Sourcefire 3D System Vulnerability Database (VDB) Update
Date: 2012-10-11
This VDB: 122
Previous VDB: 121
Sourcefire 3D System Version 4.9.x:
Defense Centers and 3D Sensors
RNA for Red Hat Linux
3D Sensor Software for Crossbeam X-Series
Sourcefire 3D System Version 4.10.x:
Defense Centers and 3D Sensors
3D Sensor Software for Crossbeam X-Series
Sourcefire 3D System Version 5.x:
Defense Centers
Supported Detector Types:
service (4.9.1 and 4.10.x) and application protocol (5.x)
client application (4.10.x) and client (5.x)
payload (any 4.10.x release including and above 4.10.1) and web application (5.x)
IMPORTANT! Some application protocol, client, and web application detectors are supported in Version 5.x only. This Advisory refers to these as FireSIGHT application detectors.
Download the VDB update and obtain update instructions from the Sourcefire Support Site at https://support.sourcefire.com. Note that the time it takes to update the VDB can vary. For more information, see the online help on your appliance or download the Sourcefire 3D System User Guide from the Support Site.
VDB Changelog:
from version 121 (2:31:28 PM on October 4th, 2012 UTC)
to version 122 (7:01:43 PM on October 4th, 2012 UTC)
Service (4.x) and Application Protocol (5.x) Detectors
Total Added:
3
Total Removed:
0
Total Updated:
0
Client Application (4.x) and Client (5.x) Detectors
Total Added:
1
Total Removed:
0
Total Updated:
0
Payload (4.x) and Web Application (5.x) Detectors
Total Added:
78
Total Removed:
2
Total Updated:
0
FireSIGHT Detector Updates (5.x)
Total Added:
23
Total Removed:
2
Total Modified:
0
Operating System Fingerprint Details
Total Added:
1
Total Removed:
0
Total Updated:
4
Operating System and Hardware Fingerprint Details (5.1.x)
Total Added:
20
Total Removed:
0
Total Updated:
0
Vulnerability References
Total Added:
0
Total Removed:
0
Total Updated:
0
Fingerprint References
Total Added:
0
Total Removed:
0
Total Updated:
0
Operating System Fingerprint Details:
Ubuntu Ubuntu Ubuntu 10.04 (ID 949) added
Linux or Ubuntu Linux or Ubuntu Linux 2.6 or Ubuntu 10.04 (ID 30906) updated
Linux or VMware or Google or Amazon Linux or VMware ESX or Android or Kindle Linux 2.6 or ESX 4.0 or Android 2,3,4, 2.3.6 or Kindle 3.0 (ID 30943) updated
Ubuntu Linux 10.04, 11.04, 11.10, 12.04 (ID 60190) updated
Operating System and Hardware Fingerprint Details (5.1.x)::
Google Android HTC Liberty (ID 100102) added
Google Android HTC Ville (ID 100103) added
Google Android Motorola Droid Bionic (ID 100104) added
Google Android Motorola Droid Razr (ID 100105) added
Google Android Samsung Galaxy S III (ID 100106) added
Google Android Samsung Infuse 4G (ID 100107) added
Google Android LG Phoenix (ID 100108) added
Google Android Motorola Triumph (ID 100109) added
Google Android HTC ADR6350 (ID 100110) added
Google Android Samsung Galaxy S (ID 100111) added
Google Android HTC EVO 4G (ID 100112) added
Google Android HTC One X (ID 100113) added
Google Android LG Optimus L7 (ID 100114) added
Google Android Samsung Galaxy S II Skyrocket (ID 100115) added
Google Android Huawei Prism (ID 100116) added
Google Android ZTE X500 Score (ID 100117) added
Google Android HTC One S (ID 100118) added
Google Android HTC Aria A6366 (ID 100119) added
Google Android Samsung Galaxy S III (ID 100120) added
Apple iOS iPhone 5 (ID 100121) added
Service (4.x) and Application Protocol (5.x) Detectors:
Kismet: Communication between network sniffer clients and a GUI server. added
SMPP: Short Message Peer-to-Peer, a telecommuications protocol for SMS messages. added
TPNCP: TrunkPack Network Control Protocol, a VoIP control protocol. added
Client Application (4.x) and Client (5.x) Detectors:
FastCGI: Distributed extension of CGI. added
Payload (4.x) and Web Application (5.x) Detectors:
ABC: Web Portal for television network. added
AdNetwork.net: Ad Portal. added
Amazon Web Services: Online cloud computing service. added
AOL: American company develops, grows and invests in brands and web sites. added
Apple Mobile Yahoo API: Yahoos Mobile Applications for Apple product. added
Apple Stocks: Stock related updates. added
Arora: A web browser. added
Ask.com: Search engine. added
ATT: Telecom and Internet provider. added
Aweber: Email marketing Service. added
BBC: Web Portal for news update. added
Browzar: A web browser. added
CanvasRider: Online game website. added
CloudFront: Content Delivery for AWS. added
Comcast: Web Portal. added
CometBird: A web browser. added
Comodo Dragon: A web browser. added
Conduit: Online website to create community toolbar. added
Crazy Browser: A web browser. added
Daily Mail: Web Portal for news update. added
Drudge Report: News aggregator. added
Eclipse Marketplace: Marketplace for Eclipse application. added
Eclipse Updates: Software Updates for Eclipse. added
Eclipse: Software Updates for Eclipse. added
eHow: Web Portal. added
Engadget: E-commerce for gadgets and electronics. added
ESPN: Online Sports news and show. added
Etsy: E-commerce website for homemade or vintage items. added
Facebook: Facebook Client Application. added
FC2: Web server, sites and Blog provider. added
Flipboard: News aggregator Mobile application. added
Flurry: Mobile application analytics. added
Fox News: Web Portal for news update. added
Fox Sports: Web Portal for Sports news update. added
GoDaddy: Domain registrar. added
Google Adsense: AdSense for Google. added
GreenBrowser: A web browser. added
Indeed: The job search engine. added
KakaoTalk: Mobile messaging for smartphones. added
Kuaibo: Chinese website for the Client application QVOD. added
Libwww-Perl: Library for World wide web service. added
Localytics: Mobile application analystics. added
Me.com: Apple cloud storage service, now Closed and suggested to visit iCloud. added
Microsoft: Official Microsoft website. added
NASA: Web portal for NASA. added
NATO: Web portal for NATO. added
NOAA: Ocean and Atmospheric research agency. added
Nokia Maps: Nokia mapping and directions service. added
Norton AntiVirus: Antivirus for PC. added
Official Major League Baseball: Web Portal for Sports news update. added
OptMD: Web advertisement services. added
Outbrain: Online help for publishers and bloggers. added
PaleMoon: A web browser. added
Pandora Audio: Online Audio streaming. added
Pinterest: Social photo sharing website. added
Planetarium: Planetarium for the Chrome browser. added
Verizon Wireless: Telecom and Internet provider. added
Wall Street Journal: Web Portal for news update. added
Weather.com: Weather web portal. added
Weather.gov: Weather web portal. added
Weather: Client application for Weather. added
WeatherBug: Windows weather application. added
Wolfram|Alpha: Online answering for queries from the structred data. added
Wyzo: A web browser. added
ZEDO: Web advertisement services. added
Demonoid: BitTorrent tracker website. removed
Wixi: Social media network for both uploading and sharing. removed
FireSIGHT Detector Updates (5.x):
56.com: Large Chinese video sharing site. added
Viber: Smartphone app that allows for free phone calls and text messages. added
Squidoo: Social blogging site. added
China.com: Chinese social networking site. added
Conduit: Online website to create community toolbar. added
PPTV: Chinese file-streaming app. added
wetpaint entertainment: Television related news and media. added
NFL.com: American football news. added
Letitbit: File hosting and sharing website. added
MUZU TV: Music video site. added
PPTV peer-to-peer: PPTV peer to peer traffic. added
Fox Sports: Web Portal for Sports news update. added
Fring: A mobile messaging app. added
Tango: Mobile social networking app that provides voice, chat, and gaming services. added
PPStream: Chinese video streaming software. added
RADIUS-acct: Radius accounting. added
In.com: Entertainment news and media. added
Ares: P2P file sharing program. added
Fring A/V: Fring streaming audio and video. added
it168: Chinese social media website. added
ADNStream: Spanish video streaming site. added
SoundCloud: Music platform for artists to upload and promote their music. added
Hushmail: Web mail service providing encrypted and virus scanned e-mail. added
FileSonic: File hosting and sharing service. removed
FilesTube: A file search engine that searches various file sharing and uploading sites like rapidshare, megaupload, mediafire, hotfile, netload, filesonic, and 4shared. removed
For a complete list of new and modified information use this link.
For Assistance:
Visit the Sourcefire Support Site at https://support.sourcefire.com/.
Email Sourcefire Support at support@sourcefire.com.
Call Sourcefire Support at 410.423.1901 or 1.800.917.4134.
About the VRT:
The Sourcefire VRT is a group of renowned security experts working to proactively discover, assess, and respond to the latest trends in hacking activities, intrusion attempts, and vulnerabilities.
About Sourcefire:
Focused on its mission to be the leader in intelligent cybersecurity solutions, Sourcefire is transforming the way Global 2000 organizations and government agencies manage and minimize network security risks. With solutions from the network to the endpoint, Sourcefire provides customers with Agile Security that is as dynamic as the real world it protects and the attackers against which it defends.