[Snort-sigs] Bleedingsnort.com Daily Update

bleeding at ...2727... bleeding at ...2727...
Thu Oct 6 18:28:19 EDT 2005


[***] Results from Oinkmaster started Thu Oct  6 20:00:08 2005 [***]

[+++]          Added rules:          [+++]

 2002391 - BLEEDING-EDGE VIRUS CME-151 Sober.R SMTP Outbound (bleeding-virus.rules)
 2002392 - BLEEDING-EDGE VIRUS CME-151 Sober.R SMTP Inbound (bleeding-virus.rules)
 2002394 - BLEEDING-EDGE MALWARE Adwave/MarketScore User Agent (bleeding-malware.rules)
 2002395 - BLEEDING-EDGE MALWARE Miva User Agent (bleeding-malware.rules)
 2002396 - BLEEDING-EDGE MALWARE Miva User Agent 2 (bleeding-malware.rules)
 2002397 - BLEEDING-EDGE MALWARE Precision Targeting User Agent (bleeding-malware.rules)
 2002398 - BLEEDING-EDGE MALWARE DelFin Project User Agent (bleeding-malware.rules)
 2002399 - BLEEDING-EDGE MALWARE DelFin Project User Agent 2 (bleeding-malware.rules)
 2002400 - BLEEDING-EDGE MALWARE TopInstalls User Agent (bleeding-malware.rules)
 2002401 - BLEEDING-EDGE MALWARE Web Search User Agent 2 (bleeding-malware.rules)
 2002402 - BLEEDING-EDGE MALWARE Web Search User Agent 3 (bleeding-malware.rules)
 2002403 - BLEEDING-EDGE MALWARE Context Plus User Agent 2 (bleeding-malware.rules)
 2002404 - BLEEDING-EDGE MALWARE Movies etc User Agent (bleeding-malware.rules)
 2002405 - BLEEDING-EDGE MALWARE Internet Optimizer User Agent 2 (bleeding-malware.rules)


[///]     Modified active rules:     [///]

 2001954 - BLEEDING-EDGE EXPLOIT Meteor FTP Server Exploit (bleeding-exploit.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-malware.rules (1):
        #by bgallia

     -> Added to bleeding-sid-msg.map (15):
        2001954 || BLEEDING-EDGE EXPLOIT Meteor FTP Server Exploit || url,www.securiteam.com/exploits/5RP0Q2KFPC.html
        2002391 || BLEEDING-EDGE VIRUS CME-151 Sober.R SMTP Outbound || url,vil.nai.com/vil/content/v_136390.htm
        2002392 || BLEEDING-EDGE VIRUS CME-151 Sober.R SMTP Inbound || url,vil.nai.com/vil/content/v_136390.htm
        2002394 || BLEEDING-EDGE MALWARE Adwave/MarketScore User Agent || url,www.marketscore.com || url,www.adwave.com/our_mission.aspx
        2002395 || BLEEDING-EDGE MALWARE Miva User Agent || url,www.findwhat.com || url,www.miva.com
        2002396 || BLEEDING-EDGE MALWARE Miva User Agent 2 || url,www.miva.com
        2002397 || BLEEDING-EDGE MALWARE Precision Targeting User Agent || url,www.precisiontargeting.com
        2002398 || BLEEDING-EDGE MALWARE DelFin Project User Agent || url,www.delfinproject.com
        2002399 || BLEEDING-EDGE MALWARE DelFin Project User Agent 2 || url,www.delfinproject.com
        2002400 || BLEEDING-EDGE MALWARE TopInstalls User Agent || url,www.topinstalls.com
        2002401 || BLEEDING-EDGE MALWARE Web Search User Agent 2 || url,www.websearch.com
        2002402 || BLEEDING-EDGE MALWARE Web Search User Agent 3 || url,www.websearch.com
        2002403 || BLEEDING-EDGE MALWARE Context Plus User Agent 2 || url,www.contextplus.net
        2002404 || BLEEDING-EDGE MALWARE Movies etc User Agent || url,www.movies-etc.com
        2002405 || BLEEDING-EDGE MALWARE Internet Optimizer User Agent 2 || url,www.internet-optimizer.com

     -> Added to bleeding-virus.rules (1):
        #Mark Tombaugh

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-sid-msg.map (1):
        2001954 || BLEEDING-EDGE EXPLOIT Meteor FTP Server Exploit





More information about the Snort-sigs mailing list