Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Snort-Signatures
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Snort-sigs] Snort Community Rules Update

from [Sourcefire VRT] Network Security [Permanent Link]
Subject: [Snort-sigs] Snort Community Rules Update
Date: Tue, 27 Jun 2006 16:22:26 -0400 
This message is to announce the availability of an update for the Sourcefire 
community rule set, which can be downloaded free of cost or registration from 
http://www.snort.org/pub-bin/downloads.cgi.

New rules in this release are identified as SIDs 100000448-100000685. These 
rules cover remote file inclusion attacks and SQL injection attacks against a 
large number of web applications, as well as detection of the Dremn Trojan.

A list of modified rules and their SIDs follows.

Alex Kirk
Community Rules Maintainer
Sourcefire, Inc.

100000448 || COMMUNITY WEB-MISC OfficeFlow default.asp xss attempt
100000449 || COMMUNITY WEB-MISC OfficeFlow files.asp MSSQL injection attempt
100000450 || COMMUNITY WEB-MISC VanillaSoft Helpdesk default.asp xss attempt
100000451 || COMMUNITY WEB-MISC KAPhotoservice album.asp xss attempt
100000452 || COMMUNITY WEB-MISC KAPhotoservice album.asp xss attempt
100000453 || COMMUNITY WEB-MISC KAPhotoservice edtalbum.asp xss attempt
100000454 || COMMUNITY WEB-MISC KAPhotoservice edtalbum.asp xss attempt
100000455 || COMMUNITY WEB-MISC Axent Forum viewposts.cfm xss attempt
100000456 || COMMUNITY WEB-MISC SSPwiz index.cfm xss attempt
100000457 || COMMUNITY WEB-MISC ASP Stats pages.asp MSSQL injection attempt
100000458 || COMMUNITY WEB-MISC DPVision Tradingeye Shop details.cfm xss attempt
100000459 || COMMUNITY WEB-MISC WeBBoA yeni_host.asp MSSQL injection attempt
100000460 || COMMUNITY WEB-MISC AZureus index.tmpl xss attempt
100000461 || COMMUNITY WEB-MISC Open WebMail openwebmail-read.pl xss attempt
100000462 || COMMUNITY WEB-MISC Open WebMail openwebmail-read.pl xss attempt
100000463 || COMMUNITY WEB-PHP Joomla joomla.php remote file include
100000464 || COMMUNITY WEB-PHP LoveCompass AEPartner design.inc.php remote file 
include
100000465 || COMMUNITY WEB-PHP Empris sql_fcnsOLD.php remote file include
100000466 || COMMUNITY WEB-PHP Free QBoard post.php remote file include
100000467 || COMMUNITY WEB-PHP WebprojectDB nav.php remote file include
100000468 || COMMUNITY WEB-PHP WebprojectDB lang.php remote file include
100000469 || COMMUNITY WEB-PHP iFoto index.php xss attempt
100000470 || COMMUNITY WEB-PHP Foing manage_songs.php remote file include
100000471 || COMMUNITY WEB-PHP VBZoom show.php SQL injection attempt
100000472 || COMMUNITY WEB-PHP VBZoom show.php SQL injection attempt
100000473 || COMMUNITY WEB-PHP VBZoom language.php SQL injection attempt
100000474 || COMMUNITY WEB-PHP VBZoom meaning.php SQL injection attempt
100000475 || COMMUNITY WEB-PHP VBZoom meaning.php SQL injection attempt
100000476 || COMMUNITY WEB-PHP VBZoom meaning.php SQL injection attempt
100000477 || COMMUNITY WEB-PHP VBZoom subject.php SQL injection attempt
100000478 || COMMUNITY WEB-PHP aWebNews visview.php remote file include
100000479 || COMMUNITY WEB-PHP CzarNews headlines.php remote file include
100000480 || COMMUNITY WEB-PHP Somery team.php remote file include
100000481 || COMMUNITY WEB-PHP Hinton Design PHPHG signed.php remote file 
include
100000482 || COMMUNITY WEB-PHP BoastMachine vote.php remote file include
100000483 || COMMUNITY WEB-PHP Wheatblog view_links.php remote file include
100000484 || COMMUNITY WEB-PHP Confixx ftp_index.php xss attempt
100000485 || COMMUNITY WEB-PHP RahnemaCo page.php remote file include
100000486 || COMMUNITY WEB-PHP PhpBlueDragon CMS template.php remote file 
include
100000487 || COMMUNITY WEB-PHP ISPConfig server.inc.php remote file include
100000488 || COMMUNITY WEB-PHP ISPConfig app.inc.php remote file include
100000489 || COMMUNITY WEB-PHP ISPConfig login.php remote file include
100000490 || COMMUNITY WEB-PHP ISPConfig trylogin.php remote file include
100000491 || COMMUNITY WEB-PHP DeluxeBB posting.php remote file include
100000492 || COMMUNITY WEB-PHP DeluxeBB newpm.php remote file include
100000493 || COMMUNITY WEB-PHP DeluxeBB postreply.php remote file include
100000494 || COMMUNITY WEB-PHP Zeroboard write_ok.php xss attempt
100000495 || COMMUNITY WEB-PHP Zeroboard write_ok.php xss attempt
100000496 || COMMUNITY WEB-PHP Chipmailer index.php SQL injection attempt
100000497 || COMMUNITY WEB-PHP Calendarix cal_event.php SQL injection attempt
100000498 || COMMUNITY WEB-PHP Calendarix cal_popup.php SQL injection attempt
100000499 || COMMUNITY WEB-PHP PictureDis thumstbl.php remote file include
100000500 || COMMUNITY WEB-PHP PictureDis wpfiles.php remote file include
100000501 || COMMUNITY WEB-PHP PictureDis wallpapr.php remote file include
100000502 || COMMUNITY WEB-PHP Ji-Takz tag.class.php remote file include
100000503 || COMMUNITY WEB-PHP Nucleus CMS action.php remote file include
100000504 || COMMUNITY WEB-PHP Nucleus CMS media.php remote file include
100000505 || COMMUNITY WEB-PHP Nucleus CMS server.php remote file include
100000506 || COMMUNITY WEB-PHP Nucleus CMS api_metaweblog.inc.php remote file 
include
100000507 || COMMUNITY WEB-PHP FlashChat adminips.php remote file include
100000508 || COMMUNITY WEB-PHP Wikkawiki wakka.php access
100000509 || COMMUNITY WEB-PHP RahnemaCo page.php remote file include
100000510 || COMMUNITY WEB-PHP VBZoom rank.php SQL injection attempt
100000511 || COMMUNITY WEB-PHP VBZoom message.php SQL injection attempt
100000512 || COMMUNITY WEB-PHP VBZoom lng.php SQL injection attempt
100000513 || COMMUNITY WEB-PHP SAPHPLesson showcat.php SQL injection attempt
100000514 || COMMUNITY WEB-PHP SAPHPLesson misc.php SQL injection attempt
100000515 || COMMUNITY WEB-PHP CMS Faethon header.php xss attempt
100000516 || COMMUNITY WEB-PHP CMS Faethon footer.php xss attempt
100000517 || COMMUNITY WEB-PHP e107 search.php xss attempt
100000518 || COMMUNITY WEB-PHP PHP Live Helper initiate.php remote file include
100000519 || COMMUNITY WEB-PHP VUBB index.php SQL injection attempt
100000520 || COMMUNITY WEB-PHP Xarancms xaramcms_haupt.php SQL injection attempt
100000521 || COMMUNITY WEB-PHP TPL Design TplShop category.php SQL injection 
attempt
100000522 || COMMUNITY WEB-PHP The Edge eCommerce Shop productDetail.php xss 
attempt
100000523 || COMMUNITY WEB-PHP CavoxCms index.php SQL injection attempt
100000524 || COMMUNITY WEB-PHP Micro CMS microcms-include.php remote file 
include
100000525 || COMMUNITY WEB-PHP PHPMyDirectory offer-pix.php xss attempt
100000526 || COMMUNITY WEB-PHP PHPMyDirectory index.php xss attempt
100000527 || COMMUNITY WEB-PHP AssoCIateD index.php xss attempt
100000528 || COMMUNITY WEB-PHP PHPMyForum topic.php xss attempt
100000529 || COMMUNITY WEB-PHP NC Linklist index.php xss attempt
100000530 || COMMUNITY WEB-PHP NC Linklist index.php xss attempt
100000531 || COMMUNITY WEB-PHP BtitTracker torrents.php SQL injection attempt
100000532 || COMMUNITY WEB-PHP BtitTracker torrents.php SQL injection attempt
100000533 || COMMUNITY WEB-PHP VUBB functions.php SQL injection attempt
100000534 || COMMUNITY WEB-PHP VUBB english.php xss attempt
100000535 || COMMUNITY WEB-PHP IMGallery galeria.php SQL injection attempt
100000536 || COMMUNITY WEB-PHP IMGallery galeria.php SQL injection attempt
100000537 || COMMUNITY WEB-PHP thinkWMS index.php SQL injection attempt
100000538 || COMMUNITY WEB-PHP thinkWMS index.php SQL injection attempt
100000539 || COMMUNITY WEB-PHP thinkWMS printarticle.php SQL injection attempt
100000540 || COMMUNITY WEB-PHP Enterprise Groupware index.php xss attempt
100000541 || COMMUNITY WEB-PHP Dating Agent picture.php SQL injection attempt
100000542 || COMMUNITY WEB-PHP Dating Agent mem.php SQL injection attempt
100000543 || COMMUNITY WEB-PHP Dating Agent search.php SQL injection attempt
100000544 || COMMUNITY WEB-PHP Dating Agent search.php SQL injection attempt
100000545 || COMMUNITY WEB-PHP PHP Blue Dragon CMS team_admin.php remote file 
include
100000546 || COMMUNITY WEB-PHP PHP Blue Dragon CMS rss_admin.php remote file 
include
100000547 || COMMUNITY WEB-PHP PHP Blue Dragon CMS manual_admin.php remote file 
include
100000548 || COMMUNITY WEB-PHP PHP Blue Dragon CMS forum_admin.php remote file 
include
100000549 || COMMUNITY WEB-PHP Custom Datin Biz user_view.php xss attempt
100000550 || COMMUNITY WEB-PHP Project Eros BBSEngine comment.php access
100000551 || COMMUNITY WEB-PHP Project Eros BBSEngine aolbonics.php access
100000552 || COMMUNITY WEB-PHP SmartSiteCMS inc_foot.php remote file include
100000553 || COMMUNITY WEB-PHP PHPMySMS gateway.php remote file include
100000554 || COMMUNITY WEB-PHP VebiMiau error.php xss attempt
100000555 || COMMUNITY WEB-PHP VebiMiau error.php xss attempt
100000556 || COMMUNITY WEB-PHP VebiMiau error.php xss attempt
100000557 || COMMUNITY WEB-PHP VebiMiau index.php xss attempt
100000558 || COMMUNITY WEB-PHP VebiMiau messages.php xss attempt
100000559 || COMMUNITY WEB-PHP Infinite Core Technologies ICT index.php SQL 
injection attempt
100000560 || COMMUNITY WEB-PHP eNpaper1 root_header.php remote file include
100000561 || COMMUNITY WEB-PHP dotProject ui.class.php xss attempt
100000562 || COMMUNITY WEB-PHP GL-SH Deaf Forum show.php xss attempt
100000563 || COMMUNITY WEB-PHP GL-SH Deaf Forum show.php xss attempt
100000564 || COMMUNITY WEB-PHP GL-SH Deaf Forum show.php xss attempt
100000565 || COMMUNITY WEB-PHP GL-SH Deaf Forum show.php xss attempt
100000566 || COMMUNITY WEB-PHP XennoBB messages.php xss attempt
100000567 || COMMUNITY WEB-PHP Qdig index.php xss attempt
100000568 || COMMUNITY WEB-PHP Qdig index.php xss attempt
100000569 || COMMUNITY WEB-PHP Indexu app_change_email.php remote file include
100000570 || COMMUNITY WEB-PHP Indexu app_change_pwd.php remote file include
100000571 || COMMUNITY WEB-PHP Indexu app_mod_rewrite.php remote file include
100000572 || COMMUNITY WEB-PHP Indexu app_page_caching.php remote file include
100000573 || COMMUNITY WEB-PHP Indexu app_setup.php remote file include
100000574 || COMMUNITY WEB-PHP Indexu cat_add.php remote file include
100000575 || COMMUNITY WEB-PHP Indexu cat_delete.php remote file include
100000576 || COMMUNITY WEB-PHP Indexu cat_edit.php remote file include
100000577 || COMMUNITY WEB-PHP Indexu cat_path_update.php remote file include
100000578 || COMMUNITY WEB-PHP Indexu cat_search.php remote file include
100000579 || COMMUNITY WEB-PHP Indexu cat_struc.php remote file include
100000580 || COMMUNITY WEB-PHP Indexu cat_view.php remote file include
100000581 || COMMUNITY WEB-PHP Indexu cat_view_hidden.php remote file include
100000582 || COMMUNITY WEB-PHP Indexu cat_view_hierarchy.php remote file include
100000583 || COMMUNITY WEB-PHP Indexu cat_view_registered_only.php remote file 
include
100000584 || COMMUNITY WEB-PHP Indexu checkurl_web.php remote file include
100000585 || COMMUNITY WEB-PHP Indexu db_alter.php remote file include
100000586 || COMMUNITY WEB-PHP Indexu db_alter_change.php remote file include
100000587 || COMMUNITY WEB-PHP Indexu db_backup.php remote file include
100000588 || COMMUNITY WEB-PHP Indexu db_export.php remote file include
100000589 || COMMUNITY WEB-PHP Indexu db_import.php remote file include
100000590 || COMMUNITY WEB-PHP Indexu editor_add.php remote file include
100000591 || COMMUNITY WEB-PHP Indexu editor_delete.php remote file include
100000592 || COMMUNITY WEB-PHP Indexu editor_validate.php remote file include
100000593 || COMMUNITY WEB-PHP Indexu head.php remote file include
100000594 || COMMUNITY WEB-PHP Indexu index.php remote file include
100000595 || COMMUNITY WEB-PHP Indexu inv_config.php remote file include
100000596 || COMMUNITY WEB-PHP Indexu inv_config_payment.php remote file include
100000597 || COMMUNITY WEB-PHP Indexu inv_create.php remote file include
100000598 || COMMUNITY WEB-PHP Indexu inv_delete.php remote file include
100000599 || COMMUNITY WEB-PHP Indexu inv_edit.php remote file include
100000600 || COMMUNITY WEB-PHP Indexu inv_markpaid.php remote file include
100000601 || COMMUNITY WEB-PHP Indexu inv_markunpaid.php remote file include
100000602 || COMMUNITY WEB-PHP Indexu inv_overdue.php remote file include
100000603 || COMMUNITY WEB-PHP Indexu inv_paid.php remote file include
100000604 || COMMUNITY WEB-PHP Indexu inv_send.php remote file include
100000605 || COMMUNITY WEB-PHP Indexu inv_unpaid.php remote file include
100000606 || COMMUNITY WEB-PHP Indexu lang_modify.php remote file include
100000607 || COMMUNITY WEB-PHP Indexu link_add.php remote file include
100000608 || COMMUNITY WEB-PHP Indexu link_bad.php remote file include
100000609 || COMMUNITY WEB-PHP Indexu link_bad_delete.php remote file include
100000610 || COMMUNITY WEB-PHP Indexu link_checkurl.php remote file include
100000611 || COMMUNITY WEB-PHP Indexu link_delete.php remote file include
100000612 || COMMUNITY WEB-PHP Indexu link_duplicate.php remote file include
100000613 || COMMUNITY WEB-PHP Indexu link_edit.php remote file include
100000614 || COMMUNITY WEB-PHP Indexu link_premium_listing.php remote file 
include
100000615 || COMMUNITY WEB-PHP Indexu link_premium_sponsored.php remote file 
include
100000616 || COMMUNITY WEB-PHP Indexu link_search.php remote file include
100000617 || COMMUNITY WEB-PHP Indexu link_sponsored_listing.php remote file 
include
100000618 || COMMUNITY WEB-PHP Indexu link_validate.php remote file include
100000619 || COMMUNITY WEB-PHP Indexu link_validate_edit.php remote file include
100000620 || COMMUNITY WEB-PHP Indexu link_view.php remote file include
100000621 || COMMUNITY WEB-PHP Indexu log_search.php remote file include
100000622 || COMMUNITY WEB-PHP Indexu mail_modify.php remote file include
100000623 || COMMUNITY WEB-PHP Indexu menu.php remote file include
100000624 || COMMUNITY WEB-PHP Indexu message_create.php remote file include
100000625 || COMMUNITY WEB-PHP Indexu message_delete.php remote file include
100000626 || COMMUNITY WEB-PHP Indexu message_edit.php remote file include
100000627 || COMMUNITY WEB-PHP Indexu message_send.php remote file include
100000628 || COMMUNITY WEB-PHP Indexu message_subscriber.php remote file include
100000629 || COMMUNITY WEB-PHP Indexu message_view.php remote file include
100000630 || COMMUNITY WEB-PHP Indexu review_validate.php remote file include
100000631 || COMMUNITY WEB-PHP Indexu review_validate_edit.php remote file 
include
100000632 || COMMUNITY WEB-PHP Indexu summary.php remote file include
100000633 || COMMUNITY WEB-PHP Indexu template_active.php remote file include
100000634 || COMMUNITY WEB-PHP Indexu template_add_custom.php remote file 
include
100000635 || COMMUNITY WEB-PHP Indexu template_delete.php remote file include
100000636 || COMMUNITY WEB-PHP Indexu template_delete_file.php remote file 
include
100000637 || COMMUNITY WEB-PHP Indexu template_duplicate.php remote file include
100000638 || COMMUNITY WEB-PHP Indexu template_export.php remote file include
100000639 || COMMUNITY WEB-PHP Indexu template_import.php remote file include
100000640 || COMMUNITY WEB-PHP Indexu template_manager.php remote file include
100000641 || COMMUNITY WEB-PHP Indexu template_modify.php remote file include
100000642 || COMMUNITY WEB-PHP Indexu template_modify_file.php remote file 
include
100000643 || COMMUNITY WEB-PHP Indexu template_rename.php remote file include
100000644 || COMMUNITY WEB-PHP Indexu user_add.php remote file include
100000645 || COMMUNITY WEB-PHP Indexu user_delete.php remote file include
100000646 || COMMUNITY WEB-PHP Indexu user_edit.php remote file include
100000647 || COMMUNITY WEB-PHP Indexu user_search.php remote file include
100000648 || COMMUNITY WEB-PHP Indexu whos.php remote file include
100000649 || COMMUNITY WEB-PHP MyPHP Guestbook index.php xss attempt
100000650 || COMMUNITY WEB-PHP MyPHP Guestbook index.php xss attempt
100000651 || COMMUNITY WEB-PHP MyPHP Guestbook index.php xss attempt
100000652 || COMMUNITY WEB-PHP MyPHP Guestbook index.php xss attempt
100000653 || COMMUNITY WEB-PHP MyPHP Guestbook index.php xss attempt
100000654 || COMMUNITY WEB-PHP MyPHP Guestbook index.php xss attempt
100000655 || COMMUNITY WEB-PHP MyPHP Guestbook guestbook.php xss attempt
100000656 || COMMUNITY WEB-PHP MyPHP Guestbook guestbook.php xss attempt
100000657 || COMMUNITY WEB-PHP MyPHP Guestbook guestbook.php xss attempt
100000658 || COMMUNITY WEB-PHP MyPHP Guestbook guestbook.php xss attempt
100000659 || COMMUNITY WEB-PHP MyPHP Guestbook guestbook.php xss attempt
100000660 || COMMUNITY WEB-PHP MyPHP Guestbook guestbook.php xss attempt
100000661 || COMMUNITY WEB-PHP MyPHP Guestbook edit.php xss attempt
100000662 || COMMUNITY WEB-PHP MyPHP Guestbook edit.php xss attempt
100000663 || COMMUNITY WEB-PHP MyPHP Guestbook edit.php xss attempt
100000664 || COMMUNITY WEB-PHP MyPHP Guestbook edit.php xss attempt
100000665 || COMMUNITY WEB-PHP MyPHP Guestbook edit.php xss attempt
100000666 || COMMUNITY WEB-PHP Harpia files.php remote file include
100000667 || COMMUNITY WEB-PHP Harpia files.php remote file include
100000668 || COMMUNITY WEB-PHP Harpia pheader.php remote file include
100000669 || COMMUNITY WEB-PHP Harpia headlines.php remote file include
100000670 || COMMUNITY WEB-PHP Harpia web_statsConfig.php remote file include
100000671 || COMMUNITY WEB-PHP Harpia preload.php remote file include
100000672 || COMMUNITY WEB-PHP Harpia users.php remote file include
100000673 || COMMUNITY WEB-PHP Harpia web_statsConfig.php remote file include
100000674 || COMMUNITY WEB-PHP Harpia footer.php remote file include
100000675 || COMMUNITY WEB-PHP Harpia pfooter.php remote file include
100000676 || COMMUNITY WEB-PHP Harpia missing.php remote file include
100000677 || COMMUNITY WEB-PHP Harpia topics.php remote file include
100000678 || COMMUNITY WEB-PHP Harpia header.php remote file include
100000679 || COMMUNITY WEB-PHP Harpia index.php remote file include
100000680 || COMMUNITY WEB-PHP Harpia search.php remote file include
100000681 || COMMUNITY WEB-PHP Harpia header.php remote file include
100000682 || COMMUNITY WEB-PHP Harpia email.php remote file include
100000683 || COMMUNITY WEB-PHP cPanel select.html xss attempt
100000684 || COMMUNITY VIRUS OutBound Dremn Trojan Beacon
100000685 || COMMUNITY VIRUS Answering Dremn Trojan Server



Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Snort-sigs] Bleedingsnort.com Daily Update, bleeding
Next by Date:  [Snort-sigs] Sourcefire VRT Certified Rules Update, Sourcefire VRT
Previous by Thread:  Re: [Snort-sigs] Snort Community Rules Update, Blake Hartstein
Next by Thread:  [Snort-sigs] Snort Community Rules Update, Sourcefire VRT
Indexes:  [Date] [Thread] [Top] [All Lists]