[Snort-sigs] Bleeding Edge Threats Daily Signature Changes

bleeding at ...3254... bleeding at ...3254...
Tue Jun 12 16:00:13 EDT 2007


[***] Results from Oinkmaster started Tue Jun 12 16:00:13 2007 [***]

[+++]          Added rules:          [+++]

 2005180 - BLEEDING-EDGE WEB PHPWind SQL Injection Attempt -- admin.php  INSERT (bleeding-web.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-sid-msg.map (1):
        2005180 || BLEEDING-EDGE WEB PHPWind SQL Injection Attempt -- admin.php  INSERT || url,www.milw0rm.com/exploits/2759 || cve,CVE-2006-7101

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-web.rules (1):
        alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB PHPWind SQL Injection Attempt -- admin.php  INSERT"; flow:established,to_server; uricontent:"/admin.php?"; nocase; pcre:"/INSERT.+INTO/Ui"; classtype:web-application-attack; reference:cve,CVE-2006-7101; reference:url,www.milw0rm.com/exploits/2759; sid:200i5180; rev:1;)





More information about the Snort-sigs mailing list