[Emerging-Sigs] Sig: ET POLICY Vulnerable Java Version 1.6.x Detected

Matthew Jonkman jonkman at emergingthreatspro.com
Mon Oct 24 09:48:38 EDT 2011


Not a bad idea.

I leave it to the group to weigh in, I'm good with either way.

Matt


On Oct 24, 2011, at 9:46 AM, Chris Wakelin wrote:

> Well, we'll get lots of hits until people have updated :)
> 
> I guess it's a different ballgame for now than those with Java <
> 1.6.0_24 which is widely exploited. Perhaps we should have two
> signatures, with a higher priority one for Java < 1.6.0_24 (or whatever
> we've seen exploits for in the wild)?
> 
> Chris
> 
> On 24/10/11 14:42, Matthew Jonkman wrote:
>> Sigh….
>> 
>> I assume then no objections to up'ing the rev we're looking for in these?
>> 
>> Doing so if no screaming. Thanks Chris!!
>> 
>> Matt
>> 
>> 
>> On Oct 24, 2011, at 9:36 AM, Chris Wakelin wrote:
>> 
>>> Looks like _27 is vulnerable too:
>>> 
>>> http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html#AppendixJAVA
>>> 
>>> Has anybody seen exploits?
>>> 
>>> Chris
>>> 
> 
> 
> -- 
> --+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+-
> Christopher Wakelin,                           c.d.wakelin at reading.ac.uk
> IT Services Centre, The University of Reading,  Tel: +44 (0)118 378 2908
> Whiteknights, Reading, RG6 6AF, UK              Fax: +44 (0)118 975 3094
> _______________________________________________
> Emerging-sigs mailing list
> Emerging-sigs at emergingthreats.net
> http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs
> 
> Support Emerging Threats! Subscribe to Emerging Threats Pro http://www.emergingthreatspro.com
> The ONLY place to get complete premium rulesets for Snort 2.4.0 through Current!


----------------------------------------------------
Matt Jonkman
Emerging Threats Pro
Open Information Security Foundation (OISF)
Phone 866-504-2523 x110
http://www.emergingthreatspro.com
http://www.openinfosecfoundation.org
----------------------------------------------------



More information about the Emerging-sigs mailing list