Cisco Talos (VRT) Update for Sourcefire 3D System

* Talos combines our security experts from TRAC, SecApps, and VRT teams.

This SRU number: 2015-06-23-001
Previous SRU number: 2015-06-17-001

Applies to:

This SEU number: 1310
Previous SEU: 1307

Applies to:

This is the complete list of rules modified in SRU 2015-06-23-001 and SEU 1310.

The format of the file is:

GID - SID - Rule Group - Rule Message - Policy State

The Policy State refers to each default Sourcefire policy, Connectivity, Balanced and Security.

The default passive policy state is the same as the Balanced policy state with the exception of alert being used instead of drop.

Note: Unless stated explicitly, the rules are for the series of products listed above.

Updated Rules:

**High Priority**
GID	SID	Rule Group	Rule Message	Policy State
GID	SID	Rule Group	Rule Message	Con.	Bal.	Sec.
1	15473	FILE-MULTIMEDIA	Multiple media players M3U playlist file handling buffer overflow attempt	off	off	off
1	25799	EXPLOIT-KIT	Stamp exploit kit pdf request	off	off	off
1	25801	EXPLOIT-KIT	Stamp exploit kit jar file request	off	off	off
1	28237	EXPLOIT-KIT	Magnitude/Nuclear exploit kit outbound pdf download attempt	off	off	off
1	28477	EXPLOIT-KIT	Styx exploit kit outbound pdf request	off	off	off
1	28478	EXPLOIT-KIT	Styx exploit kit landing page request	off	off	off
1	29163	EXPLOIT-KIT	CritX exploit kit outbound exploit request	off	off	drop
1	29164	EXPLOIT-KIT	CritX exploit kit outbound flash request	off	off	drop
1	29165	EXPLOIT-KIT	CritX exploit kit outbound jar request	off	off	drop
1	29166	EXPLOIT-KIT	CritX exploit kit payload download attempt	off	off	drop
1	29167	EXPLOIT-KIT	CritX exploit kit payload download attempt	off	off	drop
1	29443	EXPLOIT-KIT	Fiesta exploit kit outbound connection attempt	off	off	off
1	29444	EXPLOIT-KIT	Fiesta exploit kit flashplayer11 payload download	off	off	drop
1	31965	EXPLOIT-KIT	Astrum exploit kit landing page	off	off	drop
1	31966	EXPLOIT-KIT	Astrum exploit kit payload delivery	off	off	drop
1	31967	EXPLOIT-KIT	Astrum exploit kit payload delivery	off	off	drop
1	31970	EXPLOIT-KIT	Astrum exploit kit redirection attempt	off	off	drop
1	31971	EXPLOIT-KIT	Astrum exploit kit multiple exploit download request	off	off	off
1	31972	EXPLOIT-KIT	Astrum exploit kit payload delivery	off	off	drop
1	34334	EXPLOIT-KIT	Fiesta exploit kit Adobe Reader exploit download	off	off	off