[Snort-sigs] Bleedingsnort.com Daily Update

bleeding at ...2727... bleeding at ...2727...
Wed Jul 20 18:02:53 EDT 2005


[***] Results from Oinkmaster started Wed Jul 20 20:00:05 2005 [***]

[+++]          Added rules:          [+++]

 2002130 - BLEEDING-EDGE WEB Oracle Reports XSS Attempt (bleeding-web.rules)
 2002131 - BLEEDING-EDGE WEB Oracle Reports XML Information Disclosure (bleeding-web.rules)
 2002132 - BLEEDING-EDGE WEB Oracle Reports DESFORMAT Information Disclosure (bleeding-web.rules)
 2002133 - BLEEDING-EDGE WEB Oracle Reports OS Command Injection Attempt (bleeding-web.rules)


[///]     Modified active rules:     [///]

 2001999 - BLEEDING-EDGE MALWARE BTGrab.com Spyware Downloading Ads (bleeding-malware.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-sid-msg.map (5):
        2001999 || BLEEDING-EDGE MALWARE BTGrab.com Spyware Downloading Ads || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453090726 || url,www.btgrab.com
        2002130 || BLEEDING-EDGE WEB Oracle Reports XSS Attempt || url,www.red-database-security.com/advisory/oracle_reports_various_css.html || url,www.oracle.com/technology/products/reports/index.html
        2002131 || BLEEDING-EDGE WEB Oracle Reports XML Information Disclosure || url,www.red-database-security.com/advisory/oracle_reports_read_any_xml_file.html || url,www.oracle.com/technology/products/reports/index.html
        2002132 || BLEEDING-EDGE WEB Oracle Reports DESFORMAT Information Disclosure || url,www.red-database-security.com/advisory/oracle_reports_read_any_file.html || url,www.oracle.com/technology/products/reports/index.html
        2002133 || BLEEDING-EDGE WEB Oracle Reports OS Command Injection Attempt || url,www.red-database-security.com/advisory/oracle_reports_run_any_os_command.html || url,www.oracle.com/technology/products/reports/index.html

     -> Added to bleeding-web.rules (2):
        # Submitted by Mark Tombaugh, 2005/07/20
        # Note: Oracle Reports can run on any TCP port. Please configure HTTP_PORTS appropriately.

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-sid-msg.map (1):
        2001999 || BLEEDING-EDGE MALWARE BTGrab.com Spyware Downloading Ads || url,www.btgrab.com

     -> Removed from bleeding-web.rules (1):
        #Submited by bdoctor





More information about the Snort-sigs mailing list