[Snort-sigs] Bleedingsnort.com Daily Update

bleeding at ...2727... bleeding at ...2727...
Mon Aug 14 21:00:09 EDT 2006


[***] Results from Oinkmaster started Mon Aug 14 21:00:09 2006 [***]

[+++]          Added rules:          [+++]

 2003083 - BLEEDING-EDGE TROJAN Dialer (bleeding-virus.rules)
 2003084 - BLEEDING-EDGE MALWARE TROJAN_VB Microjoin (bleeding-malware.rules)
 2003085 - BLEEDING-EDGE WEB TWiki Configure Script TYPEOF Remote Command Execution Attempt (bleeding-web.rules)
 2003086 - BLEEDING-EDGE WEB Barracuda Spam Firewall preview_email.cgi Remote Command Execution (bleeding-web.rules)
 2003087 - BLEEDING-EDGE WEB Barracuda Spam Firewall preview_email.cgi Remote Directory Traversal Attempt (bleeding-web.rules)


[///]     Modified active rules:     [///]

 2002662 - BLEEDING-EDGE WEB TWiki INCLUDE remote command execution attempt (bleeding-web.rules)
 2003073 - BLEEDING-EDGE TROJAN ICMP Banking Trojan sending encrypted stolen data (bleeding-virus.rules)
 2400000 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2400001 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2400002 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2400003 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2400004 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2401000 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401001 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401002 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401003 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401004 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-malware.rules (1):
        #by Scot Melnick

     -> Added to bleeding-sid-msg.map (5):
        2003083 || BLEEDING-EDGE TROJAN Dialer || url,isc.sans.org/diary.php?storyid=1388
        2003084 || BLEEDING-EDGE MALWARE TROJAN_VB Microjoin || url,de.trendmicro-europe.com/consumer/vinfo/encyclopedia.php?VName=TROJ_VB.AWW
        2003085 || BLEEDING-EDGE WEB TWiki Configure Script TYPEOF Remote Command Execution Attempt || bugtraq,19188 || cve,CVE-2006-3819
        2003086 || BLEEDING-EDGE WEB Barracuda Spam Firewall preview_email.cgi Remote Command Execution || bugtraq,19276
        2003087 || BLEEDING-EDGE WEB Barracuda Spam Firewall preview_email.cgi Remote Directory Traversal Attempt || bugtraq,19276

     -> Added to bleeding-virus.rules (1):
        #By Scott Melnick

     -> Added to bleeding-web.rules (2):
        # Submitted 2008-08-14 by David Maciejak
        # By David Maciejak, 2006-07-14





More information about the Snort-sigs mailing list