February 19th, 2007· The performance of the base64 decoding algorithm has been improved.
· A false negative in the ACE parser has been corrected.
· A false negative in HTTP_IE_ADODB_Stream_SaveToFile has been corrected.
· A signal 11 was addressed in the flood tracking logic of PAM.
· The Compound File parser was modified to eliminate a possible source of false negatives.
· A false positive in HTTP_IExplorer_Command_Exec has been corrected.
· A false positive in HTTP_POST_repeated_char has been corrected.
· The default configuration for the Proventia M sensor has been updated. The Email_Error, Email_Virus_Double_Extension, and Email_Executable_Extension signatures are now disabled by default. Synflood detection and protection is now enabled by default.
· The processing of 802.3ad VLAN q-in-q traffic is now supported, if the pam.vlan.q_in_q tuning parameter is set to true.RFC 3032 support has been improved to support the processing of MPLS-encapsulated VLAN traffic.
· A false positive in LPD_Control_File_Overflow has been corrected.
· A false positive in HTML_MSXML_Memory_Corruption was corrected.
· Deprecated the TCP_Multiple_Syns and TCP_Seq_OutOfRange signatures
· An issue that can cause iss-netengine to throw a SEGV and restart has been addressed in the HTTP parser.
· Additional CLSIDs were added to HTML_IE_ActiveX_Loader_Heap_Corruption.
Find us on Google+
