[Snort-sigs] Bleedingsnort.com Daily Update

bleeding at ...2727... bleeding at ...2727...
Thu Feb 16 17:01:03 EST 2006


[***] Results from Oinkmaster started Thu Feb 16 20:00:12 2006 [***]

[+++]          Added rules:          [+++]

 2002802 - BLEEDING-EDGE EXPLOIT Windows Media Player parsing 0 size BMP file Vuln (MS06-005) (bleeding-exploit.rules)
 2002803 - BLEEDING-EDGE EXPLOIT BMP with invalid bfOffBits (possible MS06-005) (bleeding-exploit.rules)
 2002804 - BLEEDING-EDGE MALWARE Spyaxe Spyware DB Update (bleeding-malware.rules)
 2002805 - BLEEDING-EDGE MALWARE Spyaxe Spyware DB Version Check (bleeding-malware.rules)
 2002806 - BLEEDING-EDGE MALWARE Spyaxe Spyware Checkin (bleeding-malware.rules)
2002002807 - BLEEDING-EDGE MALWARE Spyaxe Spyware User Agent (bleeding-malware.rules)
2002002808 - BLEEDING-EDGE MALWARE Spyaxe Spyware User Agent 2 (bleeding-malware.rules)


[///]     Modified active rules:     [///]

 2400000 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2400001 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2400002 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2400003 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2401000 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401001 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401002 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401003 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2402000 - BLEEDING-EDGE DROP Dshield Block Listed Source (bleeding-dshield.rules)
 2403000 - BLEEDING-EDGE DROP Dshield Block Listed Source - BLOCKING (bleeding-dshield-BLOCK.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-exploit.rules (2):
        #by Shirkdog
        #by Joe Stewart of Lurhq

     -> Added to bleeding-sid-msg.map (7):
        2002802 || BLEEDING-EDGE EXPLOIT Windows Media Player parsing 0 size BMP file Vuln (MS06-005) || url,www.microsoft.com/technet/security/Bulletin/MS06-005.mspx || url,www.milw0rm.com/id.php?id=1500
        2002803 || BLEEDING-EDGE EXPLOIT BMP with invalid bfOffBits (possible MS06-005) || url,www.microsoft.com/technet/security/Bulletin/ms06-005.mspx
        2002804 || BLEEDING-EDGE MALWARE Spyaxe Spyware DB Update
        2002805 || BLEEDING-EDGE MALWARE Spyaxe Spyware DB Version Check
        2002806 || BLEEDING-EDGE MALWARE Spyaxe Spyware Checkin
        2002002807 || BLEEDING-EDGE MALWARE Spyaxe Spyware User Agent
        2002002808 || BLEEDING-EDGE MALWARE Spyaxe Spyware User Agent 2





More information about the Snort-sigs mailing list