Warning: fopen(/home/rachdian/public_html/2008/old/cache/rss20.xml) [function.fopen]: failed to open stream: No such file or directory in /home/rachdian/public_html/2008/old/includes/feedcreator.class.php on line 685

Error creating feed file, please check write permissions.
Saturday, September 04 2010
Home
Photos Gallery
Guest Book
Links
Hot Info
Index
Latest Info
Jobs Info
IT/IS - Security
Education
Photo Stories (Photoblog)
Travelling Stories
About Me & Site
For Geek Family Only
About Me...
Diary
Contact Me
The Page Rank
Home arrow Index arrow IT/IS Security & Vulnerability arrow VRT Certified Rules Update 2007-03-23
VRT Certified Rules Update 2007-03-23 Print
User Rating: / 0
PoorBest 
Written by snort.org   
Sunday, 25 March 2007
The Sourcefire VRT is aware of vulnerabilities affecting Microsoft Windows Server Service Controller, McAfee ePolicy Orchestrator and Symantec SupportSoft ActiveX controls.


Details:
Microsoft Windows Server Service Controller:
The Server Service Controller is prone to a buffer overflow vulnerability that may allow an attacker to take complete control of the target host. Insufficient checks are made on user-supplied input to calls made to the svcctl function. This may allow an attacker to execute code of their choosing with system level privileges on an affected host. Rules to detect attacks targeting this vulnerability are included in this release and are identified as SIDs 10217 through 10386.

McAfee ePolicy Orchestrator CVE-2007-1498:
McAfee ePolicy Orchestrator fails to correctly process user-supplied input. It may be possible for a remote attacker to cause a buffer overflow condition to occur and execute code on the host system.

Rules to detect attacks targeting this vulnerability are included in this release and are identified as SIDs 10387 through 10389.

Symantec SupportSoft CVE-2006-6490:
Symantec SupportSoft ActiveX controls used in various products fail to correctly process user-supplied input. It may be possible for a remote attacker to cause a buffer overflow condition to occur and execute code on the host system.

Rules to detect attacks targeting this vulnerability are included in this release and are identified as SIDs 10214 through 10216.

Advisory:
A detailed advisory as well as a complete list of modified and deleted rules is available at http://www.snort.org/vrt/advisories/vrt-rules-2007-03-22.html.


Download Rules:
These rules will be available to subscribers only until Saturday, April 21, 2007. Subscribers can download the rules at http://www.snort.org/pub-bin/downloads.cgi.

Comments

Write Comment
Name:Guest
Title:
BBCode:Web AddressEmail AddressBold TextItalic TextUnderlined TextQuoteCodeOpen ListList ItemClose List
Comment:



This image contains a scrambled text, it is using a combination of colors, font size, background, angle in order to disallow computer to automate reading. You will have to reproduce it to post on my homepage Enter what you see: *
tips: hit Reload page before writing a text if you have difficulty reading characters in image

Last Updated ( Monday, 26 March 2007 )
[ Back ]


© Copyright 2005, Adhi Rachdian.
URL: http://adhi.rachdian.com, http://rachdian.com, http://adhi.pacific.net.id, http://rachdian.pacific.net.id or http://blog.rachdian.com