Oracle, SMTP, Web-Misc, Web-Client, Specific-Threats, and DOS Additions
October 20th, 2009
This release contains an updated detection engine that contains fixes for a number of issues. Additionally, rules have been added and modified in several categories.
Details:
This release contains fixes for the following issues:
- Resolved an issue that causes some flows to be load balanced incorrectly. (36895)
- Resolved an issue where events were incorrectly generated for RFC-compliant HTTP delimiters. (49995)
- Improved Snort's handling of MPLS packets. (52160/53839)
- Resolved an issue that caused adaptive profiles to use excessive system resources. (53395)
- Resolved an issue that caused Snort to report incorrect packet rates for fragmented traffic. (53837)
As a result of ongoing research, the Sourcefire VRT has added multiple rules to the web-client, specific-threats, web-misc, oracle, smtp and dos rule sets to provide coverage for emerging threats from these technologies.
For Assistance
- Visit the Sourcefire Customer Support site at https://support.sourcefire.com.
- Email Sourcefire Customer Support at support@sourcefire.com.
- Call Sourcefire Customer Support at 410.423.1901 or 1.800.917.4134.