Snort mailing list archives

Snort Subscriber Rules Update 2024-09-26

From: Research via Snort-sigs <snort-sigs () lists snort org>
Date: Fri, 27 Sep 2024 00:59:25 GMT

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Talos Snort Subscriber Rules Update

Synopsis:
This release adds and modifies rules in several categories.

Details:
Talos is releasing Snort coverage to protect against an unauthenticated
command execution vulnerability in the CUPS service found on multiple
Linux distributions (CVE-2024-47177). This vulnerability is present in
the "cups-filters" part of CUPS and allows unauthenticated users to
execute arbitrary commands via the "FoomaticRIPCommandLine" PPD
parameter. Snort 3 and Snort 2 coverage for this vulnerability is
available through SID 64051.

Talos has added and modified multiple rules in the  and server-other
rule sets to provide coverage for emerging threats from these
technologies.


For a complete list of new and modified rules please see:

https://www.snort.org/advisories
-----BEGIN PGP SIGNATURE-----

iQIcBAEBAgAGBQJm9gNsAAoJEMzg39Iewam/Wf8P/i9Xv/rAPzx94aP1rDqHFuuZ
EXJSbmmJ1ix0DDh5NT/94dhVvtQ07JzkSzfUj0Z8zkXLfBE5Cu7V+yabMI7rpwFE
IbSKzTep6yJ0lhYlg6FFMaA4yZIQzO88zMFnJjllr0/Wx6SPD6jHjpyZiKUq7mMC
Wbvu95Kgai4aWx6lXCHo65hScIBNMXs84cS+lmSO+dlzEP0boOblRHjdxKSs6QCd
X7NtRjcPwjc6Kd0+ssaR6rPTcwCciBJNGBQU3ds9DwccH89LStCHeZAyGekeVxHP
VLk1xYhpfitxDYq9g30w0OzATEIirR8Sv9bPXO6rhkXgH2onYeLmTr8AjFujhslx
lu5C+mfw8sB2HLQfm2jWmOVCCo8z9x9Fq8OoZg6xcs94XclrAOorSrIUuNKYXBAg
g9QcI7PBYK9tTgvRRvaW5y3TsDfqWpUqn0kWs2icg7laS/RVBfZU/VE+rbHkma8k
t/A0jW8sTdaHTuCrw+0+zgIkH7s2/0h8qp22b4z11PyyjdnmubfMG0qZvUCqiKXG
DYdGXG5TnvTNrkK/96Py2QNeH2MgoisppIT3ELalTL56iRORJ6+6qTPR+kcT6ftS
7+tPcbK9xaYQxYmwf9i1zA0fuSf+r+01mjWnraz/aJpjGc4Q88lmIuAdSZ3WGhmK
dh7cEr7kpsUD5MXN6Hkb
=kajG
-----END PGP SIGNATURE-----

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort org
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!

Current thread:

Snort Subscriber Rules Update 2024-09-26 Research via Snort-sigs (Sep 26)
- <Possible follow-ups>
- Snort Subscriber Rules Update 2024-09-26 Research via Snort-sigs (Sep 26)