List Info

Thread: Bleeding Edge Threats Weekly Signature Changes
Bleeding Edge Threats Weekly Signature Changes
country flaguser name
United States		 2007-03-30 10:00:06 
[***] Results from Oinkmaster started Fri Mar 30 11:00:06
2007 [***]

[+++]          Added rules:          [+++]

 2003514 - BLEEDING-EDGE CURRENT EVENTS Possible Microsoft
Internet Explorer ADODB.Redcordset Double Free Memory
Exploit - MS07-009 (bleeding.rules)
 2003515 - BLEEDING-EDGE TROJAN Snatch Reporting User
Activity (bleeding-virus.rules)
 2003516 - BLEEDING-EDGE WEB Xoops Articles modules
print.php SQL injection attempt (bleeding-web.rules)
 2003517 - BLEEDING-EDGE WEB iPhotoAlbum header.php remote
file include (bleeding-web.rules)
 2003518 - BLEEDING-EDGE EXPLOIT Computer Associates
Brightstor ARCServe Backup Mediasvr.exe Remote Exploit
(bleeding-exploit.rules)
 2003520 - BLEEDING-EDGE EXPLOIT webCalendar Remote File
include (bleeding-web.rules)
 2404007 - BLEEDING-EDGE DROP Known Bot C&C Server
Traffic (group 8)  (bleeding-botcc.rules)
 2405007 - BLEEDING-EDGE DROP Known Bot C&C Traffic
(group 8) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)


[///]     Modified active rules:     [///]

 2003182 - BLEEDING-EDGE TROJAN Prg Trojan v0.1-v0.3 Data
Upload (bleeding-virus.rules)
 2400000 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic
Inbound (bleeding-drop.rules)
 2400001 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic
Inbound (bleeding-drop.rules)
 2400002 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic
Inbound (bleeding-drop.rules)
 2400003 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic
Inbound (bleeding-drop.rules)
 2400004 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic
Inbound (bleeding-drop.rules)
 2401000 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic
Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401001 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic
Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401002 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic
Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401003 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic
Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401004 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic
Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2402000 - BLEEDING-EDGE DROP Dshield Block Listed Source
(bleeding-dshield.rules)
 2403000 - BLEEDING-EDGE DROP Dshield Block Listed Source -
BLOCKING (bleeding-dshield-BLOCK.rules)
 2404000 - BLEEDING-EDGE DROP Known Bot C&C Server
Traffic (group 1)  (bleeding-botcc.rules)
 2404001 - BLEEDING-EDGE DROP Known Bot C&C Server
Traffic (group 2)  (bleeding-botcc.rules)
 2404002 - BLEEDING-EDGE DROP Known Bot C&C Server
Traffic (group 3)  (bleeding-botcc.rules)
 2404003 - BLEEDING-EDGE DROP Known Bot C&C Server
Traffic (group 4)  (bleeding-botcc.rules)
 2404004 - BLEEDING-EDGE DROP Known Bot C&C Server
Traffic (group 5)  (bleeding-botcc.rules)
 2404005 - BLEEDING-EDGE DROP Known Bot C&C Server
Traffic (group 6)  (bleeding-botcc.rules)
 2404006 - BLEEDING-EDGE DROP Known Bot C&C Server
Traffic (group 7)  (bleeding-botcc.rules)
 2405000 - BLEEDING-EDGE DROP Known Bot C&C Traffic
(group 1) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2405001 - BLEEDING-EDGE DROP Known Bot C&C Traffic
(group 2) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2405002 - BLEEDING-EDGE DROP Known Bot C&C Traffic
(group 3) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2405003 - BLEEDING-EDGE DROP Known Bot C&C Traffic
(group 4) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2405004 - BLEEDING-EDGE DROP Known Bot C&C Traffic
(group 5) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2405005 - BLEEDING-EDGE DROP Known Bot C&C Traffic
(group 6) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2405006 - BLEEDING-EDGE DROP Known Bot C&C Traffic
(group 7) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-drop-BLOCK.rules (1):
        #  VERSION 138

     -> Added to bleeding-drop.rules (1):
        #  VERSION 138

     -> Added to bleeding-exploit.rules (1):
        #another from Shirkdog

     -> Added to bleeding-sid-msg.map (8):
        2003514 || BLEEDING-EDGE CURRENT EVENTS Possible
Microsoft Internet Explorer ADODB.Redcordset Double Free
Memory Exploit - MS07-009 ||
url,www.microsoft.com/technet/security/Bulletin/MS07-009.msp
x || url,www.milw0rm.com/exploits/3577
        2003515 || BLEEDING-EDGE TROJAN Snatch Reporting
User Activity
        2003516 || BLEEDING-EDGE WEB Xoops Articles modules
print.php SQL injection attempt || bugtraq,23160
        2003517 || BLEEDING-EDGE WEB iPhotoAlbum header.php
remote file include || bugtraq,23189
        2003518 || BLEEDING-EDGE EXPLOIT Computer Associates
Brightstor ARCServe Backup Mediasvr.exe Remote Exploit ||
url,www.milw0rm.com/exploits/3604
        2003520 || BLEEDING-EDGE EXPLOIT webCalendar Remote
File include || url,www.securityfocus.com/archive/1/462957
        2404007 || BLEEDING-EDGE DROP Known Bot C&C
Server Traffic (group 8)  || url,www.shadowserver.org
        2405007 || BLEEDING-EDGE DROP Known Bot C&C
Traffic (group 8) - BLOCKING SOURCE ||
url,www.shadowserver.org

     -> Added to bleeding-virus.rules (1):
        #y Tom Fischer

     -> Added to bleeding-web.rules (1):
        #by Reg Quinton

     -> Added to bleeding.rules (1):
        # stevensecurityzone

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-drop-BLOCK.rules (1):
        #  VERSION 129

     -> Removed from bleeding-drop.rules (1):
        #  VERSION 129

_______________________________________________
Bleeding-sigs mailing list
Bleeding-sigsbleedingthreats.net
http://lists.bleedingthreats.net/cgi-bin/
mailman/listinfo/bleeding-sigs
[1]

about | contact  Other archives ( Real Estate discussion Medical topics )