[Snort-sigs] Bleedingsnort.com Daily Update

bleeding at ...2727... bleeding at ...2727...
Tue Oct 4 18:36:49 EDT 2005


[***] Results from Oinkmaster started Tue Oct  4 20:00:09 2005 [***]

[+++]          Added rules:          [+++]

 2002387 - BLEEDING-EDGE Trojan - Mitglieder Proxy Bot Checking In (bleeding-virus.rules)
 2002388 - BLEEDING-EDGE WEB vBulletin misc.php Template Name Arbitrary Code Execution (bleeding-web.rules)
 2002389 - BLEEDING-EDGE Vulnerable Mercury 4.01a IMAP Banner (bleeding-exploit.rules)
 2002390 - BLEEDING-EDGE Mercury v4.01a IMAP RENAME Buffer Overflow (bleeding-exploit.rules)


[///]     Modified active rules:     [///]

 2002031 - BLEEDING-EDGE TROJAN BOT - potential update/download (bleeding-virus.rules)
 2002077 - BLEEDING-EDGE Malware IEBar Spyware User Agent Activity (bleeding-malware.rules)
 2002380 - BLEEDING-EDGE Firefox Domain Name Buffer Overflow (bleeding-exploit.rules)
 2002381 - BLEEDING-EDGE RealPlayer/Helix Player Format String Exploit (bleeding-exploit.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-sid-msg.map (4):
        2002387 || BLEEDING-EDGE Trojan - Mitglieder Proxy Bot Checking In || url,isc.sans.org/diary.php?storyid=722
        2002388 || BLEEDING-EDGE WEB vBulletin misc.php Template Name Arbitrary Code Execution || url,metasploit.com/projects/Framework/exploits.html#php_vbulletin_template || cve,2005-0511 || url,www.osvdb.org/14047
        2002389 || BLEEDING-EDGE Vulnerable Mercury 4.01a IMAP Banner || bugtraq,11775 || url,www.pmail.com/whatsnew/m32401.htm
        2002390 || BLEEDING-EDGE Mercury v4.01a IMAP RENAME Buffer Overflow || bugtraq,11775 || metasploit.com/projects/Framework/exploits.html#mercury_imap || url,www.pmail.com/whatsnew/m32401.htm

     -> Added to bleeding-virus.rules (1):
        # Added 2005-10-04 in response to ISC diary

     -> Added to bleeding-web.rules (1):
        #By Mark Tombaugh





More information about the Snort-sigs mailing list