[Snort-sigs] Bleeding Edge Threats Daily Signature Changes

bleeding at ...3254... bleeding at ...3254...
Thu Nov 29 15:00:14 EST 2007


[***] Results from Oinkmaster started Thu Nov 29 20:00:14 2007 [***]

[+++]          Added rules:          [+++]

 2007703 - BLEEDING-EDGE WEB-CLIENT Apple Quicktime RTSP Content-Type overflow attempt (bleeding-web.rules)


[///]     Modified active rules:     [///]

 2003173 - BLEEDING-EDGE EXPLOIT Possible UTF-8 encoded Shellcode Detected (bleeding-exploit.rules)
 2003174 - BLEEDING-EDGE EXPLOIT Possible UTF-16 encoded Shellcode Detected (bleeding-exploit.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-sid-msg.map (1):
        2007703 || BLEEDING-EDGE WEB-CLIENT Apple Quicktime RTSP Content-Type overflow attempt || url,www.milw0rm.com/exploits/4657 || url,www.kb.cert.org/vuls/id/659761

     -> Added to bleeding-web.rules (1):
        #Joint contribution from Andre Ludwig, Blake Hartstein, and Chris Byrd at riosec.com





More information about the Snort-sigs mailing list