[Snort-sigs] Bleedingsnort.com Daily Update

bleeding at ...2727... bleeding at ...2727...
Fri Dec 2 17:01:03 EST 2005


[***] Results from Oinkmaster started Fri Dec  2 20:00:07 2005 [***]

[///]     Modified active rules:     [///]

 2001342 - BLEEDING-EDGE WEB-IIS ASP.net Auth Bypass / Canonicalization (bleeding-web.rules)
 2001343 - BLEEDING-EDGE WEB-IIS ASP.net Auth Bypass / Canonicalization % 5 C (bleeding-web.rules)
 2001532 - BLEEDING-EDGE Malware Searchmiracle.com Access, Likely Spyware (bleeding-malware.rules)
 2001742 - BLEEDING-EDGE EXPLOIT Arkeia full remote access without password or authentication (bleeding-exploit.rules)
 2002699 - BLEEDING-EDGE VIRUS Win32.Bagle.f (.AH,.AJ,Trojan.Lodear.D) Trojan Activity - download attempt (bleeding-virus.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-sid-msg.map (3):
        2001532 || BLEEDING-EDGE Malware Searchmiracle.com Access, Likely Spyware || url,securityresponse.symantec.com/avcenter/venc/data/trojan.elitebar.html
        2001742 || BLEEDING-EDGE EXPLOIT Arkeia full remote access without password or authentication || url,metasploit.com/research/vulns/arkeia_agent
        2002699 || BLEEDING-EDGE VIRUS Win32.Bagle.f (.AH,.AJ,Trojan.Lodear.D) Trojan Activity - download attempt || url,symantec.com/avcenter/venc/data/trojan.lodear.d.html || url,www.trendmicro.com.au/consumer/vinfo/encyclopedia.php?LYstr=VMAINDATA&vNav=3&VName=TROJ_BAGLE.AH

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-sid-msg.map (3):
        2001532 || BLEEDING-EDGE Malware Searchmiracle.com Access, Likely Spyware || url,securityresponse.symantec.com/avcenter/venc/data/adware.elitebar.html
        2001742 || BLEEDING-EDGE EXPLOIT Arkeia full remote access without password or authentication || url,metasploit.com/research/arkeia_agent
        2002699 || BLEEDING-EDGE VIRUS Win32.Bagle.f (.AH,.AJ,Trojan.Lodear.D) Trojan Activity - download attempt || url,www-secure.symantec.com/avcenter/venc/data/trojan.lodear.d.html || url,www.trendmicro.com.au/consumer/vinfo/encyclopedia.php?LYstr=VMAINDATA&vNav=3&VName=TROJ_BAGLE.AH





More information about the Snort-sigs mailing list