[Snort-sigs] Bleedingsnort.com Daily Update

bleeding at ...2727... bleeding at ...2727...
Fri Jul 22 18:03:17 EDT 2005


[***] Results from Oinkmaster started Fri Jul 22 20:00:06 2005 [***]

[///]     Modified active rules:     [///]

 2002075 - BLEEDING-EDGE Malware OCSLab AutoUpdater Unknown/Spyware User Agent Activity (bleeding-malware.rules)
 2002082 - BLEEDING-EDGE Malware Unknown Spyware User Agent Activity (bleeding-malware.rules)
 2002134 - BLEEDING-EDGE EXPLOIT MS05-036 exploit -- JPEG ICC r/b/g/XYZ GetColorProfileElement overflow (bleeding-exploit.rules)
 2002137 - BLEEDING-EDGE EXPLOIT MS05-036 exploit -- GIF ICC r/b/g/XYZ GetColorProfileElement overflow (bleeding-exploit.rules)


[---]         Removed rules:         [---]

 2002135 - BLEEDING-EDGE EXPLOIT MS05-036 exploit -- JPEG ICC gXYZ GetColorProfileElement overflow (bleeding-exploit.rules)
 2002136 - BLEEDING-EDGE EXPLOIT MS05-036 exploit -- JPEG ICC bXYZ GetColorProfileElement overflow (bleeding-exploit.rules)
 2002138 - BLEEDING-EDGE EXPLOIT MS05-036 exploit -- GIF ICC gXYZ GetColorProfileElement overflow (bleeding-exploit.rules)
 2002139 - BLEEDING-EDGE EXPLOIT MS05-036 exploit -- GIF ICC bXYZ GetColorProfileElement overflow (bleeding-exploit.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-sid-msg.map (4):
        2002075 || BLEEDING-EDGE Malware OCSLab AutoUpdater Unknown/Spyware User Agent Activity || url,www.bleedingsnort.com/staticpages/index.php?page=unknown
        2002082 || BLEEDING-EDGE Malware Unknown Spyware User Agent Activity || url,www.bleedingsnort.com/staticpages/index.php?page=unknown
        2002134 || BLEEDING-EDGE EXPLOIT MS05-036 exploit -- JPEG ICC r/b/g/XYZ GetColorProfileElement overflow || cve,CVE-2005-1219 || url,www.microsoft.com/technet/security/Bulletin/MS05-036.mspx
        2002137 || BLEEDING-EDGE EXPLOIT MS05-036 exploit -- GIF ICC r/b/g/XYZ GetColorProfileElement overflow || cve,CVE-2005-1219 || url,www.microsoft.com/technet/security/Bulletin/MS05-036.mspx

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-sid-msg.map (8):
        2002075 || BLEEDING-EDGE Malware OCSLab AutoUpdater Unknown/Spyware User Agent Activity -- Please report to bleedingsnort.com || url,www.bleedingsnort.com/staticpages/index.php?page=unknown
        2002082 || BLEEDING-EDGE Malware Unknown Spyware User Agent Activity -- Please report to bleedingsnort.com || url,www.bleedingsnort.com/staticpages/index.php?page=unknown
        2002134 || BLEEDING-EDGE EXPLOIT MS05-036 exploit -- JPEG ICC rXYZ GetColorProfileElement overflow || cve,CVE-2005-1219 || url,www.microsoft.com/technet/security/Bulletin/MS05-036.mspx
        2002135 || BLEEDING-EDGE EXPLOIT MS05-036 exploit -- JPEG ICC gXYZ GetColorProfileElement overflow || cve,CVE-2005-1219 || url,www.microsoft.com/technet/security/Bulletin/MS05-036.mspx
        2002136 || BLEEDING-EDGE EXPLOIT MS05-036 exploit -- JPEG ICC bXYZ GetColorProfileElement overflow || cve,CVE-2005-1219 || url,www.microsoft.com/technet/security/Bulletin/MS05-036.mspx
        2002137 || BLEEDING-EDGE EXPLOIT MS05-036 exploit -- GIF ICC rXYZ GetColorProfileElement overflow || cve,CVE-2005-1219 || url,www.microsoft.com/technet/security/Bulletin/MS05-036.mspx
        2002138 || BLEEDING-EDGE EXPLOIT MS05-036 exploit -- GIF ICC gXYZ GetColorProfileElement overflow || cve,CVE-2005-1219 || url,www.microsoft.com/technet/security/Bulletin/MS05-036.mspx
        2002139 || BLEEDING-EDGE EXPLOIT MS05-036 exploit -- GIF ICC bXYZ GetColorProfileElement overflow || cve,CVE-2005-1219 || url,www.microsoft.com/technet/security/Bulletin/MS05-036.mspx





More information about the Snort-sigs mailing list