Thursday, January 10, 2013

Sourcefire VRT Certified Snort Rules Update for 01/10/2013, Ruby, Java 0day

Just released: Sourcefire VRT Certified Snort Rules Update for 01/10/2013

We welcome the introduction of the newest rule release for today from the VRT. In this release we introduced 26 new rules and made modifications to 12 additional rules.

This update contains rules that detect the newest public exploits for the Ruby on Rails XML/YAML vulnerability as well as the new Oracle Java 1.7 0day circulated this morning.

There were no changes made to the snort.conf in this release.

The VRT would like to thank Avery Tarasov for his contributions in the following rules:
The VRT would also like to thank Christopher Granger for his contribution in the following rule:
25279 and for information that led to the generation of the rest of the Htran rules.

In VRT's rule release:
The Sourcefire VRT has added and modified multiple rules in the browser-firefox, browser-plugins, exploit-kit, file-flash, file-identify, file-multimedia, file-office, file-other, malware-backdoor, malware-cnc, malware-other and server-webapp rule sets to provide coverage for emerging threats from these technologies.

In order to subscribe now to the VRT's newest rule detection functionality, you can subscribe for as low as $29 US dollars a year for personal users, be sure and see our business pricing as well at Make sure and stay up to date to catch the most emerging threats!