[***] Results from Oinkmaster started Fri Feb 17 20:00:13 2006 [***]
[+++] Added rules: [+++]
2002807 - BLEEDING-EDGE MALWARE Spyaxe Spyware User Agent
(bleeding-malware.rules)
2002808 - BLEEDING-EDGE MALWARE Spyaxe Spyware User Agent 2
(bleeding-malware.rules)
2002809 - BLEEDING-EDGE ATTACK RESPONSE Hostile FTP Server Banner (StnyFtpd)
(bleeding-attack_response.rules)
2002810 - BLEEDING-EDGE ATTACK RESPONSE Hostile FTP Server Banner (Reptile)
(bleeding-attack_response.rules)
2002811 - BLEEDING-EDGE ATTACK RESPONSE Hostile FTP Server Banner (Bot Server)
(bleeding-attack_response.rules)
2002812 - BLEEDING-EDGE TROJAN PWS-LDPinch Reporting User Activity
(bleeding-virus.rules)
[///] Modified active rules: [///]
2001549 - BLEEDING-EDGE EXPLOIT Possible Sun Java Plugin arbitrary package
access exploit (1) (bleeding-exploit.rules)
2001550 - BLEEDING-EDGE EXPLOIT Possible Sun Java Plugin arbitrary package
access exploit (2) (bleeding-exploit.rules)
2001551 - BLEEDING-EDGE EXPLOIT Possible Sun Java Plugin arbitrary package
access exploit (3) (bleeding-exploit.rules)
2001552 - BLEEDING-EDGE EXPLOIT Possible Sun Java Plugin arbitrary package
access exploit (4) (bleeding-exploit.rules)
2002750 - BLEEDING-EDGE POLICY Reserved IP Space Traffic - Bogon Nets 2
(bleeding-policy.rules)
2402000 - BLEEDING-EDGE DROP Dshield Block Listed Source
(bleeding-dshield.rules)
2403000 - BLEEDING-EDGE DROP Dshield Block Listed Source - BLOCKING
(bleeding-dshield-BLOCK.rules)
[---] Removed rules: [---]
2002002807 - BLEEDING-EDGE MALWARE Spyaxe Spyware User Agent
(bleeding-malware.rules)
2002002808 - BLEEDING-EDGE MALWARE Spyaxe Spyware User Agent 2
(bleeding-malware.rules)
[+++] Added non-rule lines: [+++]
-> Added to bleeding-attack_response.rules (1):
#Matt Jonkman, information from Stephen Gill at Cymru
-> Added to bleeding-sid-msg.map (10):
2001549 || BLEEDING-EDGE EXPLOIT Possible Sun Java Plugin arbitrary
package access exploit (1) || cve,CAN-2004-1029 ||
url,www.kb.cert.org/vuls/id/760344 || url,secunia.com/advisories/13271/ ||
url,archives.neohapsis.com/archives/bugtraq/2004-11/0299.html ||
url,www.idefense.com/application/poi/display?id=158 ||
url,sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1 ||
url,jouko.iki.fi/adv/javaplugin.html
2001550 || BLEEDING-EDGE EXPLOIT Possible Sun Java Plugin arbitrary
package access exploit (2) || cve,CAN-2004-1029 ||
url,www.kb.cert.org/vuls/id/760344 || url,secunia.com/advisories/13271/ ||
url,archives.neohapsis.com/archives/bugtraq/2004-11/0299.html ||
url,www.idefense.com/application/poi/display?id=158 ||
url,sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1 ||
url,jouko.iki.fi/adv/javaplugin.html
2001551 || BLEEDING-EDGE EXPLOIT Possible Sun Java Plugin arbitrary
package access exploit (3) || cve,CAN-2004-1029 ||
url,www.kb.cert.org/vuls/id/760344 || url,secunia.com/advisories/13271/ ||
url,archives.neohapsis.com/archives/bugtraq/2004-11/0299.html ||
url,www.idefense.com/application/poi/display?id=158 ||
url,sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1 ||
url,jouko.iki.fi/adv/javaplugin.html
2001552 || BLEEDING-EDGE EXPLOIT Possible Sun Java Plugin arbitrary
package access exploit (4) || cve,CAN-2004-1029 ||
url,www.kb.cert.org/vuls/id/760344 || url,secunia.com/advisories/13271/ ||
url,archives.neohapsis.com/archives/bugtraq/2004-11/0299.html ||
url,www.idefense.com/application/poi/display?id=158 ||
url,sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1 ||
url,jouko.iki.fi/adv/javaplugin.html
2002807 || BLEEDING-EDGE MALWARE Spyaxe Spyware User Agent
2002808 || BLEEDING-EDGE MALWARE Spyaxe Spyware User Agent 2
2002809 || BLEEDING-EDGE ATTACK RESPONSE Hostile FTP Server Banner
(StnyFtpd)
2002810 || BLEEDING-EDGE ATTACK RESPONSE Hostile FTP Server Banner
(Reptile)
2002811 || BLEEDING-EDGE ATTACK RESPONSE Hostile FTP Server Banner (Bot
Server)
2002812 || BLEEDING-EDGE TROJAN PWS-LDPinch Reporting User Activity
-> Added to bleeding-virus.rules (1):
#by Tom Fischer
[---] Removed non-rule lines: [---]
-> Removed from bleeding-sid-msg.map (6):
2001549 || BLEEDING-EDGE EXPLOIT Possible Sun Java Plugin arbitrary
package access exploit (1) || cve,CAN-2004-1029 ||
url,www.kb.cert.org/vuls/id/760344 || url,secunia.com/advisories/13271/ ||
url,archives.neohapsis.com/archives/bugtraq/2004-11/0299.html ||
url,www.idefense.com/application/poi/display?id=158&type=vulnerabilities&flashstatus=true
|| url,sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1 ||
url,jouko.iki.fi/adv/javaplugin.html
2001550 || BLEEDING-EDGE EXPLOIT Possible Sun Java Plugin arbitrary
package access exploit (2) || cve,CAN-2004-1029 ||
url,www.kb.cert.org/vuls/id/760344 || url,secunia.com/advisories/13271/ ||
url,archives.neohapsis.com/archives/bugtraq/2004-11/0299.html ||
url,www.idefense.com/application/poi/display?id=158&type=vulnerabilities&flashstatus=true
|| url,sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1 ||
url,jouko.iki.fi/adv/javaplugin.html
2001551 || BLEEDING-EDGE EXPLOIT Possible Sun Java Plugin arbitrary
package access exploit (3) || cve,CAN-2004-1029 ||
url,www.kb.cert.org/vuls/id/760344 || url,secunia.com/advisories/13271/ ||
url,archives.neohapsis.com/archives/bugtraq/2004-11/0299.html ||
url,www.idefense.com/application/poi/display?id=158&type=vulnerabilities&flashstatus=true
|| url,sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1 ||
url,jouko.iki.fi/adv/javaplugin.html
2001552 || BLEEDING-EDGE EXPLOIT Possible Sun Java Plugin arbitrary
package access exploit (4) || cve,CAN-2004-1029 ||
url,www.kb.cert.org/vuls/id/760344 || url,secunia.com/advisories/13271/ ||
url,archives.neohapsis.com/archives/bugtraq/2004-11/0299.html ||
url,www.idefense.com/application/poi/display?id=158&type=vulnerabilities&flashstatus=true
|| url,sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1 ||
url,jouko.iki.fi/adv/javaplugin.html
2002002807 || BLEEDING-EDGE MALWARE Spyaxe Spyware User Agent
2002002808 || BLEEDING-EDGE MALWARE Spyaxe Spyware User Agent 2
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
