[Snort-sigs] Emerging Threats Daily Signature Changes

emerging at ...3335... emerging at ...3335...
Wed Feb 6 17:00:08 EST 2008


[***] Results from Oinkmaster started Wed Feb  6 17:00:08 2008 [***]

[+++]          Added rules:          [+++]

 2007817 - ET CURRENT_EVENTS FaceBook PhotoUploader Buffer Overflow Exploit (bleeding.rules)
 2007818 - ET CURRENT_EVENTS Chilkat FTP ActiveX 2.0 ChilkatCert.dll Insecure Method Vulnerability (bleeding.rules)
 2007819 - ET CURRENT_EVENTS Chilkat Mail ActiveX 7.8 ChilkatCert.dll Insecure Method Vulnerability (bleeding.rules)


[///]     Modified active rules:     [///]

 2007812 - ET CURRENT_EVENTS Yahoo! Music Jukebox (DataGrid) 2.2 AddImage() ActiveX BOF (bleeding.rules)
 2007813 - ET CURRENT_EVENTS Yahoo! JukeBox MediaGrid ActiveX Control mediagrid.dll AddBitmap() BoF (bleeding.rules)


[---]         Removed rules:         [---]

 2007814 - ET CURRENT_EVENTS Vulnerable Yahoo DataGrid ActiveX CLSID in Use (bleeding.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-sid-msg.map (5):
        2007812 || ET CURRENT_EVENTS Yahoo! Music Jukebox (DataGrid) 2.2 AddImage() ActiveX BOF || url,www.milw0rm.com/exploits/5051 || url,www.milw0rm.com/exploits/5046 || url,www.milw0rm.com/exploits/5048 || bugtraq,27590
        2007813 || ET CURRENT_EVENTS Yahoo! JukeBox MediaGrid ActiveX Control mediagrid.dll AddBitmap() BoF || url,isc.sans.org/diary.html?storyid=3929 || url,milw0rm.com/exploits/5052 || bugtraq,27578
        2007817 || ET CURRENT_EVENTS FaceBook PhotoUploader Buffer Overflow Exploit || url,isc.sans.org/diary.html?storyid=3929 || bugtraq,27576 || url,www.milw0rm.com/exploits/5049
        2007818 || ET CURRENT_EVENTS Chilkat FTP ActiveX 2.0 ChilkatCert.dll Insecure Method Vulnerability || url,www.milw0rm.com/exploits/5028 || bugtraq,27540
        2007819 || ET CURRENT_EVENTS Chilkat Mail ActiveX 7.8 ChilkatCert.dll Insecure Method Vulnerability || url,www.milw0rm.com/exploits/5005 || bugtraq,27493

     -> Added to bleeding-sid-msg.map.txt (5):
        2007812 || ET CURRENT_EVENTS Yahoo! Music Jukebox (DataGrid) 2.2 AddImage() ActiveX BOF || url,www.milw0rm.com/exploits/5051 || url,www.milw0rm.com/exploits/5046 || url,www.milw0rm.com/exploits/5048 || bugtraq,27590
        2007813 || ET CURRENT_EVENTS Yahoo! JukeBox MediaGrid ActiveX Control mediagrid.dll AddBitmap() BoF || url,isc.sans.org/diary.html?storyid=3929 || url,milw0rm.com/exploits/5052 || bugtraq,27578
        2007817 || ET CURRENT_EVENTS FaceBook PhotoUploader Buffer Overflow Exploit || url,isc.sans.org/diary.html?storyid=3929 || bugtraq,27576 || url,www.milw0rm.com/exploits/5049
        2007818 || ET CURRENT_EVENTS Chilkat FTP ActiveX 2.0 ChilkatCert.dll Insecure Method Vulnerability || url,www.milw0rm.com/exploits/5028 || bugtraq,27540
        2007819 || ET CURRENT_EVENTS Chilkat Mail ActiveX 7.8 ChilkatCert.dll Insecure Method Vulnerability || url,www.milw0rm.com/exploits/5005 || bugtraq,27493

     -> Added to bleeding.rules (7):
        #by Chandan S of StillSecure
        #by Akash Majahan at StillSecure
        # FaceBook PhotoUploader Buffer Overflow Exploit
        #by Akash Mahajan at Stillsecure
        # Yahoo! JukeBox MediaGrid ActiveX Control mediagrid.dll AddBitmap() Buffer O
        #by Akash Mahajan at Stillsecure
        # Yahoo! Music Jukebox 2.2 AddImage() and AddButton() ActiveX BOF

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-sid-msg.map (3):
        2007812 || ET CURRENT_EVENTS Vulnerable Facebook ActiveX CLSID in Use || url,isc.sans.org/diary.html?storyid=3929
        2007813 || ET CURRENT_EVENTS Vulnerable Yahoo MediaGrid ActiveX CLSID in Use || url,isc.sans.org/diary.html?storyid=3929
        2007814 || ET CURRENT_EVENTS Vulnerable Yahoo DataGrid ActiveX CLSID in Use || url,isc.sans.org/diary.html?storyid=3929

     -> Removed from bleeding-sid-msg.map.txt (3):
        2007812 || ET CURRENT_EVENTS Vulnerable Facebook ActiveX CLSID in Use || url,isc.sans.org/diary.html?storyid=3929
        2007813 || ET CURRENT_EVENTS Vulnerable Yahoo MediaGrid ActiveX CLSID in Use || url,isc.sans.org/diary.html?storyid=3929
        2007814 || ET CURRENT_EVENTS Vulnerable Yahoo DataGrid ActiveX CLSID in Use || url,isc.sans.org/diary.html?storyid=3929





More information about the Snort-sigs mailing list