[prev in list] [next in list] [prev in thread] [next in thread] 

List:       snort-sigs
Subject:    [Snort-sigs] Sourcefire VRT Certified Rules Update
From:       Sourcefire VRT <research () sourcefire ! com>
Date:       2007-05-24 21:00:27
Message-ID: 4655FCEB.9070505 () sourcefire ! com
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sourcefire VRT Certified Rules Update

Synopsis:
The Sourcefire VRT is aware of a vulnerability affecting Apple OS X
systems which may allow a remote attacker to execute code on an
affected system.

Details:
Apple OS X mDNSResponder Buffer Overflow (CVE-2007-2386):
In the default configuration, Apple OS X has mDNSResponder installed
and listening on an ephemeral port. This service suffers from a buffer
overflow condition that is manifest when excess data in the Location
header is sent in a connection.

An existing rule has been modified to detect attacks targeting this
vulnerability and is included in this release. It is identified as SID
1388.

For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2007-05-24.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGVfzroFlcG+k7cPwRAuhSAJ91fERu//12MstTKXYuc907YZdyVwCeLMoO
5L4KBb6VcrZRnmM2hgkIMl8=
=Oay3
-----END PGP SIGNATURE-----

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
[prev in list] [next in list] [prev in thread] [next in thread]