[Snort-sigs] Bleedingsnort.com Daily Update

bleeding at ...2727... bleeding at ...2727...
Sun Aug 14 18:01:08 EDT 2005


[***] Results from Oinkmaster started Sun Aug 14 20:00:03 2005 [***]

[+++]          Added rules:          [+++]

 2002185 - BLEEDING-EDGE Possible MS05-039 PnP worm infection (bleeding.rules)
 2002186 - BLEEDING-EDGE EXPLOIT SMB-DS Microsoft Windows 2000 Plug and Play Vulnerability (bleeding-exploit.rules)
 2002187 - BLEEDING-EDGE EXPLOIT NETBIOS SMB Microsoft Windows 2000 PNP Vuln (bleeding-exploit.rules)
 2002188 - BLEEDING-EDGE EXPLOIT NETBIOS SMB-DS Microsoft Windows 2000 PNP Vuln (bleeding-exploit.rules)


[///]     Modified active rules:     [///]

 2000026 - BLEEDING-EDGE Malware Gator Agent Traffic (bleeding-malware.rules)
 2000586 - BLEEDING-EDGE Malware Ezula Related Calling Home (bleeding-malware.rules)
 2001295 - BLEEDING-EDGE MALWARE Browseraid.com Agent (bleeding-malware.rules)
 2001487 - BLEEDING-EDGE Malware Tibsystems Spyware Activity (bleeding-malware.rules)
 2001492 - BLEEDING-EDGE Malware ISearchTech.com XXXPornToolbar Activity (MyApp) (bleeding-malware.rules)
 2001493 - BLEEDING-EDGE Malware ISearchTech.com XXXPornToolbar Activity (IST) (bleeding-malware.rules)
 2001498 - BLEEDING-EDGE Malware Internet Optimizer Activity (bleeding-malware.rules)
 2001504 - BLEEDING-EDGE Malware Medialoads.com Spyware Activity (bleeding-malware.rules)
 2001562 - BLEEDING-EDGE Malware MarketScore.com Spyware User Configuration and Setup Access (bleeding-malware.rules)
 2001639 - BLEEDING-EDGE Malware Wild Tangent Agent Activity (bleeding-malware.rules)
 2001640 - BLEEDING-EDGE MALWARE Altnet PeerPoints Manager Traffic (bleeding-malware.rules)
 2001652 - BLEEDING-EDGE Malware JoltID Agent New Code Download (bleeding-malware.rules)
 2001699 - BLEEDING-EDGE Malware YourSiteBar Activity (bleeding-malware.rules)
 2001702 - BLEEDING-EDGE Malware Shop at Home Select Spyware Activity (Bundle) (bleeding-malware.rules)
 2001703 - BLEEDING-EDGE Malware Context Plus Spyware Activity (1) (bleeding-malware.rules)
 2001706 - BLEEDING-EDGE Malware Context Plus Spyware Activity (2) (bleeding-malware.rules)
 2001707 - BLEEDING-EDGE Malware Shop at Home Select Spyware Activity (SAH) (bleeding-malware.rules)
 2001732 - BLEEDING-EDGE Malware Top Converting Agent Activity (bleeding-malware.rules)
 2001736 - BLEEDING-EDGE Malware UCMore Spyware Activity (bleeding-malware.rules)
 2001746 - BLEEDING-EDGE Malware Enhance My Search Spyware Activity (bleeding-malware.rules)
 2001852 - BLEEDING-EDGE MALWARE 404Search Spyware User Agent (bleeding-malware.rules)
 2001853 - BLEEDING-EDGE MALWARE Easy Search Bar Spyware User Agent (bleeding-malware.rules)
 2001854 - BLEEDING-EDGE MALWARE EZULA Spyware User Agent (bleeding-malware.rules)
 2001855 - BLEEDING-EDGE MALWARE Fun Web Products Spyware User Agent (1) (bleeding-malware.rules)
 2001858 - BLEEDING-EDGE MALWARE Hotbar Spyware User Agent (bleeding-malware.rules)
 2001859 - BLEEDING-EDGE MALWARE Cool Web Search Spyware User Agent (bleeding-malware.rules)
 2001860 - BLEEDING-EDGE MALWARE Kontiki Spyware User Agent (bleeding-malware.rules)
 2001861 - BLEEDING-EDGE MALWARE Micro-Gaming Spyware User Agent (bleeding-malware.rules)
 2001863 - BLEEDING-EDGE MALWARE Fun Web Products Spyware User Agent (2) (bleeding-malware.rules)
 2001864 - BLEEDING-EDGE MALWARE Fun Web Products Spyware User Agent (3) (bleeding-malware.rules)
 2001865 - BLEEDING-EDGE MALWARE MyWebSearch Spyware User Agent (bleeding-malware.rules)
 2001866 - BLEEDING-EDGE MALWARE Smartpops/Mediaload Spyware User Agent (bleeding-malware.rules)
 2001867 - BLEEDING-EDGE MALWARE Search Engine 2000 Spyware User Agent (bleeding-malware.rules)
 2001868 - BLEEDING-EDGE MALWARE SureSeeker Spyware User Agent (bleeding-malware.rules)
 2001869 - BLEEDING-EDGE MALWARE Sidesearch Spyware User Agent (bleeding-malware.rules)
 2001870 - BLEEDING-EDGE MALWARE Surfplayer Spyware User Agent (bleeding-malware.rules)
 2001871 - BLEEDING-EDGE MALWARE Target Saver Spyware User Agent (bleeding-malware.rules)
 2001872 - BLEEDING-EDGE MALWARE Visicom Spyware User Agent (bleeding-malware.rules)
 2002002 - BLEEDING-EDGE Malware Better Internet Spyware User Agent Activity (thnall) (bleeding-malware.rules)
 2002011 - BLEEDING-EDGE Malware PeopleonPage Spyware User Agent Activity (bleeding-malware.rules)
 2002014 - BLEEDING-EDGE Malware Grandstreet Interactive Spyware User Agent Activity (2) (bleeding-malware.rules)
 2002020 - BLEEDING-EDGE Malware Overpro Spyware User Agent Activity (merong) (bleeding-malware.rules)
 2002038 - BLEEDING-EDGE Malware Shopathomeselect.com Spyware User Agent Activity (bleeding-malware.rules)
 2002039 - BLEEDING-EDGE Malware Better Internet Spyware User Agent Activity (aurareco) (bleeding-malware.rules)
 2002071 - BLEEDING-EDGE Malware XupiterToolbar Spyware User Agent Activity (bleeding-malware.rules)
 2002073 - BLEEDING-EDGE Malware General Spyware User Agent Activity (bleeding-malware.rules)
 2002074 - BLEEDING-EDGE Malware Win32.Stubby Spyware User Agent Activity (bleeding-malware.rules)
 2002076 - BLEEDING-EDGE Malware New.net Spyware User Agent Activity (bleeding-malware.rules)
 2002077 - BLEEDING-EDGE Malware IEBar Spyware User Agent Activity (bleeding-malware.rules)
 2002078 - BLEEDING-EDGE Malware SideStep Spyware User Agent Activity (bleeding-malware.rules)
 2002079 - BLEEDING-EDGE MALWARE MyWaySearch Products Spyware User Agent (bleeding-malware.rules)
 2002080 - BLEEDING-EDGE MALWARE MySearch Products Spyware User Agent (bleeding-malware.rules)
 2002097 - BLEEDING-EDGE Malware IEHelp.net Spyware User Agent Activity (bleeding-malware.rules)
 2002160 - BLEEDING-EDGE MALWARE CoolWebSearch Spyware (Feat) (bleeding-malware.rules)
 2002161 - BLEEDING-EDGE MALWARE CoolWebSearch Spyware (feat2) (bleeding-malware.rules)
 2002164 - BLEEDING-EDGE MALWARE Hotbar Spyware (bleeding-malware.rules)
 2002165 - BLEEDING-EDGE MALWARE IESearch Spyware (bleeding-malware.rules)
 2002166 - BLEEDING-EDGE MALWARE Alexa Search Toolbar (bleeding-malware.rules)
 2002167 - BLEEDING-EDGE MALWARE Spyware Labs Spyware (bleeding-malware.rules)
 2002168 - BLEEDING-EDGE MALWARE Svcmm Parasite (bleeding-malware.rules)
 2002169 - BLEEDING-EDGE MALWARE iWon Spyware (bleeding-malware.rules)


[///]    Modified inactive rules:    [///]

 2002162 - BLEEDING-EDGE MALWARE CoolWebSearch Spyware (SCAgent) (bleeding-malware.rules)
 2002176 - BLEEDING-EDGE Veritas Backup Exec Windows Agent Remote File Access Exploit (bleeding-exploit.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-exploit.rules (1):
        # Added 2005/08/14 as found on SANS ISC web site, by AlertLogic

     -> Added to bleeding-sid-msg.map (5):
        2002176 || BLEEDING-EDGE Veritas Backup Exec Windows Agent Remote File Access Exploit || url,isc.sans.org/diary.php?date=2005-08-11 || url,www.frsirt.com/exploits/20050811.backupexec_dump.pm.php || url,www.frsirt.com/english/advisories/2005/1387
        2002185 || BLEEDING-EDGE Possible MS05-039 PnP worm infection || url,isc.sans.org/diary.php?date=2005-08-14
        2002186 || BLEEDING-EDGE EXPLOIT SMB-DS Microsoft Windows 2000 Plug and Play Vulnerability || url,isc.sans.org/diary.php?date=2005-08-14 || url,www.microsoft.com/technet/security/Bulletin/MS05-039.mspx
        2002187 || BLEEDING-EDGE EXPLOIT NETBIOS SMB Microsoft Windows 2000 PNP Vuln || url,isc.sans.org/diary.php?date=2005-08-14 || url,www.microsoft.com/technet/security /Bulletin/MS05-039.mspx
        2002188 || BLEEDING-EDGE EXPLOIT NETBIOS SMB-DS Microsoft Windows 2000 PNP Vuln || url,isc.sans.org/diary.php?date=2005-08-14 || url,www.microsoft.com/technet/secur ity/Bulletin/MS05-039.mspx

     -> Added to bleeding.rules (1):
        # Created 2005/08/14 by Frank Knobbe in response to first information posted on ISC

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-sid-msg.map (1):
        2002176 || BLEEDING-EDGE Veritas Backup Exec Windows Agent Remote File Access Exploit || url,www.frsirt.com/exploits/20050811.backupexec_dump.pm.php || url,www.frsirt.com/english/advisories/2005/1387





More information about the Snort-sigs mailing list