List Info

Thread: RE: More tinytwitty sigs
RE: More tinytwitty sigs
country flaguser name
United States		 2007-06-12 18:50:47 
You are correct, thanks Shane. Corrected

Matt


> -----Original Message-----
> From: bleeding-sigs-bouncesbleedingthreats.net 
> [mailto:bleeding-sigs-bouncesbleedingthreats.net] On
Behalf 
> Of Brooks, Shane
> Sent: Tuesday, June 12, 2007 11:22 PM
> To: Bleeding Sigs
> Subject: RE: [Bleeding-sigs] More tinytwitty sigs
> 
> I believe this one should be sid:2005166
> 
> alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS
$HTTP_PORTS 
> (msg:"BLEEDING-EDGE WEB ASP NEWS SQL Injection
Attempt -- 
> news_detail.asp id INSERT";
flow:established,to_server; 
> uricontent:"/news_detail.asp?"; nocase;
uricontent:"id="; 
> nocase; pcre:"/INSERT.+INTO/Ui"; 
> classtype:web-application-attack; 
> reference:cve,CVE-2007-0566; 
> reference:url,www.milw0rm.com/exploits/3187;
sid:200516; rev:1;)
> 
> 
> 
> -----Original Message-----
> From: bleeding-sigs-bouncesbleedingthreats.net 
> [mailto:bleeding-sigs-bouncesbleedingthreats.net] On
Behalf 
> Of Matt Jonkman
> Sent: Sunday, June 10, 2007 8:31 PM
> To: Bleeding Sigs
> Subject: [Bleeding-sigs] More tinytwitty sigs
> 
> Another load of tinytwitty's sigs are posted, almost
600 new 
> ones. Good
> stuff, mostly sql injection.
> 
> As always, please report any issues. To date we haven't
had anything
> significant to tweak.
> 
> Matt
> 
> -- 
> --------------------------------------------
> Matthew Jonkman
> Bleeding Edge Threats
> 765-429-0398
> http://www.bleedingthr
eats.net
> --------------------------------------------
> 
> PGP: http:/
/www.bleedingthreats.com/mattjonkman.asc
> 
> 
> 
> _______________________________________________
> Bleeding-sigs mailing list
> Bleeding-sigsbleedingthreats.net
> http://lists.bleedingthreats.net/cgi-bin/mailman/l
istinfo/blee
> ding-sigs
> 
> No virus found in this incoming message.
> Checked by AVG Free Edition. 
> Version: 7.5.472 / Virus Database: 269.8.13/843 -
Release 
> Date: 6/10/2007 1:39 PM
>  
> 
> No virus found in this outgoing message.
> Checked by AVG Free Edition. 
> Version: 7.5.472 / Virus Database: 269.8.13/843 -
Release 
> Date: 6/10/2007 1:39 PM
>  
> _______________________________________________
> Bleeding-sigs mailing list
> Bleeding-sigsbleedingthreats.net
> http://lists.bleedingthreats.net/cgi-bin/mailman/l
istinfo/blee
> ding-sigs
> 

_______________________________________________
Bleeding-sigs mailing list
Bleeding-sigsbleedingthreats.net
http://lists.bleedingthreats.net/cgi-bin/
mailman/listinfo/bleeding-sigs
[1]

about | contact  Other archives ( Real Estate discussion Medical topics )