DCERPC Rule Modifications
May 18th, 2009
This release contains an updated detection engine and rule modifications.
Details:
The detection engine has been updated as follows:
- Resolved an issue that prevented the resp rule keyword from functioning as expected in certain circumstances
- Increased to 256 the total number of IP addresses and CIDR blocks that can be configured for all HTTP Inspect preprocessor server policies
Additionally, two new rules have been added to address a vulnerability in Samba. These rules are identified with GID 1, SIDs 15507 and 15508.
For Assistance
- Visit the Sourcefire Customer Support site at https://support.sourcefire.com.
- Email Sourcefire Customer Support at support@sourcefire.com.
- Call Sourcefire Customer Support at 410.423.1901 or 1.800.917.4134.