[Snort-sigs] Bleedingsnort.com Daily Update

bleeding at ...2727... bleeding at ...2727...
Wed Aug 10 19:01:53 EDT 2005


[***] Results from Oinkmaster started Wed Aug 10 20:00:05 2005 [***]

[+++]          Added rules:          [+++]

 2002170 - BLEEDING-EDGE GAMES Battle.net incoming chat message (bleeding-game.rules)
 2002171 - BLEEDING-EDGE EXPLOIT COM Object Instantiation Memory Corruption Vulnerability (group 1) (bleeding-exploit.rules)
 2002172 - BLEEDING-EDGE EXPLOIT COM Object Instantiation Memory Corruption Vulnerability (group 2) (bleeding-exploit.rules)
 2002173 - BLEEDING-EDGE EXPLOIT COM Object Instantiation Memory Corruption Vulnerability (group 3) (bleeding-exploit.rules)
 2002174 - BLEEDING-EDGE EXPLOIT CLSID Pattern Matched (bleeding-exploit.rules)


[///]     Modified active rules:     [///]

 2001267 - BLEEDING-EDGE Weatherbug Capture (bleeding-policy.rules)
 2001346 - BLEEDING-EDGE INAPPROPRIATE Kiddy Porn preteen (bleeding-inappropriate.rules)
 2001347 - BLEEDING-EDGE INAPPROPRIATE Kiddy Porn pre-teen (bleeding-inappropriate.rules)
 2001348 - BLEEDING-EDGE INAPPROPRIATE Kiddy Porn early teen (bleeding-inappropriate.rules)
 2001349 - BLEEDING-EDGE INAPPROPRIATE free XXX (bleeding-inappropriate.rules)
 2001350 - BLEEDING-EDGE INAPPROPRIATE hardcore anal (bleeding-inappropriate.rules)
 2001351 - BLEEDING-EDGE INAPPROPRIATE masturbation (bleeding-inappropriate.rules)
 2001352 - BLEEDING-EDGE INAPPROPRIATE ejaculation (bleeding-inappropriate.rules)
 2001353 - BLEEDING-EDGE INAPPROPRIATE BDSM (bleeding-inappropriate.rules)
 2001392 - BLEEDING-EDGE INAPPROPRIATE Sextracker Tracking Code Detected (bleeding-inappropriate.rules)
 2001393 - BLEEDING-EDGE INAPPROPRIATE Sextracker Tracking Code Detected (bleeding-inappropriate.rules)
 2001608 - BLEEDING-EDGE INAPPROPRIATE Likely Porn (bleeding-inappropriate.rules)
 2001619 - BLEEDING-EDGE Virus Santy.B worm variants searching for targets (yahoo) (bleeding-virus.rules)
 2001621 - BLEEDING-EDGE Exploit Suspected PHP Injection Attack (bleeding-web.rules)
 2001810 - BLEEDING-EDGE EXPLOIT WEB PHP remote file include exploit attempt (bleeding-web.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-exploit.rules (2):
        #By Blake Harstein at Demarc
        #These rules are separated for compatibility with Snort 2.3.3 (>850 characters per line), If you are using Snort >2.4.0 you can safely combine these into a single rule

     -> Added to bleeding-sid-msg.map (16):
        2001346 || BLEEDING-EDGE INAPPROPRIATE Kiddy Porn preteen
        2001347 || BLEEDING-EDGE INAPPROPRIATE Kiddy Porn pre-teen
        2001348 || BLEEDING-EDGE INAPPROPRIATE Kiddy Porn early teen
        2001349 || BLEEDING-EDGE INAPPROPRIATE free XXX
        2001350 || BLEEDING-EDGE INAPPROPRIATE hardcore anal
        2001351 || BLEEDING-EDGE INAPPROPRIATE masturbation
        2001352 || BLEEDING-EDGE INAPPROPRIATE ejaculation
        2001353 || BLEEDING-EDGE INAPPROPRIATE BDSM
        2001392 || BLEEDING-EDGE INAPPROPRIATE Sextracker Tracking Code Detected
        2001393 || BLEEDING-EDGE INAPPROPRIATE Sextracker Tracking Code Detected
        2001608 || BLEEDING-EDGE INAPPROPRIATE Likely Porn
        2001619 || BLEEDING-EDGE Virus Santy.B worm variants searching for targets (yahoo) || url,securityresponse.symantec.com/avcenter/venc/data/perl.santy.b.html
        2002171 || BLEEDING-EDGE EXPLOIT COM Object Instantiation Memory Corruption Vulnerability (group 1) || url,www.microsoft.com/technet/security/Bulletin/MS05-038.mspx || cve,2005-1990
        2002172 || BLEEDING-EDGE EXPLOIT COM Object Instantiation Memory Corruption Vulnerability (group 2) || url,www.microsoft.com/technet/security/Bulletin/MS05-038.mspx || cve,2005-1990
        2002173 || BLEEDING-EDGE EXPLOIT COM Object Instantiation Memory Corruption Vulnerability (group 3) || url,www.microsoft.com/technet/security/Bulletin/MS05-038.mspx || cve,2005-1990
        2002174 || BLEEDING-EDGE EXPLOIT CLSID Pattern Matched

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-sid-msg.map (12):
        2001346 || BLEEDING-EDGE INAPROPRIATE Kiddy Porn preteen
        2001347 || BLEEDING-EDGE INAPROPRIATE Kiddy Porn pre-teen
        2001348 || BLEEDING-EDGE INAPROPRIATE Kiddy Porn early teen
        2001349 || BLEEDING-EDGE INAPROPRIATE free XXX
        2001350 || BLEEDING-EDGE INAPROPRIATE hardcore anal
        2001351 || BLEEDING-EDGE INAPROPRIATE masturbation
        2001352 || BLEEDING-EDGE INAPROPRIATE ejaculation
        2001353 || BLEEDING-EDGE INAPROPRIATE BDSM
        2001392 || BLEEDING-EDGE INAPROPRIATE Sextracker Tracking Code Detected
        2001393 || BLEEDING-EDGE INAPROPRIATE Sextracker Tracking Code Detected
        2001608 || BLEEDING-EDGE INAPROPRIATE Likely Porn
        2001619 || BLEEDING-EDGE Virus Santy.B worm variants serarching for targets (yahoo) || url,securityresponse.symantec.com/avcenter/venc/data/perl.santy.b.html





More information about the Snort-sigs mailing list