[Snort-sigs] Bleedingsnort.com Daily Update

[***] Results from Oinkmaster started Mon Aug 22 20:00:05 2005 [***]

[+++]          Added rules:          [+++]

 2002315 - BLEEDING-EDGE EXPLOIT Incoming Electronic Mail for UNIX Expires 
Header Buffer Overflow Exploit (bleeding-exploit.rules)
 2002316 - BLEEDING-EDGE EXPLOIT Outgoing Electronic Mail for UNIX Expires 
Header Buffer Overflow Exploit (bleeding-exploit.rules)
 2002317 - BLEEDING-EDGE MALWARE EZSearch Spyware Reporting Search Strings 
(bleeding-malware.rules)
 2002318 - BLEEDING-EDGE MALWARE EZSearch Spyware Reporting Search Category 
(bleeding-malware.rules)
 2002319 - BLEEDING-EDGE MALWARE EZSearch Spyware Reporting 2 
(bleeding-malware.rules)
 2002320 - BLEEDING-EDGE MALWARE Transponder Spyware Activity 
(bleeding-malware.rules)


[///]     Modified active rules:     [///]

 2002082 - BLEEDING-EDGE Infotriever Spyware User Agent (bleeding-malware.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-exploit.rules (1):
        #By Mark Tombaugh

     -> Added to bleeding-malware.rules (2):
        #By Matt Jonkman, From spyware listening post data
        #by Matt Jonkman, data from the Spyware Listening Post

     -> Added to bleeding-sid-msg.map (7):
        2002082 || BLEEDING-EDGE Infotriever Spyware User Agent || 
url,www.bleedingsnort.com/staticpages/index.php?page=unknown
        2002315 || BLEEDING-EDGE EXPLOIT Incoming Electronic Mail for UNIX 
Expires Header Buffer Overflow Exploit || url,www.instinct.org/elm/ || 
url,www.frsirt.com/exploits/20050822.elmexploit.c.php
        2002316 || BLEEDING-EDGE EXPLOIT Outgoing Electronic Mail for UNIX 
Expires Header Buffer Overflow Exploit || url,www.instinct.org/elm/ || 
url,www.frsirt.com/exploits/20050822.elmexploit.c.php
        2002317 || BLEEDING-EDGE MALWARE EZSearch Spyware Reporting Search 
Strings
        2002318 || BLEEDING-EDGE MALWARE EZSearch Spyware Reporting Search 
Category
        2002319 || BLEEDING-EDGE MALWARE EZSearch Spyware Reporting 2
        2002320 || BLEEDING-EDGE MALWARE Transponder Spyware Activity || 
url,www.doxdesk.com/parasite/Transponder.html

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-sid-msg.map (1):
        2002082 || BLEEDING-EDGE Malware Unknown Spyware User Agent Activity -- 
Please report to bleedingsnort.com || 
url,www.bleedingsnort.com/staticpages/index.php?page=unknown



-------------------------------------------------------
SF.Net email is Sponsored by the Better Software Conference & EXPO
September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs