[Snort-sigs] Snort Community Rules Update

info+lucretia.ca info at ...3194...
Sat Oct 21 11:03:40 EDT 2006


Please note:

The most recent community-web-php.rules has a typo that is missing a ';'.

I don't recall the exact rule but it was on line 450 of that rule file.

Cheers,

James Friesen, CIO
Lucretia Enterprises
Our World Is Here
info at lucretia dot ca
http://lucretia.ca


> -----Original Message-----
> From: snort-sigs-bounces at lists.sourceforge.net
> [mailto:snort-sigs-bounces at lists.sourceforge.net] On Behalf
> Of Sourcefire VRT
> Sent: Friday, October 20, 2006 2:26 PM
> To: snort-sigs mailinglist
> Subject: [Snort-sigs] Snort Community Rules Update
>
> This message is to announce the availability of an update for
> the Sourcefire community rule set, which can be downloaded
> free of cost or registration from
> http://www.snort.org/pub-bin/downloads.cgi.
>
> New rules in this release are identified as SIDs 100000900-100000919.
> These rules cover detection of Mytob worm over IRC; remote
> file inclusion attacks against the UBB.threads, phpMyWebmin,
> Dayfox Blog, Somery, PHP-Dimension, and Segue CMS systems;
> and a cross-site scripting attack against the MyBulletinBoard system.
>
> Additionally, a large number of rules have been updated for
> improved performance and/or readability, including the
> addition of classtypes to all rules which previously lacked
> such information.
>
> Sourcefire would like to thank Shirkdog for submitting SID
> 100000919. As a reminder, anyone who wishes to submit rules
> may do so at http://www.snort.org/reg-bin/rulesubmit.cgi.
>
> A list of modified rules and their SIDs follows.
>
> Alex Kirk
> Community Rules Maintainer
> Sourcefire, Inc.
>
> New rules:
> 100000900 || COMMUNITY BOT Mytob IRC DCC file transfer request
> 100000901 || COMMUNITY BOT Mytob IRC DCC chat request
> 100000902 || COMMUNITY BOT Mytob IRC channel join
> 100000903 || COMMUNITY BOT Mytob IRC dns request
> 100000904 || COMMUNITY BOT Mytob IRC dns response
> 100000905 || COMMUNITY BOT Mytob IRC nick change
> 100000906 || COMMUNITY WEB-PHP UBB.threads remote file include
> 100000907 || COMMUNITY WEB-PHP phpMyWebmin
> change_preferences2 script remote file include
> 100000908 || COMMUNITY WEB-PHP phpMyWebmin create_file script
> remote file include
> 100000909 || COMMUNITY WEB-PHP phpMyWebmin upload_local
> script remote file include 100000910 || COMMUNITY WEB-PHP
> phpMyWebmin upload_multi script remote file include
> 100000911 || COMMUNITY WEB-PHP Dayfox Blog adminlog.php
> module remote file include
> 100000912 || COMMUNITY WEB-PHP Dayfox Blog postblog.php
> module remote file include
> 100000913 || COMMUNITY WEB-PHP Dayfox Blog index.php module
> remote file include
> 100000914 || COMMUNITY WEB-PHP Dayfox Blog index2.php module
> remote file include
> 100000915 || COMMUNITY WEB-PHP Somery Include.php remote file include
> 100000916 || COMMUNITY WEB-PHP MyBulletinBoard
> Functions_Post.php xss attempt
> 100000917 || COMMUNITY WEB-PHP PHP-Dimension functions_kb.php
> remote file include attempt
> 100000918 || COMMUNITY WEB-PHP PHP-Dimension
> themen_portal_mitte.php remote include attempt
> 100000919 || COMMUNITY WEB-PHP Segue CMS
> themesettings.inc.php remote file include attempt
>
> Updated rules:
> 100000187 || COMMUNITY WEB-PHP XSS attempt
> 100000189 || COMMUNITY MISC streaming RTSP - realplayer
> 100000190 || COMMUNITY MISC streaming Windows Mediaplayer
> 100000192 || COMMUNITY SQL-INJECTION WIZZ ForumTopicDetails
> Sql Injection attempt
> 100000193 || COMMUNITY SQL-INJECTION WIZZ ForumAuthDetails
> Sql Injection attempt
> 100000194 || COMMUNITY SQL-INJECTION WIZZ ForumReply Sql
> Injection attempt
> 100000215 || COMMUNITY DOS Trend Micro ServerProtect
> EarthAgent attempt
> 100000221 || COMMUNITY WEB-PHP AppServ main.php appserv_root
> param access
> 100000229 || COMMUNITY MISC Lotus Domino LDAP attack
> 100000237 || COMMUNITY WEB-MISC Proxy Bypass Via Google
> Translation Same To And From Language
> 100000284 || COMMUNITY WEB-CLIENT RealMedia invalid chunk
> size heap overflow attempt
> 100000285 || COMMUNITY WEB-PHP ldap_var.inc.php remote file
> include attempt
> 100000302 || COMMUNITY WEB-MISC DeviceSelection.asp
> sRedirectUrl parameter access
> 100000303 || COMMUNITY WEB-MISC DeviceSelection.asp
> sCancelURL parameter access
> 100000304 || COMMUNITY WEB-PHP Gphoto index.php rep parameter
> remote file include attempt
> 100000305 || COMMUNITY WEB-PHP Gphoto index.php image
> parameter remote file include attempt
> 100000306 || COMMUNITY WEB-PHP Gphoto diapho.php rep
> parameter remote file include attempt
> 100000307 || COMMUNITY WEB-PHP Gphoto diapho.php image
> parameter remote file include attempt
> 100000308 || COMMUNITY WEB-PHP Gphoto affich.php rep
> parameter remote file include attempt
> 100000309 || COMMUNITY WEB-PHP Gphoto affich.php image
> parameter remote file include attempt
> 100000312 || COMMUNITY VIRUS Ginwui.B POST attempt
> 100000317 || COMMUNITY WEB-MISC phpBazar classified_right.php
> remote file include
> 100000318 || COMMUNITY WEB-MISC phpBazar admin.php remote file include
> 100000319 || COMMUNITY WEB-MISC ActualScripts direct.php
> remote file include 100000320 || COMMUNITY WEB-MISC ScozNet
> ScozNews functions.php remote file include
> 100000321 || COMMUNITY WEB-MISC ScozNet ScozNews help.php
> remote file include
> 100000322 || COMMUNITY WEB-MISC ScozNet ScozNews mail.php
> remote file include
> 100000323 || COMMUNITY WEB-MISC ScozNet ScozNews news.php
> remote file include
> 100000324 || COMMUNITY WEB-MISC ScozNet ScozNews template.php
> remote file include
> 100000325 || COMMUNITY WEB-MISC ScozNet ScozNews
> admin_cats.php remote file include
> 100000326 || COMMUNITY WEB-MISC ScozNet ScozNews
> admin_edit.php remote file include
> 100000327 || COMMUNITY WEB-MISC ScozNet ScozNews
> admin_import.php remote file include
> 100000328 || COMMUNITY WEB-MISC ScozNet ScozNews
> admin_templates.php remote file include
> 100000329 || COMMUNITY WEB-MISC Invision Power Board
> class_post.php remote file include 100000330 || COMMUNITY
> WEB-MISC Invision Power Board moderate.php remote file include
> 100000334 || COMMUNITY WEB-MISC CaLogic Calendars
> reconfig.php remote file include
> 100000335 || COMMUNITY WEB-MISC CaLogic Calendars srxclr.php
> remote file include
> 100000336 || COMMUNITY WEB-MISC phpMyDirectory footer.php
> remote file include
> 100000337 || COMMUNITY WEB-MISC phpMyDirectory
> defaults_setup.php remote file include
> 100000338 || COMMUNITY WEB-MISC phpMyDirectory header.php
> remote file include
> 100000339 || COMMUNITY WEB-MISC V-Webmail core.php remote
> file include 100000340 || COMMUNITY WEB-MISC V-Webmail
> pop3.php remote file include
> 100000341 || COMMUNITY WEB-MISC DoceboLMS help.php remote file include
> 100000342 || COMMUNITY WEB-MISC DoceboLMS business.php remote
> file include
> 100000343 || COMMUNITY WEB-MISC DoceboLMS credits.php remote
> file include
> 100000344 || COMMUNITY WEB-MISC SocketMail index.php remote
> file include
> 100000345 || COMMUNITY WEB-MISC SocketMail inc-common.php
> remote file include
> 100000346 || COMMUNITY WEB-MISC Plume CMS prepend.php remote
> file include
> 100000347 || COMMUNITY WEB-MISC Ezupload Pro form.php remote
> file include
> 100000348 || COMMUNITY WEB-MISC Ezupload Pro customize.php
> remote file include
> 100000349 || COMMUNITY WEB-MISC Ezupload Pro initialize.php
> remote file include 100000350 || COMMUNITY WEB-MISC
> UBBThreads ubbt.inc.php remote file include
> 100000351 || COMMUNITY WEB-MISC UBBThreads
> config[cookieprefix] remote file include
> 100000352 || COMMUNITY WEB-MISC Blend Portal blend_common.php
> remote file include
> 100000353 || COMMUNITY WEB-MISC tinyBB footers.php remote file include
> 100000354 || COMMUNITY WEB-MISC phpBB-Amod lang_activity.php
> remote file include
> 100000355 || COMMUNITY WEB-MISC eSyndiCat cron.php remote file include
> 100000356 || COMMUNITY WEB-MISC BASE base_qry_common.php
> remote file include
> 100000357 || COMMUNITY WEB-MISC BASE base_stat_common.php
> remote file include
> 100000358 || COMMUNITY WEB-MISC BASE base_include.inc.php
> remote file include
> 100000359 || COMMUNITY WEB-MISC Fastpublish CMS drucken.php
> remote file include 100000360 || COMMUNITY WEB-MISC
> Fastpublish CMS drucken2.php remote file include
> 100000361 || COMMUNITY WEB-MISC Fastpublish CMS
> email_an_benutzer.php remote file include
> 100000362 || COMMUNITY WEB-MISC Fastpublish CMS rechnung.php
> remote file include
> 100000363 || COMMUNITY WEB-MISC Fastpublish CMS search.php
> remote file include
> 100000364 || COMMUNITY WEB-MISC Fastpublish CMS admin.php
> remote file include
> 100000365 || COMMUNITY WEB-MISC phpNuke index.php remote file include
> 100000366 || COMMUNITY WEB-MISC phpNuke admin_ug_auth.php
> remote file include
> 100000367 || COMMUNITY WEB-MISC phpNuke admin_board.php
> remote file include
> 100000368 || COMMUNITY WEB-MISC phpNuke admin_disallow.php
> remote file include
> 100000369 || COMMUNITY WEB-MISC phpNuke admin_forumauth.php
> remote file include 100000370 || COMMUNITY WEB-MISC phpNuke
> admin_groups.php remote file include
> 100000371 || COMMUNITY WEB-MISC phpNuke admin_ranks.php
> remote file include
> 100000372 || COMMUNITY WEB-MISC phpNuke admin_styles.php
> remote file include
> 100000373 || COMMUNITY WEB-MISC phpNuke admin_user_ban.php
> remote file include
> 100000374 || COMMUNITY WEB-MISC phpNuke admin_words.php
> remote file include
> 100000375 || COMMUNITY WEB-MISC phpNuke admin_avatar.php
> remote file include
> 100000376 || COMMUNITY WEB-MISC phpNuke
> admin_db_utilities.php remote file include
> 100000377 || COMMUNITY WEB-MISC phpNuke admin_forum_prune.php
> remote file include
> 100000378 || COMMUNITY WEB-MISC phpNuke admin_forums.php
> remote file include
> 100000379 || COMMUNITY WEB-MISC phpNuke admin_mass_email.php
> remote file include 100000380 || COMMUNITY WEB-MISC phpNuke
> admin_smilies.php remote file include
> 100000381 || COMMUNITY WEB-MISC phpNuke admin_ug_auth.php
> remote file include
> 100000382 || COMMUNITY WEB-MISC phpNuke admin_users.php
> remote file include
> 100000383 || COMMUNITY WEB-MISC OsTicket open_form.php remote
> file include
> 100000384 || COMMUNITY WEB-MISC Ottoman index.php remote file include
> 100000385 || COMMUNITY WEB-MISC Ottoman error.php remote file include
> 100000386 || COMMUNITY WEB-MISC Ottoman main_class.php remote
> file include
> 100000387 || COMMUNITY WEB-MISC Ovidentia index.php remote
> file include
> 100000388 || COMMUNITY WEB-MISC Ovidentia topman.php remote
> file include
> 100000389 || COMMUNITY WEB-MISC Ovidentia approb.php remote
> file include 100000390 || COMMUNITY WEB-MISC Ovidentia
> vacadmb.php remote file include
> 100000391 || COMMUNITY WEB-MISC Ovidentia vacadma.php remote
> file include
> 100000392 || COMMUNITY WEB-MISC Ovidentia vacadm.php remote
> file include
> 100000393 || COMMUNITY WEB-MISC Ovidentia start.php remote
> file include
> 100000394 || COMMUNITY WEB-MISC Ovidentia search.php remote
> file include
> 100000395 || COMMUNITY WEB-MISC Ovidentia posts.php remote
> file include
> 100000396 || COMMUNITY WEB-MISC Ovidentia options.php remote
> file include
> 100000397 || COMMUNITY WEB-MISC Ovidentia login.php remote
> file include
> 100000398 || COMMUNITY WEB-MISC Ovidentia frchart.php remote
> file include
> 100000399 || COMMUNITY WEB-MISC Ovidentia flbchart.php remote
> file include 100000400 || COMMUNITY WEB-MISC Ovidentia
> fileman.php remote file include
> 100000401 || COMMUNITY WEB-MISC Ovidentia faq.php remote file include
> 100000402 || COMMUNITY WEB-MISC Ovidentia event.php remote
> file include
> 100000403 || COMMUNITY WEB-MISC Ovidentia directory.php
> remote file include
> 100000404 || COMMUNITY WEB-MISC Ovidentia articles.php remote
> file include
> 100000405 || COMMUNITY WEB-MISC Ovidentia artedit.php remote
> file include
> 100000406 || COMMUNITY WEB-MISC Ovidentia approb.php remote
> file include
> 100000407 || COMMUNITY WEB-MISC Ovidentia calday.php remote
> file include
> 100000408 || COMMUNITY WEB-MISC AssoCIateD cache_mngt.php
> remote file include
> 100000409 || COMMUNITY WEB-MISC AssoCIateD
> gallery_functions.php remote file include 100000410 ||
> COMMUNITY WEB-MISC REDAXO index.inc.php remote file include
> 100000411 || COMMUNITY WEB-MISC REDAXO index.inc.php remote
> file include
> 100000412 || COMMUNITY WEB-MISC REDAXO index.inc.php remote
> file include
> 100000413 || COMMUNITY WEB-MISC REDAXO index.inc.php remote
> file include
> 100000414 || COMMUNITY WEB-MISC REDAXO community.inc.php
> remote file include
> 100000415 || COMMUNITY WEB-MISC Bytehoard server.php remote
> file include
> 100000416 || COMMUNITY WEB-MISC MyBloggie admin.php remote
> file include
> 100000417 || COMMUNITY WEB-MISC MyBloggie scode.php remote
> file include
> 100000418 || COMMUNITY WEB-MISC Ashwebstudio Ashnews
> ashheadlines.php remote file include
> 100000419 || COMMUNITY WEB-MISC Ashwebstudio Ashnews
> ashnews.php remote file include 100000420 || COMMUNITY
> WEB-MISC Informium common-menu.php remote file include
> 100000421 || COMMUNITY WEB-MISC Igloo wiki.php remote file include
> 100000422 || COMMUNITY WEB-MISC phpBB template.php remote file include
> 100000423 || COMMUNITY WEB-MISC DotWidget CMS index.php
> remote file include
> 100000424 || COMMUNITY WEB-MISC DotWidget CMS feedback.php
> remote file include
> 100000425 || COMMUNITY WEB-MISC DotWidget CMS
> printfriendly.php remote file include
> 100000426 || COMMUNITY WEB-MISC DotClear prepend.php remote
> file include 100000430 || COMMUNITY WEB-MISC BlueShoes
> Bs_Faq.class.php remote file include
> 100000431 || COMMUNITY WEB-MISC BlueShoes
> fileBrowserInner.php remote file include
> 100000432 || COMMUNITY WEB-MISC BlueShoes file.php remote file include
> 100000433 || COMMUNITY WEB-MISC BlueShoes viewer.php remote
> file include
> 100000434 || COMMUNITY WEB-MISC BlueShoes
> Bs_ImageArchive.class.php remote file include
> 100000435 || COMMUNITY WEB-MISC BlueShoes
> Bs_Ml_User.class.php remote file include
> 100000436 || COMMUNITY WEB-MISC BlueShoes
> Bs_Wse_Profile.class.php remote file include
> 100000437 || COMMUNITY WEB-MISC CS-Cart
> class.cs_phpmailer.php remote file include
> 100000438 || COMMUNITY WEB-MISC Claroline mambo.inc.php
> remote file include
> 100000439 || COMMUNITY WEB-MISC Claroline postnuke.inc.php
> remote file include 100000440 || COMMUNITY WEB-MISC CyBoards
> common.php remote file include
> 100000441 || COMMUNITY WEB-MISC Wikiwig wk_lang.php remote
> file include
> 100000442 || COMMUNITY WEB-MISC MiraksGalerie pcltar.lib.php
> remote file include
> 100000443 || COMMUNITY WEB-MISC MiraksGalerie
> galimage.lib.php remote file include
> 100000444 || COMMUNITY WEB-MISC MiraksGalerie
> galsecurity.lib.php remote file include
> 100000463 || COMMUNITY WEB-PHP Joomla joomla.php remote file include
> 100000464 || COMMUNITY WEB-PHP LoveCompass AEPartner
> design.inc.php remote file include
> 100000465 || COMMUNITY WEB-PHP Empris sql_fcnsOLD.php remote
> file include
> 100000466 || COMMUNITY WEB-PHP Free QBoard post.php remote
> file include
> 100000467 || COMMUNITY WEB-PHP WebprojectDB nav.php remote
> file include
> 100000468 || COMMUNITY WEB-PHP WebprojectDB lang.php remote
> file include 100000470 || COMMUNITY WEB-PHP Foing
> manage_songs.php remote file include
> 100000478 || COMMUNITY WEB-PHP aWebNews visview.php remote
> file include
> 100000479 || COMMUNITY WEB-PHP CzarNews headlines.php remote
> file include 100000480 || COMMUNITY WEB-PHP Somery team.php
> remote file include
> 100000481 || COMMUNITY WEB-PHP Hinton Design PHPHG signed.php
> remote file include
> 100000482 || COMMUNITY WEB-PHP BoastMachine vote.php remote
> file include
> 100000483 || COMMUNITY WEB-PHP Wheatblog view_links.php
> remote file include
> 100000485 || COMMUNITY WEB-PHP RahnemaCo page.php remote file include
> 100000486 || COMMUNITY WEB-PHP PhpBlueDragon CMS template.php
> remote file include
> 100000487 || COMMUNITY WEB-PHP ISPConfig server.inc.php
> remote file include
> 100000488 || COMMUNITY WEB-PHP ISPConfig app.inc.php remote
> file include
> 100000489 || COMMUNITY WEB-PHP ISPConfig login.php remote
> file include 100000490 || COMMUNITY WEB-PHP ISPConfig
> trylogin.php remote file include
> 100000491 || COMMUNITY WEB-PHP DeluxeBB posting.php remote
> file include
> 100000492 || COMMUNITY WEB-PHP DeluxeBB newpm.php remote file include
> 100000493 || COMMUNITY WEB-PHP DeluxeBB postreply.php remote
> file include
> 100000499 || COMMUNITY WEB-PHP PictureDis thumstbl.php remote
> file include 100000500 || COMMUNITY WEB-PHP PictureDis
> wpfiles.php remote file include
> 100000501 || COMMUNITY WEB-PHP PictureDis wallpapr.php remote
> file include
> 100000502 || COMMUNITY WEB-PHP Ji-Takz tag.class.php remote
> file include
> 100000503 || COMMUNITY WEB-PHP Nucleus CMS action.php remote
> file include
> 100000504 || COMMUNITY WEB-PHP Nucleus CMS media.php remote
> file include
> 100000505 || COMMUNITY WEB-PHP Nucleus CMS server.php remote
> file include
> 100000506 || COMMUNITY WEB-PHP Nucleus CMS
> api_metaweblog.inc.php remote file include
> 100000507 || COMMUNITY WEB-PHP FlashChat adminips.php remote
> file include
> 100000509 || COMMUNITY WEB-PHP RahnemaCo page.php remote file include
> 100000518 || COMMUNITY WEB-PHP PHP Live Helper initiate.php
> remote file include
> 100000524 || COMMUNITY WEB-PHP Micro CMS microcms-include.php
> remote file include
> 100000545 || COMMUNITY WEB-PHP PHP Blue Dragon CMS
> team_admin.php remote file include
> 100000546 || COMMUNITY WEB-PHP PHP Blue Dragon CMS
> rss_admin.php remote file include
> 100000547 || COMMUNITY WEB-PHP PHP Blue Dragon CMS
> manual_admin.php remote file include
> 100000548 || COMMUNITY WEB-PHP PHP Blue Dragon CMS
> forum_admin.php remote file include
> 100000552 || COMMUNITY WEB-PHP SmartSiteCMS inc_foot.php
> remote file include
> 100000553 || COMMUNITY WEB-PHP PHPMySMS gateway.php remote
> file include 100000560 || COMMUNITY WEB-PHP eNpaper1
> root_header.php remote file include
> 100000569 || COMMUNITY WEB-PHP Indexu app_change_email.php
> remote file include 100000570 || COMMUNITY WEB-PHP Indexu
> app_change_pwd.php remote file include
> 100000571 || COMMUNITY WEB-PHP Indexu app_mod_rewrite.php
> remote file include
> 100000572 || COMMUNITY WEB-PHP Indexu app_page_caching.php
> remote file include
> 100000573 || COMMUNITY WEB-PHP Indexu app_setup.php remote
> file include
> 100000574 || COMMUNITY WEB-PHP Indexu cat_add.php remote file include
> 100000575 || COMMUNITY WEB-PHP Indexu cat_delete.php remote
> file include
> 100000576 || COMMUNITY WEB-PHP Indexu cat_edit.php remote file include
> 100000577 || COMMUNITY WEB-PHP Indexu cat_path_update.php
> remote file include
> 100000578 || COMMUNITY WEB-PHP Indexu cat_search.php remote
> file include
> 100000579 || COMMUNITY WEB-PHP Indexu cat_struc.php remote
> file include 100000580 || COMMUNITY WEB-PHP Indexu
> cat_view.php remote file include
> 100000581 || COMMUNITY WEB-PHP Indexu cat_view_hidden.php
> remote file include
> 100000582 || COMMUNITY WEB-PHP Indexu cat_view_hierarchy.php
> remote file include
> 100000583 || COMMUNITY WEB-PHP Indexu
> cat_view_registered_only.php remote file include
> 100000584 || COMMUNITY WEB-PHP Indexu checkurl_web.php remote
> file include
> 100000585 || COMMUNITY WEB-PHP Indexu db_alter.php remote file include
> 100000586 || COMMUNITY WEB-PHP Indexu db_alter_change.php
> remote file include
> 100000587 || COMMUNITY WEB-PHP Indexu db_backup.php remote
> file include
> 100000588 || COMMUNITY WEB-PHP Indexu db_export.php remote
> file include
> 100000589 || COMMUNITY WEB-PHP Indexu db_import.php remote
> file include 100000590 || COMMUNITY WEB-PHP Indexu
> editor_add.php remote file include
> 100000591 || COMMUNITY WEB-PHP Indexu editor_delete.php
> remote file include
> 100000592 || COMMUNITY WEB-PHP Indexu editor_validate.php
> remote file include
> 100000593 || COMMUNITY WEB-PHP Indexu head.php remote file include
> 100000594 || COMMUNITY WEB-PHP Indexu index.php remote file include
> 100000595 || COMMUNITY WEB-PHP Indexu inv_config.php remote
> file include
> 100000596 || COMMUNITY WEB-PHP Indexu inv_config_payment.php
> remote file include
> 100000597 || COMMUNITY WEB-PHP Indexu inv_create.php remote
> file include
> 100000598 || COMMUNITY WEB-PHP Indexu inv_delete.php remote
> file include
> 100000599 || COMMUNITY WEB-PHP Indexu inv_edit.php remote
> file include 100000600 || COMMUNITY WEB-PHP Indexu
> inv_markpaid.php remote file include
> 100000601 || COMMUNITY WEB-PHP Indexu inv_markunpaid.php
> remote file include
> 100000602 || COMMUNITY WEB-PHP Indexu inv_overdue.php remote
> file include
> 100000603 || COMMUNITY WEB-PHP Indexu inv_paid.php remote file include
> 100000604 || COMMUNITY WEB-PHP Indexu inv_send.php remote file include
> 100000605 || COMMUNITY WEB-PHP Indexu inv_unpaid.php remote
> file include
> 100000606 || COMMUNITY WEB-PHP Indexu lang_modify.php remote
> file include
> 100000607 || COMMUNITY WEB-PHP Indexu link_add.php remote file include
> 100000608 || COMMUNITY WEB-PHP Indexu link_bad.php remote file include
> 100000609 || COMMUNITY WEB-PHP Indexu link_bad_delete.php
> remote file include 100000610 || COMMUNITY WEB-PHP Indexu
> link_checkurl.php remote file include
> 100000611 || COMMUNITY WEB-PHP Indexu link_delete.php remote
> file include
> 100000612 || COMMUNITY WEB-PHP Indexu link_duplicate.php
> remote file include
> 100000613 || COMMUNITY WEB-PHP Indexu link_edit.php remote
> file include
> 100000614 || COMMUNITY WEB-PHP Indexu
> link_premium_listing.php remote file include
> 100000615 || COMMUNITY WEB-PHP Indexu
> link_premium_sponsored.php remote file include
> 100000616 || COMMUNITY WEB-PHP Indexu link_search.php remote
> file include
> 100000617 || COMMUNITY WEB-PHP Indexu
> link_sponsored_listing.php remote file include
> 100000618 || COMMUNITY WEB-PHP Indexu link_validate.php
> remote file include
> 100000619 || COMMUNITY WEB-PHP Indexu link_validate_edit.php
> remote file include 100000620 || COMMUNITY WEB-PHP Indexu
> link_view.php remote file include
> 100000621 || COMMUNITY WEB-PHP Indexu log_search.php remote
> file include
> 100000622 || COMMUNITY WEB-PHP Indexu mail_modify.php remote
> file include
> 100000623 || COMMUNITY WEB-PHP Indexu menu.php remote file include
> 100000624 || COMMUNITY WEB-PHP Indexu message_create.php
> remote file include
> 100000625 || COMMUNITY WEB-PHP Indexu message_delete.php
> remote file include
> 100000626 || COMMUNITY WEB-PHP Indexu message_edit.php remote
> file include
> 100000627 || COMMUNITY WEB-PHP Indexu message_send.php remote
> file include
> 100000628 || COMMUNITY WEB-PHP Indexu message_subscriber.php
> remote file include
> 100000629 || COMMUNITY WEB-PHP Indexu message_view.php remote
> file include 100000630 || COMMUNITY WEB-PHP Indexu
> review_validate.php remote file include
> 100000631 || COMMUNITY WEB-PHP Indexu
> review_validate_edit.php remote file include
> 100000632 || COMMUNITY WEB-PHP Indexu summary.php remote file include
> 100000633 || COMMUNITY WEB-PHP Indexu template_active.php
> remote file include
> 100000634 || COMMUNITY WEB-PHP Indexu template_add_custom.php
> remote file include
> 100000635 || COMMUNITY WEB-PHP Indexu template_delete.php
> remote file include
> 100000636 || COMMUNITY WEB-PHP Indexu
> template_delete_file.php remote file include
> 100000637 || COMMUNITY WEB-PHP Indexu template_duplicate.php
> remote file include
> 100000638 || COMMUNITY WEB-PHP Indexu template_export.php
> remote file include
> 100000639 || COMMUNITY WEB-PHP Indexu template_import.php
> remote file include 100000640 || COMMUNITY WEB-PHP Indexu
> template_manager.php remote file include
> 100000641 || COMMUNITY WEB-PHP Indexu template_modify.php
> remote file include
> 100000642 || COMMUNITY WEB-PHP Indexu
> template_modify_file.php remote file include
> 100000643 || COMMUNITY WEB-PHP Indexu template_rename.php
> remote file include
> 100000644 || COMMUNITY WEB-PHP Indexu user_add.php remote file include
> 100000645 || COMMUNITY WEB-PHP Indexu user_delete.php remote
> file include
> 100000646 || COMMUNITY WEB-PHP Indexu user_edit.php remote
> file include
> 100000647 || COMMUNITY WEB-PHP Indexu user_search.php remote
> file include
> 100000648 || COMMUNITY WEB-PHP Indexu whos.php remote file include
> 100000666 || COMMUNITY WEB-PHP Harpia files.php remote file include
> 100000667 || COMMUNITY WEB-PHP Harpia files.php remote file include
> 100000668 || COMMUNITY WEB-PHP Harpia pheader.php remote file include
> 100000669 || COMMUNITY WEB-PHP Harpia headlines.php remote
> file include 100000670 || COMMUNITY WEB-PHP Harpia
> web_statsConfig.php remote file include
> 100000671 || COMMUNITY WEB-PHP Harpia preload.php remote file include
> 100000672 || COMMUNITY WEB-PHP Harpia users.php remote file include
> 100000673 || COMMUNITY WEB-PHP Harpia web_statsConfig.php
> remote file include
> 100000674 || COMMUNITY WEB-PHP Harpia footer.php remote file include
> 100000675 || COMMUNITY WEB-PHP Harpia pfooter.php remote file include
> 100000676 || COMMUNITY WEB-PHP Harpia missing.php remote file include
> 100000677 || COMMUNITY WEB-PHP Harpia topics.php remote file include
> 100000678 || COMMUNITY WEB-PHP Harpia header.php remote file include
> 100000679 || COMMUNITY WEB-PHP Harpia index.php remote file
> include 100000680 || COMMUNITY WEB-PHP Harpia search.php
> remote file include
> 100000681 || COMMUNITY WEB-PHP Harpia header.php remote file include
> 100000682 || COMMUNITY WEB-PHP Harpia email.php remote file include
> 100000686 || COMMUNITY DOS EnergyMech parse_notice
> vulnerability - inbound
> 100000687 || COMMUNITY DOS EnergyMech parse_notice
> vulnerability - outbound
> 100000688 || COMMUNITY POLICY Ajax Remote Desktop Connection
> 100000690 || COMMUNITY SQL-INJECTION BXCP Sql Injection attempt
> 100000691 || COMMUNITY SQL-INJECTION Diesel Joke Script Sql
> Injection attempt
> 100000692 || COMMUNITY WEB-CLIENT midi file download attempt
> 100000693 || COMMUNITY WEB-CLIENT winamp midi file header
> overflow attempt
> 100000703 || COMMUNITY WEB-PHP Horde index.php show XSS attempt
> 100000704 || COMMUNITY WEB-PHP SmartSiteCMS comment.php
> remote file include
> 100000705 || COMMUNITY WEB-PHP SmartSiteCMS test.php remote
> file include
> 100000706 || COMMUNITY WEB-PHP SmartSiteCMS index.php remote
> file include
> 100000707 || COMMUNITY WEB-PHP SmartSiteCMS inc_adminfoot.php
> remote file include
> 100000708 || COMMUNITY WEB-PHP SmartSiteCMS comedit.php
> remote file include
> 100000711 || COMMUNITY WEB-PHP PHPRaid raids.php remote file include
> 100000712 || COMMUNITY WEB-PHP PHPRaid register.php remote
> file include
> 100000713 || COMMUNITY WEB-PHP PHPRaid roster.php remote file include
> 100000714 || COMMUNITY WEB-PHP PHPRaid view.php remote file include
> 100000715 || COMMUNITY WEB-PHP PHPRaid logs.php remote file include
> 100000716 || COMMUNITY WEB-PHP PHPRaid users.php remote file include
> 100000717 || COMMUNITY WEB-PHP PHPRaid configuration.php
> remote file include
> 100000718 || COMMUNITY WEB-PHP PHPRaid guilds.php remote file include
> 100000719 || COMMUNITY WEB-PHP PHPRaid index.php remote file
> include 100000720 || COMMUNITY WEB-PHP PHPRaid locations.php
> remote file include
> 100000721 || COMMUNITY WEB-PHP PHPRaid login.php remote file include
> 100000722 || COMMUNITY WEB-PHP PHPRaid lua_output.php remote
> file include
> 100000723 || COMMUNITY WEB-PHP PHPRaid permissions.php remote
> file include
> 100000724 || COMMUNITY WEB-PHP PHPRaid profile.php remote file include
> 100000728 || COMMUNITY WEB-PHP Geeklog functions.inc remote
> file include
> 100000729 || COMMUNITY WEB-PHP Geeklog functions.inc remote
> file include 100000730 || COMMUNITY WEB-PHP Geeklog
> BlackList.Examine.class.php remote file include
> 100000731 || COMMUNITY WEB-PHP Geeklog
> DeleteComment.Action.class.php remote file include
> 100000732 || COMMUNITY WEB-PHP Geeklog
> EditIPofURL.Admin.class.php remote file include
> 100000733 || COMMUNITY WEB-PHP Geeklog
> MTBlackList.Examine.class.php remote file include
> 100000734 || COMMUNITY WEB-PHP Geeklog
> MassDelete.Admin.class.php remote file include
> 100000735 || COMMUNITY WEB-PHP Geeklog
> MailAdmin.Action.class.php remote file include
> 100000736 || COMMUNITY WEB-PHP Geeklog
> MassDelTrackback.Admin.class.php remote file include
> 100000737 || COMMUNITY WEB-PHP Geeklog
> EditHeader.Admin.class.php remote file include
> 100000738 || COMMUNITY WEB-PHP Geeklog EditIP.Admin.class.php
> remote file include
> 100000739 || COMMUNITY WEB-PHP Geeklog
> IPofUrl.Examine.class.php remote file include 100000740 ||
> COMMUNITY WEB-PHP Geeklog Import.Admin.class.php remote file include
> 100000741 || COMMUNITY WEB-PHP Geeklog
> LogView.Admin.class.php remote file include
> 100000742 || COMMUNITY WEB-PHP Geeklog functions.inc remote
> file include
> 100000743 || COMMUNITY WEB-PHP Plume CMS dbinstall.php remote
> file include
> 100000746 || COMMUNITY WEB-PHP Randshop header.inc.php remote
> file include
> 100000747 || COMMUNITY WEB-PHP Plume CMS index.php remote file include
> 100000748 || COMMUNITY WEB-PHP Plume CMS rss.php remote file include
> 100000749 || COMMUNITY WEB-PHP Plume CMS search.php remote
> file include 100000750 || COMMUNITY WEB-PHP Free QBoard
> index.php remote file include
> 100000751 || COMMUNITY WEB-PHP Free QBoard about.php remote
> file include
> 100000752 || COMMUNITY WEB-PHP Free QBoard contact.php remote
> file include
> 100000753 || COMMUNITY WEB-PHP Free QBoard delete.php remote
> file include
> 100000754 || COMMUNITY WEB-PHP Free QBoard faq.php remote file include
> 100000755 || COMMUNITY WEB-PHP Free QBoard features.php
> remote file include
> 100000756 || COMMUNITY WEB-PHP Free QBoard history.php remote
> file include
> 100000762 || COMMUNITY WEB-PHP Randshop index.php remote file include
> 100000764 || COMMUNITY WEB-PHP MyPHP CMS global_header.php
> remote file include
> 100000766 || COMMUNITY WEB-PHP Blog CMS thumb.php remote file
> include 100000790 || COMMUNITY WEB-PHP Pivot edit_new.php
> remote file include
> 100000802 || COMMUNITY WEB-PHP BosClassifieds index.php
> remote file include
> 100000803 || COMMUNITY WEB-PHP BosClassifieds recent.php
> remote file include
> 100000804 || COMMUNITY WEB-PHP BosClassifieds account.php
> remote file include
> 100000805 || COMMUNITY WEB-PHP BosClassifieds classified.php
> remote file include
> 100000806 || COMMUNITY WEB-PHP BosClassifieds search.php
> remote file include
> 100000809 || COMMUNITY WEB-PHP RW Download stats.php remote
> file include 100000810 || COMMUNITY WEB-PHP PHPBB
> download.php remote file include
> 100000811 || COMMUNITY WEB-PHP PHPBB attach_rules.php remote
> file include
> 100000812 || COMMUNITY WEB-PHP SimpleBoard SBP index.php
> remote file include
> 100000813 || COMMUNITY WEB-PHP SimpleBoard SBP
> file_upload.php remote file include
> 100000814 || COMMUNITY WEB-PHP SimpleBoard SBP
> image_upload.php remote file include
> 100000815 || COMMUNITY WEB-PHP SimpleBoard SBP performs.php
> remote file include
> 100000816 || COMMUNITY WEB-PHP PC_CookBook pccookbook.php
> remote file include
> 100000817 || COMMUNITY WEB-PHP SMF Forum smf.php remote file include
> 100000836 || COMMUNITY WEB-PHP MiniBB com_minibb.php remote
> file include
> 100000837 || COMMUNITY WEB-PHP MiniBB index.php remote file include
> 100000839 || COMMUNITY WEB-PHP PHP Event Calendar
> calendar.php remote file include 100000840 || COMMUNITY
> WEB-PHP FlatNuke index.php remote file include
> 100000841 || COMMUNITY WEB-PHP PerForms performs.php remote
> file include
> 100000847 || COMMUNITY WEB-PHP Sitemap sitemap.xml.php remote
> file include 100000850 || COMMUNITY WEB-PHP IceWarp
> include.php remote file include
> 100000851 || COMMUNITY WEB-PHP IceWarp include.php remote file include
> 100000852 || COMMUNITY WEB-PHP IceWarp include.php remote file include
> 100000853 || COMMUNITY WEB-PHP IceWarp settings.html remote
> file include
> 100000854 || COMMUNITY WEB-PHP ListMessenger
> listmessenger.php remote file include
> 100000861 || COMMUNITY WEB-PHP FlushCMS class.rich.php remote
> file include
> 100000862 || COMMUNITY WEB-PHP FlushCMS class.rich.php remote
> file include
> 100000864 || COMMUNITY WEB-CLIENT tsuserex.dll COM Object
> Instantiation Vulnerability
> 100000865 || COMMUNITY WEB-PHP powergap remote file Inclusion
> Exploit s01
> 100000866 || COMMUNITY WEB-PHP powergap remote file Inclusion
> Exploit s02
> 100000867 || COMMUNITY WEB-PHP powergap remote file Inclusion
> Exploit s03
> 100000868 || COMMUNITY WEB-PHP powergap remote file Inclusion
> Exploit s04
> 100000869 || COMMUNITY WEB-PHP powergap remote file Inclusion
> Exploit sid variant 100000870 || COMMUNITY WEB-PHP powergap
> remote file inclusion exploit sid variant 2
> 100000871 || COMMUNITY WEB-PHP CubeCart XSS attack
> 100000872 || COMMUNITY WEB-PHP CubeCart XSS attack
> 100000873 || COMMUNITY WEB-PHP discloser 0.0.4 Remote File Inclusion
> 100000874 || COMMUNITY MISC DLR-TOR Directory server response
> 100000878 || COMMUNITY WEB-CGI Roller Weblog XSS exploit
> 100000879 || COMMUNITY WEB-CGI Roller Weblog XSS exploit
> 100000880 || COMMUNITY WEB-CGI Roller Weblog XSS exploit
> 100000882 || COMMUNITY WEB-PHP PHP Live Helper globals.php
> remote file include
> 100000883 || COMMUNITY WEB-PHP Inlink remote file inclusion exploit
> 100000884 || COMMUNITY WEB-MISC SimpleBlog Remote SQL
> Injection attempt
> 100000885 || COMMUNITY WEB-PHP pHNews access attempt
> 100000886 || COMMUNITY WEB-PHP Proxima access attempt
> 100000887 || COMMUNITY WEB-PHP pmwiki exploit attempt
> 100000888 || COMMUNITY WEB-PHP tikiwiki exploit attempt
> 100000889 || COMMUNITY WEB-PHP yappa-ng exploit attempt
> 100000892 || COMMUNITY MISC Q.931 Invalid Call Reference
> Length Buffer Overflow
>
> --------------------------------------------------------------
> -----------
> Using Tomcat but need to do more? Need to support web
> services, security?
> Get stuff done quickly with pre-integrated technology to make
> your job easier Download IBM WebSphere Application Server
> v.1.0.1 based on Apache Geronimo
> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&
> dat=121642
> _______________________________________________
> Snort-sigs mailing list
> Snort-sigs at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/snort-sigs
>
>






More information about the Snort-sigs mailing list