Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Snort-Signatures
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Snort-sigs] Snort Community Rules Update

from [Sourcefire VRT] Network Security [Permanent Link]
Subject: [Snort-sigs] Snort Community Rules Update
Date: Fri, 14 Jul 2006 09:56:05 -0400 
This message is to announce the availability of an update for the Sourcefire 
community rule set, which can be downloaded free of cost or registration from 
http://www.snort.org/pub-bin/downloads.cgi.

New rules in this release are identified as SIDs 100000689-100000819. These 
rules cover detection of the Mytob virus over e-mail; a buffer overflow in 
Winamp via MIDI files; and SQL injection and cross-site scripting attacks 
against a large number of web programs.

A list of modified rules and their SIDs follows.

Alex Kirk
Community Rules Maintainer
Sourcefire, Inc.

100000689 || COMMUNITY SMTP Mytob MAIL FROM Attempt
100000690 || COMMUNITY SQL-INJECTION BXCP Sql Injection attempt
100000691 || COMMUNITY SQL-INJECTION Diesel Joke Script Sql Injection attempt
100000692 || COMMUNITY WEB-CLIENT midi file download attempt
100000693 || COMMUNITY WEB-CLIENT winamp midi file header overflow attempt
100000694 || COMMUNITY WEB-MISC VCard PRO gbrowse.php SQL injection attempt
100000695 || COMMUNITY WEB-MISC VCard PRO rating.php SQL injection attempt
100000696 || COMMUNITY WEB-MISC VCard PRO create.php SQL injection attempt
100000697 || COMMUNITY WEB-MISC VCard PRO search.php SQL injection attempt
100000698 || COMMUNITY WEB-MISC BXCP index.php SQL injection attempt
100000699 || COMMUNITY WEB-MISC Vincent Leclercq News diver.php xss attempt
100000700 || COMMUNITY WEB-MISC Vincent Leclercq News diver.php xss attempt
100000701 || COMMUNITY WEB-MISC WordPress index.php SQL injection attempt
100000702 || COMMUNITY WEB-MISC Webvizyon SayfalaAltList.asp MSSQL injection 
attempt
100000703 || COMMUNITY WEB-PHP Horde index.php show XSS attempt
100000704 || COMMUNITY WEB-PHP SmartSiteCMS comment.php remote file include
100000705 || COMMUNITY WEB-PHP SmartSiteCMS test.php remote file include
100000706 || COMMUNITY WEB-PHP SmartSiteCMS index.php remote file include
100000707 || COMMUNITY WEB-PHP SmartSiteCMS inc_adminfoot.php remote file 
include
100000708 || COMMUNITY WEB-PHP SmartSiteCMS comedit.php remote file include
100000709 || COMMUNITY WEB-PHP SquirrelMail search.php xss attempt
100000710 || COMMUNITY WEB-PHP Xoops MyAds Module annonces-p-f.php SQL 
injection attempt
100000711 || COMMUNITY WEB-PHP PHPRaid raids.php remote file include
100000712 || COMMUNITY WEB-PHP PHPRaid register.php remote file include
100000713 || COMMUNITY WEB-PHP PHPRaid roster.php remote file include
100000714 || COMMUNITY WEB-PHP PHPRaid view.php remote file include
100000715 || COMMUNITY WEB-PHP PHPRaid logs.php remote file include
100000716 || COMMUNITY WEB-PHP PHPRaid users.php remote file include
100000717 || COMMUNITY WEB-PHP PHPRaid configuration.php remote file include
100000718 || COMMUNITY WEB-PHP PHPRaid guilds.php remote file include
100000719 || COMMUNITY WEB-PHP PHPRaid index.php remote file include
100000720 || COMMUNITY WEB-PHP PHPRaid locations.php remote file include
100000721 || COMMUNITY WEB-PHP PHPRaid login.php remote file include
100000722 || COMMUNITY WEB-PHP PHPRaid lua_output.php remote file include
100000723 || COMMUNITY WEB-PHP PHPRaid permissions.php remote file include
100000724 || COMMUNITY WEB-PHP PHPRaid profile.php remote file include
100000725 || COMMUNITY WEB-PHP PHPRaid view.php SQL injection attempt
100000726 || COMMUNITY WEB-PHP Vincent-Leclercq News diver.php SQL injection 
attempt
100000727 || COMMUNITY WEB-PHP Softbiz Banner Exchange insertmember.php xss 
attempt
100000728 || COMMUNITY WEB-PHP Geeklog functions.inc remote file include
100000729 || COMMUNITY WEB-PHP Geeklog functions.inc remote file include
100000730 || COMMUNITY WEB-PHP Geeklog BlackList.Examine.class.php remote file 
include
100000731 || COMMUNITY WEB-PHP Geeklog DeleteComment.Action.class.php remote 
file include
100000732 || COMMUNITY WEB-PHP Geeklog EditIPofURL.Admin.class.php remote file 
include
100000733 || COMMUNITY WEB-PHP Geeklog MTBlackList.Examine.class.php remote 
file include
100000734 || COMMUNITY WEB-PHP Geeklog MassDelete.Admin.class.php remote file 
include
100000735 || COMMUNITY WEB-PHP Geeklog MailAdmin.Action.class.php remote file 
include
100000736 || COMMUNITY WEB-PHP Geeklog MassDelTrackback.Admin.class.php remote 
file include
100000737 || COMMUNITY WEB-PHP Geeklog EditHeader.Admin.class.php remote file 
include
100000738 || COMMUNITY WEB-PHP Geeklog EditIP.Admin.class.php remote file 
include
100000739 || COMMUNITY WEB-PHP Geeklog IPofUrl.Examine.class.php remote file 
include
100000740 || COMMUNITY WEB-PHP Geeklog Import.Admin.class.php remote file 
include
100000741 || COMMUNITY WEB-PHP Geeklog LogView.Admin.class.php remote file 
include
100000742 || COMMUNITY WEB-PHP Geeklog functions.inc remote file include
100000743 || COMMUNITY WEB-PHP Plume CMS dbinstall.php remote file include
100000744 || COMMUNITY WEB-PHP MyNewsGroups tree.php SQL injection attempt
100000745 || COMMUNITY WEB-PHP Diesel Joke Site category.php SQL injection 
attempt
100000746 || COMMUNITY WEB-PHP Randshop header.inc.php remote file include
100000747 || COMMUNITY WEB-PHP Plume CMS index.php remote file include
100000748 || COMMUNITY WEB-PHP Plume CMS rss.php remote file include
100000749 || COMMUNITY WEB-PHP Plume CMS search.php remote file include
100000750 || COMMUNITY WEB-PHP Free QBoard index.php remote file include
100000751 || COMMUNITY WEB-PHP Free QBoard about.php remote file include
100000752 || COMMUNITY WEB-PHP Free QBoard contact.php remote file include
100000753 || COMMUNITY WEB-PHP Free QBoard delete.php remote file include
100000754 || COMMUNITY WEB-PHP Free QBoard faq.php remote file include
100000755 || COMMUNITY WEB-PHP Free QBoard features.php remote file include
100000756 || COMMUNITY WEB-PHP Free QBoard history.php remote file include
100000757 || COMMUNITY WEB-PHP QTO File Manager qtofm.php xss attempt
100000758 || COMMUNITY WEB-PHP QTO File Manager qtofm.php xss attempt
100000759 || COMMUNITY WEB-PHP QTO File Manager qtofm.php xss attempt
100000760 || COMMUNITY WEB-PHP The Banner Engine top.php xss attempt
100000761 || COMMUNITY WEB-PHP PHPWebGallery comments.php xss attempt
100000762 || COMMUNITY WEB-PHP Randshop index.php remote file include
100000763 || COMMUNITY WEB-PHP Kamikaze-QSCM config.inc access
100000764 || COMMUNITY WEB-PHP MyPHP CMS global_header.php remote file include
100000765 || COMMUNITY WEB-PHP LifeType index.php SQL injection attempt
100000766 || COMMUNITY WEB-PHP Blog CMS thumb.php remote file include
100000767 || COMMUNITY WEB-PHP Blog CMS index.php SQL injection attempt
100000768 || COMMUNITY WEB-PHP Blog CMS index.php SQL injection attempt
100000769 || COMMUNITY WEB-PHP Blog CMS index.php SQL injection attempt
100000770 || COMMUNITY WEB-PHP Blog CMS index.php SQL injection attempt
100000771 || COMMUNITY WEB-PHP Blog CMS index.php SQL injection attempt
100000772 || COMMUNITY WEB-PHP Blog CMS index.php SQL injection attempt
100000773 || COMMUNITY WEB-PHP Blog CMS index.php SQL injection attempt
100000774 || COMMUNITY WEB-PHP Blog CMS index.php SQL injection attempt
100000775 || COMMUNITY WEB-PHP Blog CMS index.php SQL injection attempt
100000776 || COMMUNITY WEB-PHP Blog CMS index.php SQL injection attempt
100000777 || COMMUNITY WEB-PHP Blog CMS action.php SQL injection attempt
100000778 || COMMUNITY WEB-PHP PHPMailList maillist.php xss attempt
100000779 || COMMUNITY WEB-PHP Horde index.php xss attempt
100000780 || COMMUNITY WEB-PHP Horde problem.php xss attempt
100000781 || COMMUNITY WEB-PHP Horde go.php xss attempt
100000782 || COMMUNITY WEB-PHP Horde go.php xss attempt
100000783 || COMMUNITY WEB-PHP ATutor create_course.php xss attempt
100000784 || COMMUNITY WEB-PHP ATutor create_course.php xss attempt
100000785 || COMMUNITY WEB-PHP ATutor password_reminder.php xss attempt
100000786 || COMMUNITY WEB-PHP ATutor browse.php xss attempt
100000787 || COMMUNITY WEB-PHP ATutor fix_content.php xss attempt
100000788 || COMMUNITY WEB-PHP FreeWebshop search.php xss attempt
100000789 || COMMUNITY WEB-PHP FreeWebshop details.php SQL injection attempt
100000790 || COMMUNITY WEB-PHP Pivot edit_new.php remote file include
100000791 || COMMUNITY WEB-PHP Pivot pv_core.php access
100000792 || COMMUNITY WEB-PHP Pivot blogroll.php xss attempt
100000793 || COMMUNITY WEB-PHP Pivot blogroll.php xss attempt
100000794 || COMMUNITY WEB-PHP Pivot blogroll.php xss attempt
100000795 || COMMUNITY WEB-PHP Pivot blogroll.php xss attempt
100000796 || COMMUNITY WEB-PHP Pivot blogroll.php xss attempt
100000797 || COMMUNITY WEB-PHP Pivot blogroll.php xss attempt
100000798 || COMMUNITY WEB-PHP Pivot blogroll.php xss attempt
100000799 || COMMUNITY WEB-PHP Pivot blogroll.php xss attempt
100000800 || COMMUNITY WEB-PHP Pivot editor_menu.php xss attempt
100000801 || COMMUNITY WEB-PHP Pivot editor_menu.php xss attempt
100000802 || COMMUNITY WEB-PHP BosClassifieds index.php remote file include
100000803 || COMMUNITY WEB-PHP BosClassifieds recent.php remote file include
100000804 || COMMUNITY WEB-PHP BosClassifieds account.php remote file include
100000805 || COMMUNITY WEB-PHP BosClassifieds classified.php remote file include
100000806 || COMMUNITY WEB-PHP BosClassifieds search.php remote file include
100000807 || COMMUNITY WEB-PHP CommonSense search.php SQL injection attempt
100000808 || COMMUNITY WEB-PHP AjaxPortal ajaxp.php SQL injection attempt
100000809 || COMMUNITY WEB-PHP RW Download stats.php remote file include
100000810 || COMMUNITY WEB-PHP PHPBB download.php remote file include
100000811 || COMMUNITY WEB-PHP PHPBB attach_rules.php remote file include
100000812 || COMMUNITY WEB-PHP SimpleBoard SBP index.php remote file include
100000813 || COMMUNITY WEB-PHP SimpleBoard SBP file_upload.php remote file 
include
100000814 || COMMUNITY WEB-PHP SimpleBoard SBP image_upload.php remote file 
include
100000815 || COMMUNITY WEB-PHP SimpleBoard SBP performs.php remote file include
100000816 || COMMUNITY WEB-PHP PC_CookBook pccookbook.php remote file include
100000817 || COMMUNITY WEB-PHP SMF Forum smf.php remote file include
100000818 || COMMUNITY WEB-PHP Graffiti Forums topics.php SQL injection attempt
100000819 || COMMUNITY WEB-PHP PhpWebGallery XSS attempt



-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Snort-sigs] Sourcefire VRT Certified Rules Update, Sourcefire VRT
Next by Date:  [Snort-sigs] Suppressing both SRC AND DST in threshold.conf?, Eric Hines
Previous by Thread:  [Snort-sigs] Snort Community Rules Update, Sourcefire VRT
Next by Thread:  [Snort-sigs] Snort Community Rules Update, Sourcefire VRT
Indexes:  [Date] [Thread] [Top] [All Lists]