[Snort-sigs] Bleedingsnort.com Daily Update

bleeding at ...2727... bleeding at ...2727...
Tue Feb 21 17:01:02 EST 2006


[***] Results from Oinkmaster started Tue Feb 21 20:00:12 2006 [***]

[+++]          Added rules:          [+++]

 2002813 - BLEEDING-EDGE CURRENT Mac OS/X MIME Header x-unix-mode Tag (bleeding.rules)


[///]     Modified active rules:     [///]

 2002400 - BLEEDING-EDGE MALWARE TopInstalls User Agent (bleeding-malware.rules)
 2002802 - BLEEDING-EDGE EXPLOIT Windows Media Player parsing BMP file with 0 size offset to start of image (MS06-005) (bleeding-exploit.rules)
 2402000 - BLEEDING-EDGE DROP Dshield Block Listed Source (bleeding-dshield.rules)
 2403000 - BLEEDING-EDGE DROP Dshield Block Listed Source - BLOCKING (bleeding-dshield-BLOCK.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-exploit.rules (1):
        #by Shirkdog, updated 2006-02-21, mscott

     -> Added to bleeding-sid-msg.map (2):
        2002802 || BLEEDING-EDGE EXPLOIT Windows Media Player parsing BMP file with 0 size offset to start of image (MS06-005) || url,www.microsoft.com/technet/security/Bulletin/MS06-005.mspx || url,www.milw0rm.com/id.php?id=1500
        2002813 || BLEEDING-EDGE CURRENT Mac OS/X MIME Header x-unix-mode Tag || url,isc.sans.org/diary.php?storyid=1138

     -> Added to bleeding.rules (1):
        # Added 2006-02-21 after pondering about the current OS/X issue

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-exploit.rules (1):
        #by Shirkdog

     -> Removed from bleeding-sid-msg.map (1):
        2002802 || BLEEDING-EDGE EXPLOIT Windows Media Player parsing 0 size BMP file Vuln (MS06-005) || url,www.microsoft.com/technet/security/Bulletin/MS06-005.mspx || url,www.milw0rm.com/id.php?id=1500





More information about the Snort-sigs mailing list