[Snort-sigs] Bleedingsnort.com Daily Update

bleeding at ...2727... bleeding at ...2727...
Sun Jun 19 18:04:04 EDT 2005


[***] Results from Oinkmaster started Sun Jun 19 20:00:02 2005 [***]

[+++]          Added rules:          [+++]

 2002034 - BLEEDING-EDGE ATTACK RESPONSE Possible /etc/passwd via HTTP (bleeding-attack_response.rules)
 2002035 - BLEEDING-EDGE Malware Better Internet Spyware User Agent Activity (bleeding-malware.rules)
 2002036 - BLEEDING-EDGE MALWARE Weird on the Web /180 Solutions Checkin (bleeding-malware.rules)
 2002037 - BLEEDING-EDGE Malware Shop at Home Select Spyware Install (bleeding-malware.rules)
 2002038 - BLEEDING-EDGE Malware Shopathomeselect.com Spyware User Agent Activity (bleeding-malware.rules)
 2002039 - BLEEDING-EDGE Malware Better Internet Spyware User Agent Activity (bleeding-malware.rules)
 2002040 - BLEEDING-EDGE MALWARE Topconverting Spyware Reporting (bleeding-malware.rules)
 2002041 - BLEEDING-EDGE MALWARE Weird on the Web /180 Solutions Update (bleeding-malware.rules)
 2002043 - BLEEDING-EDGE Malware Shop at Home Select Spyware Config Download (bleeding-malware.rules)
 2002044 - BLEEDING-EDGE Malware OutBlaze.com Spyware Activity (bleeding-malware.rules)
 2002046 - BLEEDING-EDGE MALWARE TargetNetworks.net Spyware Reporting (bleeding-malware.rules)


[///]     Modified active rules:     [///]

 2000372 - BLEEDING-EDGE EXPLOIT MS-SQL SQL Injection running SQL statements line comment (bleeding-exploit.rules)
 2000373 - BLEEDING-EDGE EXPLOIT MS-SQL SQL Injection line comment (bleeding-exploit.rules)
 2000488 - BLEEDING-EDGE EXPLOIT MS-SQL SQL Injection closing string plus line comment (bleeding-exploit.rules)
 2000514 - BLEEDING-EDGE IE homepage hijacking (bleeding-malware.rules)
 2000519 - BLEEDING-EDGE shell browser vulnerability W9x/XP (bleeding-malware.rules)
 2000520 - BLEEDING-EDGE shell browser vulnerability NT/2K (bleeding-malware.rules)
 2001504 - BLEEDING-EDGE Malware Medialoads.com Spyware Activity (bleeding-malware.rules)
 2001506 - BLEEDING-EDGE Malware Smartpops.com Spyware Activity (bleeding-malware.rules)
 2001533 - BLEEDING-EDGE Malware Searchmiracle.com Spyware Installer silent.exe Download (bleeding-malware.rules)
 2001534 - BLEEDING-EDGE Malware Searchmiracle.com Spyware Install (bleeding-malware.rules)
 2001535 - BLEEDING-EDGE Malware Searchmiracle.com Spyware Install (bleeding-malware.rules)
 2001540 - BLEEDING-EDGE Malware Searchmiracle.com Spyware Install (bleeding-malware.rules)
 2001706 - BLEEDING-EDGE Malware Context Plus Spyware Activity (bleeding-malware.rules)
 2001709 - BLEEDING-EDGE Malware Shop at Home Select Spyware Config Download (bleeding-malware.rules)
 2001744 - BLEEDING-EDGE Malware Searchmiracle.com Spyware Install (bleeding-malware.rules)
 2002004 - BLEEDING-EDGE MALWARE Topconverting Spyware Install (bleeding-malware.rules)


[///]    Modified inactive rules:    [///]

 2000420 - BLEEDING-EDGE REG files version 4 download (bleeding-policy.rules)
 2000421 - BLEEDING-EDGE REG files version 5 download (bleeding-policy.rules)
 2000422 - BLEEDING-EDGE REG files version 5 Unicode download (bleeding-policy.rules)


[---]         Removed rules:         [---]

 2001051 - BLEEDING-EDGE MALWARE 180solutions Spyware (bleeding-malware.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-attack_response.rules (1):
        #by Matt Jonkman

     -> Added to bleeding-sid-msg.map (11):
        2002034 || BLEEDING-EDGE ATTACK RESPONSE Possible /etc/passwd via HTTP
        2002035 || BLEEDING-EDGE Malware Better Internet Spyware User Agent Activity
        2002036 || BLEEDING-EDGE MALWARE Weird on the Web /180 Solutions Checkin || url,securityresponse.symantec.com/avcenter/venc/data/pf/adware.180search.html
        2002037 || BLEEDING-EDGE Malware Shop at Home Select Spyware Install
        2002038 || BLEEDING-EDGE Malware Shopathomeselect.com Spyware User Agent Activity
        2002039 || BLEEDING-EDGE Malware Better Internet Spyware User Agent Activity
        2002040 || BLEEDING-EDGE MALWARE Topconverting Spyware Reporting
        2002041 || BLEEDING-EDGE MALWARE Weird on the Web /180 Solutions Update || url,securityresponse.symantec.com/avcenter/venc/data/pf/adware.180search.html
        2002043 || BLEEDING-EDGE Malware Shop at Home Select Spyware Config Download
        2002044 || BLEEDING-EDGE Malware OutBlaze.com Spyware Activity
        2002046 || BLEEDING-EDGE MALWARE TargetNetworks.net Spyware Reporting || url,www.targetnetworks.com

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-sid-msg.map (1):
        2001051 || BLEEDING-EDGE MALWARE 180solutions Spyware || url,securityresponse.symantec.com/avcenter/venc/data/pf/adware.180search.html





More information about the Snort-sigs mailing list