TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems! ----------------------------------------------------------------------------
RealSecure� Network Sensor XPU 4.2 is now available from the ISS Download Center: http://www.iss.net/download/ <http://www.iss.net/download/> . PROTECTION BENEFITS OF X-PRESS(tm) UPDATE 4.2 * Peer-to-Peer Applications. XPU 4.2 contains a number of signatures to identify instant messaging applications. Many corporate security policies do not allow use of these applications. A number of vulnerabilities have been discovered, and recent worms have taken advantage of these as another method to propagate. The signatures contained in this XPU will enable detection of file transfers, text messages, and instant messenger logins for AOL Instant Messenger, ICQ, MSN Messenger, Yahoo! Instant Messenger, and IRC. In addition to detection of these protocols, three signatures are included that may indicate trojan activity or an attempt to execute a buffer overflow in an instant messenger. * Application Protection. XPU 4.2 contains signatures to protect against vulnerabilities in PHP, IIS, Lotus Domino, Netscape Enterprise Server, and other applications. * Platform Protection. This XPU contains detection for a high risk CDE buffer overflow vulnerability that affects a number of unix platforms. Signatures for Cisco IOS security issues are also included. VERSIONS/PLATFORMS Today's release of XPU 4.2 supports RealSecure Network Sensor versions 6.5 and 6.0. The update for Network Sensor 5.x is currently in development and will be released as soon as it is complete. We will send an updated announcement to the X-Press mailing list when the update for Network Sensor 5.x is released. This XPU supports Network Sensor on Solaris, Windows NT, Windows 2000 and the Nokia appliance platforms. NEW SIGNATURES SecChkID ProductCheckName Event Type Risk Level ------- ---------------- --------- ---------- 8281 HTTP_PHP_Memchr_BO Unauthorized Access Attempt High 7396 Dtspcd_Overflow Unauthorized Access Attempt High 6629 YPPasswordOverflow Unauthorized Access Attempt High 6749 HTTP_Cisco_IOS_Admin Unauthorized Access Attempt High 6179 SNMP_Cisco_Vacm_MIB Unauthorized Access Attempt High 6233 Email_To_TooManyQuotes Unauthorized Access Attempt High 6554 HTTP_Netscape_Enterprise_URI_Overflow Unauthorized Access Attempt High 7073 DNS_VirusScanTrojan Unauthorized Access Attempt High 7073 IRC_Virusscan_Trojan Unauthorized Access Attempt High 7623 Allaire_JRun_ViewDirectory Unauthorized Access Attempt Medium 7423 HTTP_Lotus_Domino_NavAccess Unauthorized Access Attempt Low 5488 Email_EnVID_Overflow Denial Of Service Medium 6982 HTTP_WebDAV_Overflow Denial Of Service Low 7320 HTTP_Netscape_Method_Overflow Denial Of Service Low 7074 IM_login Protocol Signature Low 7743 IM_AOL_Game_Overflow Protocol Signature High 7772 IM_Message Protocol Signature Low 7917 IM_File_Transfer Protocol Signature Low 8067 IM_Password_Change Protocol Signature Low 8068 IRC_DCC_Request Protocol Signature Medium 8230 MSMessenger_Message Protocol Signature Low 8232 MSMessenger_Login Protocol Signature Low 8288 YahooMSG_Message Protocol Signature Low 8289 YahooMSG_File_Transfer Protocol Signature Low For more information on this release, please contact the following: * For additional product information: - X-Press Updates, http://www.iss.net/db_data/xpu/RS.php <http://www.iss.net/db_data/xpu/RS.php> - Network Sensor, http://www.iss.net/products_services/enterprise_protection/rsnetwork/sensor. php <http://www.iss.net/products_services/enterprise_protection/rsnetwork/sensor .php> * For sales information: - [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> - 888-901-7477 or 404-236-2600 * For education, consulting and support information, including ISS SecureU training on RealSecure 6.5: - Customer Support - [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> , 888-447-4861 - CSG West - John Franklin, Business Development Manager, [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> , 949-916-8037 - CSG East - Joel Williams, Business Development Manager, [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> , 404-236-3971 - SecureU training - http://www.iss.net/education/course_descriptions/ <http://www.iss.net/education/course_descriptions/> , 888 263-8739.
