[Snort-sigs] Bleeding Edge Threats Daily Signature Changes

bleeding at ...3254... bleeding at ...3254...
Fri May 18 16:00:07 EDT 2007


[***] Results from Oinkmaster started Fri May 18 16:00:07 2007 [***]

[+++]          Added rules:          [+++]

 2003748 - BLEEDING-EDGE MALWARE Detnat.AZ related User-Agent (RookIE) (bleeding-malware.rules)
 2003749 - BLEEDING-EDGE MALWARE QQHelper related Spyware User-Agent (H) (bleeding-malware.rules)
 2003750 - BLEEDING-EDGE EXPLOIT CA Brightstor ARCServe caloggerd DoS (bleeding-exploit.rules)
 2003751 - BLEEDING-EDGE EXPLOIT CA Brightstor ARCServe Mediasvr DoS (bleeding-exploit.rules)
 2003752 - BLEEDING-EDGE WEB CreaScripts CreaDirectory SQL Injection Attempt -- error.asp id SELECT (bleeding-web.rules)
 2003753 - BLEEDING-EDGE WEB CreaScripts CreaDirectory SQL Injection Attempt -- error.asp id UNION SELECT (bleeding-web.rules)
 2003754 - BLEEDING-EDGE WEB CreaScripts CreaDirectory SQL Injection Attempt -- error.asp id INSERT (bleeding-web.rules)
 2003755 - BLEEDING-EDGE WEB CreaScripts CreaDirectory SQL Injection Attempt -- error.asp id DELETE (bleeding-web.rules)
 2003756 - BLEEDING-EDGE WEB CreaScripts CreaDirectory SQL Injection Attempt -- error.asp id ASCII (bleeding-web.rules)
 2003757 - BLEEDING-EDGE WEB CreaScripts CreaDirectory SQL Injection Attempt -- error.asp id UPDATE (bleeding-web.rules)
 2003758 - BLEEDING-EDGE WEB John Mordo Jobs SQL Injection Attempt -- index.php cid SELECT (bleeding-web.rules)
 2003759 - BLEEDING-EDGE WEB John Mordo Jobs SQL Injection Attempt -- index.php cid UNION SELECT (bleeding-web.rules)
 2003760 - BLEEDING-EDGE WEB John Mordo Jobs SQL Injection Attempt -- index.php cid INSERT (bleeding-web.rules)
 2003761 - BLEEDING-EDGE WEB John Mordo Jobs SQL Injection Attempt -- index.php cid DELETE (bleeding-web.rules)
 2003762 - BLEEDING-EDGE WEB John Mordo Jobs SQL Injection Attempt -- index.php cid ASCII (bleeding-web.rules)
 2003763 - BLEEDING-EDGE WEB John Mordo Jobs SQL Injection Attempt -- index.php cid UPDATE (bleeding-web.rules)
 2003764 - BLEEDING-EDGE WEB WF-Links (wflinks) SQL Injection Attempt -- viewcat.php cid SELECT (bleeding-web.rules)
 2003765 - BLEEDING-EDGE WEB WF-Links (wflinks) SQL Injection Attempt -- viewcat.php cid UNION SELECT (bleeding-web.rules)
 2003766 - BLEEDING-EDGE WEB WF-Links (wflinks) SQL Injection Attempt -- viewcat.php cid INSERT (bleeding-web.rules)
 2003767 - BLEEDING-EDGE WEB WF-Links (wflinks) SQL Injection Attempt -- viewcat.php cid DELETE (bleeding-web.rules)
 2003768 - BLEEDING-EDGE WEB WF-Links (wflinks) SQL Injection Attempt -- viewcat.php cid ASCII (bleeding-web.rules)
 2003769 - BLEEDING-EDGE WEB WF-Links (wflinks) SQL Injection Attempt -- viewcat.php cid UPDATE (bleeding-web.rules)
 2003770 - BLEEDING-EDGE WEB E-Annu SQL Injection Attempt -- home.php a SELECT (bleeding-web.rules)
 2003771 - BLEEDING-EDGE WEB E-Annu SQL Injection Attempt -- home.php a UNION SELECT (bleeding-web.rules)
 2003772 - BLEEDING-EDGE WEB E-Annu SQL Injection Attempt -- home.php a INSERT (bleeding-web.rules)
 2003773 - BLEEDING-EDGE WEB E-Annu SQL Injection Attempt -- home.php a DELETE (bleeding-web.rules)
 2003774 - BLEEDING-EDGE WEB E-Annu SQL Injection Attempt -- home.php a ASCII (bleeding-web.rules)
 2003775 - BLEEDING-EDGE WEB E-Annu SQL Injection Attempt -- home.php a UPDATE (bleeding-web.rules)
 2003776 - BLEEDING-EDGE WEB Burak Yilmaz Blog SQL Injection Attempt -- bry.asp id SELECT (bleeding-web.rules)
 2003777 - BLEEDING-EDGE WEB Burak Yilmaz Blog SQL Injection Attempt -- bry.asp id UNION SELECT (bleeding-web.rules)
 2003778 - BLEEDING-EDGE WEB Burak Yilmaz Blog SQL Injection Attempt -- bry.asp id INSERT (bleeding-web.rules)
 2003779 - BLEEDING-EDGE WEB Burak Yilmaz Blog SQL Injection Attempt -- bry.asp id DELETE (bleeding-web.rules)
 2003780 - BLEEDING-EDGE WEB Burak Yilmaz Blog SQL Injection Attempt -- bry.asp id ASCII (bleeding-web.rules)
 2003781 - BLEEDING-EDGE WEB Burak Yilmaz Blog SQL Injection Attempt -- bry.asp id UPDATE (bleeding-web.rules)
 2003782 - BLEEDING-EDGE WEB pnFlashGames SQL Injection Attempt -- index.php cid SELECT (bleeding-web.rules)
 2003783 - BLEEDING-EDGE WEB pnFlashGames SQL Injection Attempt -- index.php cid UNION SELECT (bleeding-web.rules)
 2003784 - BLEEDING-EDGE WEB pnFlashGames SQL Injection Attempt -- index.php cid INSERT (bleeding-web.rules)
 2003785 - BLEEDING-EDGE WEB pnFlashGames SQL Injection Attempt -- index.php cid DELETE (bleeding-web.rules)
 2003786 - BLEEDING-EDGE WEB pnFlashGames SQL Injection Attempt -- index.php cid ASCII (bleeding-web.rules)
 2003787 - BLEEDING-EDGE WEB pnFlashGames SQL Injection Attempt -- index.php cid UPDATE (bleeding-web.rules)
 2003788 - BLEEDING-EDGE WEB FileRun SQL Injection Attempt -- index.php fid SELECT (bleeding-web.rules)
 2003789 - BLEEDING-EDGE WEB FileRun SQL Injection Attempt -- index.php fid UNION SELECT (bleeding-web.rules)
 2003790 - BLEEDING-EDGE WEB FileRun SQL Injection Attempt -- index.php fid INSERT (bleeding-web.rules)
 2003791 - BLEEDING-EDGE WEB FileRun SQL Injection Attempt -- index.php fid DELETE (bleeding-web.rules)
 2003792 - BLEEDING-EDGE WEB FileRun SQL Injection Attempt -- index.php fid ASCII (bleeding-web.rules)
 2003793 - BLEEDING-EDGE WEB FileRun SQL Injection Attempt -- index.php fid UPDATE (bleeding-web.rules)
 2003794 - BLEEDING-EDGE WEB CMS Made Simple SQL Injection Attempt -- stylesheet.php templateid SELECT (bleeding-web.rules)
 2003795 - BLEEDING-EDGE WEB CMS Made Simple SQL Injection Attempt -- stylesheet.php templateid UNION SELECT (bleeding-web.rules)
 2003796 - BLEEDING-EDGE WEB CMS Made Simple SQL Injection Attempt -- stylesheet.php templateid DELETE (bleeding-web.rules)
 2003797 - BLEEDING-EDGE WEB CMS Made Simple SQL Injection Attempt -- stylesheet.php templateid ASCII (bleeding-web.rules)
 2003798 - BLEEDING-EDGE WEB CMS Made Simple SQL Injection Attempt -- stylesheet.php templateid UPDATE (bleeding-web.rules)
 2003799 - BLEEDING-EDGE WEB v4bJournal module PostNuke SQL Injection Attempt -- index.php id SELECT (bleeding-web.rules)
 2003800 - BLEEDING-EDGE WEB v4bJournal module PostNuke SQL Injection Attempt -- index.php id UNION SELECT (bleeding-web.rules)
 2003801 - BLEEDING-EDGE WEB v4bJournal module PostNuke SQL Injection Attempt -- index.php id INSERT (bleeding-web.rules)
 2003802 - BLEEDING-EDGE WEB v4bJournal module PostNuke SQL Injection Attempt -- index.php id DELETE (bleeding-web.rules)
 2003803 - BLEEDING-EDGE WEB v4bJournal module PostNuke SQL Injection Attempt -- index.php id ASCII (bleeding-web.rules)
 2003804 - BLEEDING-EDGE WEB v4bJournal module PostNuke SQL Injection Attempt -- index.php id UPDATE (bleeding-web.rules)
 2003805 - BLEEDING-EDGE WEB phpHoo3 SQL Injection Attempt -- admin.php ADMIN_USER SELECT (bleeding-web.rules)
 2003806 - BLEEDING-EDGE WEB phpHoo3 SQL Injection Attempt -- admin.php ADMIN_USER UNION SELECT (bleeding-web.rules)
 2003807 - BLEEDING-EDGE WEB phpHoo3 SQL Injection Attempt -- admin.php ADMIN_USER INSERT (bleeding-web.rules)
 2003808 - BLEEDING-EDGE WEB phpHoo3 SQL Injection Attempt -- admin.php ADMIN_USER DELETE (bleeding-web.rules)
 2003809 - BLEEDING-EDGE WEB phpHoo3 SQL Injection Attempt -- admin.php ADMIN_USER ASCII (bleeding-web.rules)
 2003810 - BLEEDING-EDGE WEB phpHoo3 SQL Injection Attempt -- admin.php ADMIN_USER UPDATE (bleeding-web.rules)
 2003811 - BLEEDING-EDGE WEB phpHoo3 SQL Injection Attempt -- admin.php ADMIN_PASS SELECT (bleeding-web.rules)
 2003812 - BLEEDING-EDGE WEB phpHoo3 SQL Injection Attempt -- admin.php ADMIN_PASS UNION SELECT (bleeding-web.rules)
 2003813 - BLEEDING-EDGE WEB phpHoo3 SQL Injection Attempt -- admin.php ADMIN_PASS INSERT (bleeding-web.rules)
 2003814 - BLEEDING-EDGE WEB phpHoo3 SQL Injection Attempt -- admin.php ADMIN_PASS DELETE (bleeding-web.rules)
 2003815 - BLEEDING-EDGE WEB phpHoo3 SQL Injection Attempt -- admin.php ADMIN_PASS ASCII (bleeding-web.rules)
 2003816 - BLEEDING-EDGE WEB phpHoo3 SQL Injection Attempt -- admin.php ADMIN_PASS UPDATE (bleeding-web.rules)
 2003817 - BLEEDING-EDGE WEB RunCms SQL Injection Attempt -- debug_show.php executed_queries SELECT (bleeding-web.rules)
 2003818 - BLEEDING-EDGE WEB RunCms SQL Injection Attempt -- debug_show.php executed_queries UNION SELECT (bleeding-web.rules)
 2003819 - BLEEDING-EDGE WEB RunCms SQL Injection Attempt -- debug_show.php executed_queries INSERT (bleeding-web.rules)
 2003820 - BLEEDING-EDGE WEB RunCms SQL Injection Attempt -- debug_show.php executed_queries DELETE (bleeding-web.rules)
 2003821 - BLEEDING-EDGE WEB RunCms SQL Injection Attempt -- debug_show.php executed_queries ASCII (bleeding-web.rules)
 2003822 - BLEEDING-EDGE WEB RunCms SQL Injection Attempt -- debug_show.php executed_queries UPDATE (bleeding-web.rules)
 2003823 - BLEEDING-EDGE WEB Flashgames SQL Injection Attempt -- game.php lid SELECT (bleeding-web.rules)
 2003824 - BLEEDING-EDGE WEB Flashgames SQL Injection Attempt -- game.php lid UNION SELECT (bleeding-web.rules)
 2003825 - BLEEDING-EDGE WEB Flashgames SQL Injection Attempt -- game.php lid INSERT (bleeding-web.rules)
 2003826 - BLEEDING-EDGE WEB Flashgames SQL Injection Attempt -- game.php lid DELETE (bleeding-web.rules)
 2003827 - BLEEDING-EDGE WEB Flashgames SQL Injection Attempt -- game.php lid ASCII (bleeding-web.rules)
 2003828 - BLEEDING-EDGE WEB Flashgames SQL Injection Attempt -- game.php lid UPDATE (bleeding-web.rules)
 2003829 - BLEEDING-EDGE WEB ResManager SQL Injection Attempt -- edit_day.php id_reserv SELECT (bleeding-web.rules)
 2003830 - BLEEDING-EDGE WEB ResManager SQL Injection Attempt -- edit_day.php id_reserv UNION SELECT (bleeding-web.rules)
 2003831 - BLEEDING-EDGE WEB ResManager SQL Injection Attempt -- edit_day.php id_reserv INSERT (bleeding-web.rules)
 2003832 - BLEEDING-EDGE WEB ResManager SQL Injection Attempt -- edit_day.php id_reserv DELETE (bleeding-web.rules)
 2003833 - BLEEDING-EDGE WEB ResManager SQL Injection Attempt -- edit_day.php id_reserv ASCII (bleeding-web.rules)
 2003834 - BLEEDING-EDGE WEB ResManager SQL Injection Attempt -- edit_day.php id_reserv UPDATE (bleeding-web.rules)
 2003835 - BLEEDING-EDGE WEB MyConference SQL Injection Attempt -- index.php cid SELECT (bleeding-web.rules)
 2003836 - BLEEDING-EDGE WEB MyConference SQL Injection Attempt -- index.php cid UNION SELECT (bleeding-web.rules)
 2003837 - BLEEDING-EDGE WEB MyConference SQL Injection Attempt -- index.php cid INSERT (bleeding-web.rules)
 2003838 - BLEEDING-EDGE WEB MyConference SQL Injection Attempt -- index.php cid DELETE (bleeding-web.rules)
 2003839 - BLEEDING-EDGE WEB MyConference SQL Injection Attempt -- index.php cid ASCII (bleeding-web.rules)
 2003840 - BLEEDING-EDGE WEB MyConference SQL Injection Attempt -- index.php cid UPDATE (bleeding-web.rules)
 2003841 - BLEEDING-EDGE WEB Glossaire SQL Injection Attempt -- glossaire-p-f.php sid UNION SELECT (bleeding-web.rules)
 2003842 - BLEEDING-EDGE WEB Glossaire SQL Injection Attempt -- glossaire-p-f.php sid INSERT (bleeding-web.rules)
 2003843 - BLEEDING-EDGE WEB Glossaire SQL Injection Attempt -- glossaire-p-f.php sid DELETE (bleeding-web.rules)
 2003844 - BLEEDING-EDGE WEB Glossaire SQL Injection Attempt -- glossaire-p-f.php sid ASCII (bleeding-web.rules)
 2003845 - BLEEDING-EDGE WEB Glossaire SQL Injection Attempt -- glossaire-p-f.php sid UPDATE (bleeding-web.rules)
 2003846 - BLEEDING-EDGE WEB FAQEngine SQL Injection Attempt -- question.php questionref SELECT (bleeding-web.rules)
 2003847 - BLEEDING-EDGE WEB FAQEngine SQL Injection Attempt -- question.php questionref UNION SELECT (bleeding-web.rules)
 2003848 - BLEEDING-EDGE WEB FAQEngine SQL Injection Attempt -- question.php questionref INSERT (bleeding-web.rules)
 2003849 - BLEEDING-EDGE WEB FAQEngine SQL Injection Attempt -- question.php questionref DELETE (bleeding-web.rules)
 2003850 - BLEEDING-EDGE WEB FAQEngine SQL Injection Attempt -- question.php questionref ASCII (bleeding-web.rules)
 2003851 - BLEEDING-EDGE WEB FAQEngine SQL Injection Attempt -- question.php questionref UPDATE (bleeding-web.rules)
 2003852 - BLEEDING-EDGE WEB SimpNews SQL Injection Attempt -- print.php newsnr SELECT (bleeding-web.rules)
 2003853 - BLEEDING-EDGE WEB SimpNews SQL Injection Attempt -- print.php newsnr UNION SELECT (bleeding-web.rules)
 2003854 - BLEEDING-EDGE WEB SimpNews SQL Injection Attempt -- print.php newsnr INSERT (bleeding-web.rules)
 2003855 - BLEEDING-EDGE WEB SimpNews SQL Injection Attempt -- print.php newsnr DELETE (bleeding-web.rules)
 2003856 - BLEEDING-EDGE WEB SimpNews SQL Injection Attempt -- print.php newsnr ASCII (bleeding-web.rules)
 2003857 - BLEEDING-EDGE WEB SimpNews SQL Injection Attempt -- print.php newsnr UPDATE (bleeding-web.rules)
 2003858 - BLEEDING-EDGE WEB RunawaySoft Haber portal 1.0 SQL Injection Attempt -- devami.asp id SELECT (bleeding-web.rules)
 2003859 - BLEEDING-EDGE WEB RunawaySoft Haber portal 1.0 SQL Injection Attempt -- devami.asp id UNION SELECT (bleeding-web.rules)
 2003860 - BLEEDING-EDGE WEB RunawaySoft Haber portal 1.0 SQL Injection Attempt -- devami.asp id INSERT (bleeding-web.rules)
 2003861 - BLEEDING-EDGE WEB RunawaySoft Haber portal 1.0 SQL Injection Attempt -- devami.asp id DELETE (bleeding-web.rules)
 2003862 - BLEEDING-EDGE WEB RunawaySoft Haber portal 1.0 SQL Injection Attempt -- devami.asp id ASCII (bleeding-web.rules)
 2003863 - BLEEDING-EDGE WEB RunawaySoft Haber portal 1.0 SQL Injection Attempt -- devami.asp id UPDATE (bleeding-web.rules)
 2404006 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 7)  (bleeding-botcc.rules)
 2405006 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 7) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)


[///]     Modified active rules:     [///]

 2400000 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2400001 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2400002 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2400003 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2400004 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2401000 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401001 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401002 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401003 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401004 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2402000 - BLEEDING-EDGE DROP Dshield Block Listed Source (bleeding-dshield.rules)
 2403000 - BLEEDING-EDGE DROP Dshield Block Listed Source - BLOCKING (bleeding-dshield-BLOCK.rules)
 2404000 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 1)  (bleeding-botcc.rules)
 2404001 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 2)  (bleeding-botcc.rules)
 2404002 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 3)  (bleeding-botcc.rules)
 2404003 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 4)  (bleeding-botcc.rules)
 2404004 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 5)  (bleeding-botcc.rules)
 2404005 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 6)  (bleeding-botcc.rules)
 2405000 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 1) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2405001 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 2) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2405002 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 3) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2405003 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 4) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2405004 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 5) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2405005 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 6) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-drop-BLOCK.rules (1):
        #  VERSION 187

     -> Added to bleeding-drop.rules (1):
        #  VERSION 187

     -> Added to bleeding-exploit.rules (1):
        #by shirkdog as well

     -> Added to bleeding-malware.rules (1):
        #from sandnet analysis

     -> Added to bleeding-sid-msg.map (118):
        2003748 || BLEEDING-EDGE MALWARE Detnat.AZ related User-Agent (RookIE)
        2003749 || BLEEDING-EDGE MALWARE QQHelper related Spyware User-Agent (H)
        2003750 || BLEEDING-EDGE EXPLOIT CA Brightstor ARCServe caloggerd DoS || url,www.milw0rm.com/exploits/3939
        2003751 || BLEEDING-EDGE EXPLOIT CA Brightstor ARCServe Mediasvr DoS || url, www.milw0rm.com/exploits/3940
        2003752 || BLEEDING-EDGE WEB CreaScripts CreaDirectory SQL Injection Attempt -- error.asp id SELECT || url,www.milw0rm.com/exploits/3767 || cve,CVE-2007-2342
        2003753 || BLEEDING-EDGE WEB CreaScripts CreaDirectory SQL Injection Attempt -- error.asp id UNION SELECT || url,www.milw0rm.com/exploits/3767 || cve,CVE-2007-2342
        2003754 || BLEEDING-EDGE WEB CreaScripts CreaDirectory SQL Injection Attempt -- error.asp id INSERT || url,www.milw0rm.com/exploits/3767 || cve,CVE-2007-2342
        2003755 || BLEEDING-EDGE WEB CreaScripts CreaDirectory SQL Injection Attempt -- error.asp id DELETE || url,www.milw0rm.com/exploits/3767 || cve,CVE-2007-2342
        2003756 || BLEEDING-EDGE WEB CreaScripts CreaDirectory SQL Injection Attempt -- error.asp id ASCII || url,www.milw0rm.com/exploits/3767 || cve,CVE-2007-2342
        2003757 || BLEEDING-EDGE WEB CreaScripts CreaDirectory SQL Injection Attempt -- error.asp id UPDATE || url,www.milw0rm.com/exploits/3767 || cve,CVE-2007-2342
        2003758 || BLEEDING-EDGE WEB John Mordo Jobs SQL Injection Attempt -- index.php cid SELECT || url,www.milw0rm.com/exploits/3672 || cve,CVE-2007-2370
        2003759 || BLEEDING-EDGE WEB John Mordo Jobs SQL Injection Attempt -- index.php cid UNION SELECT || url,www.milw0rm.com/exploits/3672 || cve,CVE-2007-2370
        2003760 || BLEEDING-EDGE WEB John Mordo Jobs SQL Injection Attempt -- index.php cid INSERT || url,www.milw0rm.com/exploits/3672 || cve,CVE-2007-2370
        2003761 || BLEEDING-EDGE WEB John Mordo Jobs SQL Injection Attempt -- index.php cid DELETE || url,www.milw0rm.com/exploits/3672 || cve,CVE-2007-2370
        2003762 || BLEEDING-EDGE WEB John Mordo Jobs SQL Injection Attempt -- index.php cid ASCII || url,www.milw0rm.com/exploits/3672 || cve,CVE-2007-2370
        2003763 || BLEEDING-EDGE WEB John Mordo Jobs SQL Injection Attempt -- index.php cid UPDATE || url,www.milw0rm.com/exploits/3672 || cve,CVE-2007-2370
        2003764 || BLEEDING-EDGE WEB WF-Links (wflinks) SQL Injection Attempt -- viewcat.php cid SELECT || url,www.milw0rm.com/exploits/3670 || cve,CVE-2007-2373
        2003765 || BLEEDING-EDGE WEB WF-Links (wflinks) SQL Injection Attempt -- viewcat.php cid UNION SELECT || url,www.milw0rm.com/exploits/3670 || cve,CVE-2007-2373
        2003766 || BLEEDING-EDGE WEB WF-Links (wflinks) SQL Injection Attempt -- viewcat.php cid INSERT || url,www.milw0rm.com/exploits/3670 || cve,CVE-2007-2373
        2003767 || BLEEDING-EDGE WEB WF-Links (wflinks) SQL Injection Attempt -- viewcat.php cid DELETE || url,www.milw0rm.com/exploits/3670 || cve,CVE-2007-2373
        2003768 || BLEEDING-EDGE WEB WF-Links (wflinks) SQL Injection Attempt -- viewcat.php cid ASCII || url,www.milw0rm.com/exploits/3670 || cve,CVE-2007-2373
        2003769 || BLEEDING-EDGE WEB WF-Links (wflinks) SQL Injection Attempt -- viewcat.php cid UPDATE || url,www.milw0rm.com/exploits/3670 || cve,CVE-2007-2373
        2003770 || BLEEDING-EDGE WEB E-Annu SQL Injection Attempt -- home.php a SELECT || url,www.securityfocus.com/bid/23727 || cve,CVE-2007-2416
        2003771 || BLEEDING-EDGE WEB E-Annu SQL Injection Attempt -- home.php a UNION SELECT || url,www.securityfocus.com/bid/23727 || cve,CVE-2007-2416
        2003772 || BLEEDING-EDGE WEB E-Annu SQL Injection Attempt -- home.php a INSERT || url,www.securityfocus.com/bid/23727 || cve,CVE-2007-2416
        2003773 || BLEEDING-EDGE WEB E-Annu SQL Injection Attempt -- home.php a DELETE || url,www.securityfocus.com/bid/23727 || cve,CVE-2007-2416
        2003774 || BLEEDING-EDGE WEB E-Annu SQL Injection Attempt -- home.php a ASCII || url,www.securityfocus.com/bid/23727 || cve,CVE-2007-2416
        2003775 || BLEEDING-EDGE WEB E-Annu SQL Injection Attempt -- home.php a UPDATE || url,www.securityfocus.com/bid/23727 || cve,CVE-2007-2416
        2003776 || BLEEDING-EDGE WEB Burak Yilmaz Blog SQL Injection Attempt -- bry.asp id SELECT || url,www.securityfocus.com/bid/23678 || cve,CVE-2007-2420
        2003777 || BLEEDING-EDGE WEB Burak Yilmaz Blog SQL Injection Attempt -- bry.asp id UNION SELECT || url,www.securityfocus.com/bid/23678 || cve,CVE-2007-2420
        2003778 || BLEEDING-EDGE WEB Burak Yilmaz Blog SQL Injection Attempt -- bry.asp id INSERT || url,www.securityfocus.com/bid/23678 || cve,CVE-2007-2420
        2003779 || BLEEDING-EDGE WEB Burak Yilmaz Blog SQL Injection Attempt -- bry.asp id DELETE || url,www.securityfocus.com/bid/23678 || cve,CVE-2007-2420
        2003780 || BLEEDING-EDGE WEB Burak Yilmaz Blog SQL Injection Attempt -- bry.asp id ASCII || url,www.securityfocus.com/bid/23678 || cve,CVE-2007-2420
        2003781 || BLEEDING-EDGE WEB Burak Yilmaz Blog SQL Injection Attempt -- bry.asp id UPDATE || url,www.securityfocus.com/bid/23678 || cve,CVE-2007-2420
        2003782 || BLEEDING-EDGE WEB pnFlashGames SQL Injection Attempt -- index.php cid SELECT || url,www.milw0rm.com/exploits/3813 || cve,CVE-2007-2427
        2003783 || BLEEDING-EDGE WEB pnFlashGames SQL Injection Attempt -- index.php cid UNION SELECT || url,www.milw0rm.com/exploits/3813 || cve,CVE-2007-2427
        2003784 || BLEEDING-EDGE WEB pnFlashGames SQL Injection Attempt -- index.php cid INSERT || url,www.milw0rm.com/exploits/3813 || cve,CVE-2007-2427
        2003785 || BLEEDING-EDGE WEB pnFlashGames SQL Injection Attempt -- index.php cid DELETE || url,www.milw0rm.com/exploits/3813 || cve,CVE-2007-2427
        2003786 || BLEEDING-EDGE WEB pnFlashGames SQL Injection Attempt -- index.php cid ASCII || url,www.milw0rm.com/exploits/3813 || cve,CVE-2007-2427
        2003787 || BLEEDING-EDGE WEB pnFlashGames SQL Injection Attempt -- index.php cid UPDATE || url,www.milw0rm.com/exploits/3813 || cve,CVE-2007-2427
        2003788 || BLEEDING-EDGE WEB FileRun SQL Injection Attempt -- index.php fid SELECT || url,www.securityfocus.com/bid/23752 || cve,CVE-2007-2469
        2003789 || BLEEDING-EDGE WEB FileRun SQL Injection Attempt -- index.php fid UNION SELECT || url,www.securityfocus.com/bid/23752 || cve,CVE-2007-2469
        2003790 || BLEEDING-EDGE WEB FileRun SQL Injection Attempt -- index.php fid INSERT || url,www.securityfocus.com/bid/23752 || cve,CVE-2007-2469
        2003791 || BLEEDING-EDGE WEB FileRun SQL Injection Attempt -- index.php fid DELETE || url,www.securityfocus.com/bid/23752 || cve,CVE-2007-2469
        2003792 || BLEEDING-EDGE WEB FileRun SQL Injection Attempt -- index.php fid ASCII || url,www.securityfocus.com/bid/23752 || cve,CVE-2007-2469
        2003793 || BLEEDING-EDGE WEB FileRun SQL Injection Attempt -- index.php fid UPDATE || url,www.securityfocus.com/bid/23752 || cve,CVE-2007-2469
        2003794 || BLEEDING-EDGE WEB CMS Made Simple SQL Injection Attempt -- stylesheet.php templateid SELECT || url,www.securityfocus.com/bid/23753 || cve,CVE-2007-2473
        2003795 || BLEEDING-EDGE WEB CMS Made Simple SQL Injection Attempt -- stylesheet.php templateid UNION SELECT || url,www.securityfocus.com/bid/23753 || cve,CVE-2007-2473
        2003796 || BLEEDING-EDGE WEB CMS Made Simple SQL Injection Attempt -- stylesheet.php templateid DELETE || url,www.securityfocus.com/bid/23753 || cve,CVE-2007-2473
        2003797 || BLEEDING-EDGE WEB CMS Made Simple SQL Injection Attempt -- stylesheet.php templateid ASCII || url,www.securityfocus.com/bid/23753 || cve,CVE-2007-2473
        2003798 || BLEEDING-EDGE WEB CMS Made Simple SQL Injection Attempt -- stylesheet.php templateid UPDATE || url,www.securityfocus.com/bid/23753 || cve,CVE-2007-2473
        2003799 || BLEEDING-EDGE WEB v4bJournal module PostNuke SQL Injection Attempt -- index.php id SELECT || url,www.milw0rm.com/exploits/3835 || cve,CVE-2007-2492
        2003800 || BLEEDING-EDGE WEB v4bJournal module PostNuke SQL Injection Attempt -- index.php id UNION SELECT || url,www.milw0rm.com/exploits/3835 || cve,CVE-2007-2492
        2003801 || BLEEDING-EDGE WEB v4bJournal module PostNuke SQL Injection Attempt -- index.php id INSERT || url,www.milw0rm.com/exploits/3835 || cve,CVE-2007-2492
        2003802 || BLEEDING-EDGE WEB v4bJournal module PostNuke SQL Injection Attempt -- index.php id DELETE || url,www.milw0rm.com/exploits/3835 || cve,CVE-2007-2492
        2003803 || BLEEDING-EDGE WEB v4bJournal module PostNuke SQL Injection Attempt -- index.php id ASCII || url,www.milw0rm.com/exploits/3835 || cve,CVE-2007-2492
        2003804 || BLEEDING-EDGE WEB v4bJournal module PostNuke SQL Injection Attempt -- index.php id UPDATE || url,www.milw0rm.com/exploits/3835 || cve,CVE-2007-2492
        2003805 || BLEEDING-EDGE WEB phpHoo3 SQL Injection Attempt -- admin.php ADMIN_USER SELECT || url,www.securityfocus.com/bid/23854 || cve,CVE-2007-2534
        2003806 || BLEEDING-EDGE WEB phpHoo3 SQL Injection Attempt -- admin.php ADMIN_USER UNION SELECT || url,www.securityfocus.com/bid/23854 || cve,CVE-2007-2534
        2003807 || BLEEDING-EDGE WEB phpHoo3 SQL Injection Attempt -- admin.php ADMIN_USER INSERT || url,www.securityfocus.com/bid/23854 || cve,CVE-2007-2534
        2003808 || BLEEDING-EDGE WEB phpHoo3 SQL Injection Attempt -- admin.php ADMIN_USER DELETE || url,www.securityfocus.com/bid/23854 || cve,CVE-2007-2534
        2003809 || BLEEDING-EDGE WEB phpHoo3 SQL Injection Attempt -- admin.php ADMIN_USER ASCII || url,www.securityfocus.com/bid/23854 || cve,CVE-2007-2534
        2003810 || BLEEDING-EDGE WEB phpHoo3 SQL Injection Attempt -- admin.php ADMIN_USER UPDATE || url,www.securityfocus.com/bid/23854 || cve,CVE-2007-2534
        2003811 || BLEEDING-EDGE WEB phpHoo3 SQL Injection Attempt -- admin.php ADMIN_PASS SELECT || url,www.securityfocus.com/bid/23854 || cve,CVE-2007-2534
        2003812 || BLEEDING-EDGE WEB phpHoo3 SQL Injection Attempt -- admin.php ADMIN_PASS UNION SELECT || url,www.securityfocus.com/bid/23854 || cve,CVE-2007-2534
        2003813 || BLEEDING-EDGE WEB phpHoo3 SQL Injection Attempt -- admin.php ADMIN_PASS INSERT || url,www.securityfocus.com/bid/23854 || cve,CVE-2007-2534
        2003814 || BLEEDING-EDGE WEB phpHoo3 SQL Injection Attempt -- admin.php ADMIN_PASS DELETE || url,www.securityfocus.com/bid/23854 || cve,CVE-2007-2534
        2003815 || BLEEDING-EDGE WEB phpHoo3 SQL Injection Attempt -- admin.php ADMIN_PASS ASCII || url,www.securityfocus.com/bid/23854 || cve,CVE-2007-2534
        2003816 || BLEEDING-EDGE WEB phpHoo3 SQL Injection Attempt -- admin.php ADMIN_PASS UPDATE || url,www.securityfocus.com/bid/23854 || cve,CVE-2007-2534
        2003817 || BLEEDING-EDGE WEB RunCms SQL Injection Attempt -- debug_show.php executed_queries SELECT || url,www.milw0rm.com/exploits/3850 || cve,CVE-2007-2538
        2003818 || BLEEDING-EDGE WEB RunCms SQL Injection Attempt -- debug_show.php executed_queries UNION SELECT || url,www.milw0rm.com/exploits/3850 || cve,CVE-2007-2538
        2003819 || BLEEDING-EDGE WEB RunCms SQL Injection Attempt -- debug_show.php executed_queries INSERT || url,www.milw0rm.com/exploits/3850 || cve,CVE-2007-2538
        2003820 || BLEEDING-EDGE WEB RunCms SQL Injection Attempt -- debug_show.php executed_queries DELETE || url,www.milw0rm.com/exploits/3850 || cve,CVE-2007-2538
        2003821 || BLEEDING-EDGE WEB RunCms SQL Injection Attempt -- debug_show.php executed_queries ASCII || url,www.milw0rm.com/exploits/3850 || cve,CVE-2007-2538
        2003822 || BLEEDING-EDGE WEB RunCms SQL Injection Attempt -- debug_show.php executed_queries UPDATE || url,www.milw0rm.com/exploits/3850 || cve,CVE-2007-2538
        2003823 || BLEEDING-EDGE WEB Flashgames SQL Injection Attempt -- game.php lid SELECT || url,www.milw0rm.com/exploits/3849 || cve,CVE-2007-2543
        2003824 || BLEEDING-EDGE WEB Flashgames SQL Injection Attempt -- game.php lid UNION SELECT || url,www.milw0rm.com/exploits/3849 || cve,CVE-2007-2543
        2003825 || BLEEDING-EDGE WEB Flashgames SQL Injection Attempt -- game.php lid INSERT || url,www.milw0rm.com/exploits/3849 || cve,CVE-2007-2543
        2003826 || BLEEDING-EDGE WEB Flashgames SQL Injection Attempt -- game.php lid DELETE || url,www.milw0rm.com/exploits/3849 || cve,CVE-2007-2543
        2003827 || BLEEDING-EDGE WEB Flashgames SQL Injection Attempt -- game.php lid ASCII || url,www.milw0rm.com/exploits/3849 || cve,CVE-2007-2543
        2003828 || BLEEDING-EDGE WEB Flashgames SQL Injection Attempt -- game.php lid UPDATE || url,www.milw0rm.com/exploits/3849 || cve,CVE-2007-2543
        2003829 || BLEEDING-EDGE WEB ResManager SQL Injection Attempt -- edit_day.php id_reserv SELECT || url,www.milw0rm.com/exploits/3931 || cve,CVE-2007-2735
        2003830 || BLEEDING-EDGE WEB ResManager SQL Injection Attempt -- edit_day.php id_reserv UNION SELECT || url,www.milw0rm.com/exploits/3931 || cve,CVE-2007-2735
        2003831 || BLEEDING-EDGE WEB ResManager SQL Injection Attempt -- edit_day.php id_reserv INSERT || url,www.milw0rm.com/exploits/3931 || cve,CVE-2007-2735
        2003832 || BLEEDING-EDGE WEB ResManager SQL Injection Attempt -- edit_day.php id_reserv DELETE || url,www.milw0rm.com/exploits/3931 || cve,CVE-2007-2735
        2003833 || BLEEDING-EDGE WEB ResManager SQL Injection Attempt -- edit_day.php id_reserv ASCII || url,www.milw0rm.com/exploits/3931 || cve,CVE-2007-2735
        2003834 || BLEEDING-EDGE WEB ResManager SQL Injection Attempt -- edit_day.php id_reserv UPDATE || url,www.milw0rm.com/exploits/3931 || cve,CVE-2007-2735
        2003835 || BLEEDING-EDGE WEB MyConference SQL Injection Attempt -- index.php cid SELECT || url,www.frsirt.com/english/advisories/2007/1830 || cve,CVE-2007-2737
        2003836 || BLEEDING-EDGE WEB MyConference SQL Injection Attempt -- index.php cid UNION SELECT || url,www.frsirt.com/english/advisories/2007/1830 || cve,CVE-2007-2737
        2003837 || BLEEDING-EDGE WEB MyConference SQL Injection Attempt -- index.php cid INSERT || url,www.frsirt.com/english/advisories/2007/1830 || cve,CVE-2007-2737
        2003838 || BLEEDING-EDGE WEB MyConference SQL Injection Attempt -- index.php cid DELETE || url,www.frsirt.com/english/advisories/2007/1830 || cve,CVE-2007-2737
        2003839 || BLEEDING-EDGE WEB MyConference SQL Injection Attempt -- index.php cid ASCII || url,www.frsirt.com/english/advisories/2007/1830 || cve,CVE-2007-2737
        2003840 || BLEEDING-EDGE WEB MyConference SQL Injection Attempt -- index.php cid UPDATE || url,www.frsirt.com/english/advisories/2007/1830 || cve,CVE-2007-2737
        2003841 || BLEEDING-EDGE WEB Glossaire SQL Injection Attempt -- glossaire-p-f.php sid UNION SELECT || url,www.milw0rm.com/exploits/3932 || cve,CVE-2007-2738
        2003842 || BLEEDING-EDGE WEB Glossaire SQL Injection Attempt -- glossaire-p-f.php sid INSERT || url,www.milw0rm.com/exploits/3932 || cve,CVE-2007-2738
        2003843 || BLEEDING-EDGE WEB Glossaire SQL Injection Attempt -- glossaire-p-f.php sid DELETE || url,www.milw0rm.com/exploits/3932 || cve,CVE-2007-2738
        2003844 || BLEEDING-EDGE WEB Glossaire SQL Injection Attempt -- glossaire-p-f.php sid ASCII || url,www.milw0rm.com/exploits/3932 || cve,CVE-2007-2738
        2003845 || BLEEDING-EDGE WEB Glossaire SQL Injection Attempt -- glossaire-p-f.php sid UPDATE || url,www.milw0rm.com/exploits/3932 || cve,CVE-2007-2738
        2003846 || BLEEDING-EDGE WEB FAQEngine SQL Injection Attempt -- question.php questionref SELECT || url,www.milw0rm.com/exploits/3943 || cve,CVE-2007-2749
        2003847 || BLEEDING-EDGE WEB FAQEngine SQL Injection Attempt -- question.php questionref UNION SELECT || url,www.milw0rm.com/exploits/3943 || cve,CVE-2007-2749
        2003848 || BLEEDING-EDGE WEB FAQEngine SQL Injection Attempt -- question.php questionref INSERT || url,www.milw0rm.com/exploits/3943 || cve,CVE-2007-2749
        2003849 || BLEEDING-EDGE WEB FAQEngine SQL Injection Attempt -- question.php questionref DELETE || url,www.milw0rm.com/exploits/3943 || cve,CVE-2007-2749
        2003850 || BLEEDING-EDGE WEB FAQEngine SQL Injection Attempt -- question.php questionref ASCII || url,www.milw0rm.com/exploits/3943 || cve,CVE-2007-2749
        2003851 || BLEEDING-EDGE WEB FAQEngine SQL Injection Attempt -- question.php questionref UPDATE || url,www.milw0rm.com/exploits/3943 || cve,CVE-2007-2749
        2003852 || BLEEDING-EDGE WEB SimpNews SQL Injection Attempt -- print.php newsnr SELECT || url,www.milw0rm.com/exploits/3942 || cve,CVE-2007-2750
        2003853 || BLEEDING-EDGE WEB SimpNews SQL Injection Attempt -- print.php newsnr UNION SELECT || url,www.milw0rm.com/exploits/3942 || cve,CVE-2007-2750
        2003854 || BLEEDING-EDGE WEB SimpNews SQL Injection Attempt -- print.php newsnr INSERT || url,www.milw0rm.com/exploits/3942 || cve,CVE-2007-2750
        2003855 || BLEEDING-EDGE WEB SimpNews SQL Injection Attempt -- print.php newsnr DELETE || url,www.milw0rm.com/exploits/3942 || cve,CVE-2007-2750
        2003856 || BLEEDING-EDGE WEB SimpNews SQL Injection Attempt -- print.php newsnr ASCII || url,www.milw0rm.com/exploits/3942 || cve,CVE-2007-2750
        2003857 || BLEEDING-EDGE WEB SimpNews SQL Injection Attempt -- print.php newsnr UPDATE || url,www.milw0rm.com/exploits/3942 || cve,CVE-2007-2750
        2003858 || BLEEDING-EDGE WEB RunawaySoft Haber portal 1.0 SQL Injection Attempt -- devami.asp id SELECT || url,www.milw0rm.com/exploits/3936 || cve,CVE-2007-2752
        2003859 || BLEEDING-EDGE WEB RunawaySoft Haber portal 1.0 SQL Injection Attempt -- devami.asp id UNION SELECT || url,www.milw0rm.com/exploits/3936 || cve,CVE-2007-2752
        2003860 || BLEEDING-EDGE WEB RunawaySoft Haber portal 1.0 SQL Injection Attempt -- devami.asp id INSERT || url,www.milw0rm.com/exploits/3936 || cve,CVE-2007-2752
        2003861 || BLEEDING-EDGE WEB RunawaySoft Haber portal 1.0 SQL Injection Attempt -- devami.asp id DELETE || url,www.milw0rm.com/exploits/3936 || cve,CVE-2007-2752
        2003862 || BLEEDING-EDGE WEB RunawaySoft Haber portal 1.0 SQL Injection Attempt -- devami.asp id ASCII || url,www.milw0rm.com/exploits/3936 || cve,CVE-2007-2752
        2003863 || BLEEDING-EDGE WEB RunawaySoft Haber portal 1.0 SQL Injection Attempt -- devami.asp id UPDATE || url,www.milw0rm.com/exploits/3936 || cve,CVE-2007-2752
        2404006 || BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 7)  || url,www.shadowserver.org
        2405006 || BLEEDING-EDGE DROP Known Bot C&C Traffic (group 7) - BLOCKING SOURCE || url,www.shadowserver.org

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-drop-BLOCK.rules (1):
        #  VERSION 186

     -> Removed from bleeding-drop.rules (1):
        #  VERSION 186





More information about the Snort-sigs mailing list