[Snort-sigs] Bleedingsnort.com Daily Update

bleeding at ...2727... bleeding at ...2727...
Wed Jun 29 18:02:26 EDT 2005


[***] Results from Oinkmaster started Wed Jun 29 20:00:04 2005 [***]

[///]     Modified active rules:     [///]

 2000032 - BLEEDING-EDGE EXPLOIT LSA exploit (bleeding-exploit.rules)
 2000380 - BLEEDING-EDGE EXPLOIT MS-SQL Spike buffer overflow (bleeding-exploit.rules)
 2002029 - BLEEDING-EDGE TROJAN BOT - channel topic scan/exploit command (bleeding-virus.rules)
 2002030 - BLEEDING-EDGE TROJAN BOT - potential scan/exploit command (bleeding-virus.rules)
 2002064 - BLEEDING-EDGE EXPLOIT ms05-011 exploit (bleeding-exploit.rules)


[---]         Disabled rules:        [---]

 2001718 - BLEEDING-EDGE EXPLOIT CAN-2004-1244 PNG with bad width (bleeding-exploit.rules)
 2001719 - BLEEDING-EDGE EXPLOIT CAN-2004-1244 PNG with bad height (bleeding-exploit.rules)
 2001724 - BLEEDING-EDGE EXPLOIT libpng CAN-2004-1244 overflow attempt (bleeding-exploit.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-sid-msg.map (3):
        2000032 || BLEEDING-EDGE EXPLOIT LSA exploit || url,www.upenn.edu/computing/virus/04/w32.sasser.worm.html || url,www.eeye.com/html/research/advisories/AD20040501.html
        2000380 || BLEEDING-EDGE EXPLOIT MS-SQL Spike buffer overflow || bugtraq,5411
        2002064 || BLEEDING-EDGE EXPLOIT ms05-011 exploit || url,www.frsirt.com/exploits/20050623.mssmb_poc.c.php || bugtraq,12484

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-sid-msg.map (3):
        2000032 || BLEEDING-EDGE EXPLOIT LSA exploit
        2000380 || BLEEDING-EDGE EXPLOIT MS-SQL Spike buffer overflow || url,www.securityfocus.com/bid/5411/exploit
        2002064 || BLEEDING-EDGE EXPLOIT ms05-011 exploit





More information about the Snort-sigs mailing list