dec 23 14:55:42 2008

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

The following NIDS signature updates are available via liveupdate for
Dragon version 7.2/7.3:

NOTE: Sometime next week, we will be putting out an update that will
create a new classification called STANDARD-IPS. This group will aide in
the management of IPS signatures. Some of the signatures had their
dynamic-logging modified. The update will take some time to complete
once the liveupdate has been started.


MS-SQL:STORED-PROC-OVERFLOW
UPDATE-TYPE: New Signature
CLASSIFICATION: ATTACKS
DESCRIPTION: There is a heap overflow vulnerability in Microsoft SQL
Server that can lead to remote code execution. The vulnerability is in
the sp_replwritetovarbin stored procedure call. There is currently no
patch for this vulnerability. Check the dynamic data for a large buffer
passed to the stored procedure.
REFERENCE: URLREF
http://www.microsoft.com/technet/security/advisory/961040.mspx
REFERENCE: CVE
CVE-2008-4270


- --
Michael Shirk
Security Research Engineer
Enterasys Networks, Inc.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEAREDAAYFAklRRAoACgkQXWThkXZdgOcABQCdHgoEFEtJO+2P1fStSS2hDzD4
GQwAoMP1ctAXjhMGKX26U1WKmdKAEIov
=cCsc
-----END PGP SIGNATURE-----
_______________________________________________
Dragonidsuser mailing list
Dragonidsuser@enterasys.com

_______________________________________________
Dragonidsuser mailing list
Dragonidsuser@enterasys.com


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic