Network Security: Detailed info on [Snort-sigs] Bleeding Edge Threats Daily Update

Subject:	[Snort-sigs] Bleeding Edge Threats Daily Update
Date:	Wed, 1 Nov 2006 20:00:09 -0500 (EST)


[***] Results from Oinkmaster started Wed Nov  1 20:00:09 2006 [***]

[+++]          Added rules:          [+++]

 2003158 - BLEEDING-EDGE EXPLOIT Microsoft WMIScriptUtils.WMIObjectBroker 
object call CSLID (bleeding-exploit.rules)
 2003159 - BLEEDING-EDGE EXPLOIT Microsoft VsmIDE.DTE object call CSLID 
(bleeding-exploit.rules)
 2003160 - BLEEDING-EDGE EXPLOIT Microsoft DExplore.AppObj.8.0 object call 
CSLID (bleeding-exploit.rules)
 2003161 - BLEEDING-EDGE EXPLOIT Microsoft VisualStudio.DTE.8.0 object call 
CSLID (bleeding-exploit.rules)
 2003162 - BLEEDING-EDGE EXPLOIT Microsoft Microsoft.DbgClr.DTE.8.0 object call 
CSLID (bleeding-exploit.rules)
 2003163 - BLEEDING-EDGE EXPLOIT Microsoft VsaIDE.DTE object call CSLID 
(bleeding-exploit.rules)
 2003164 - BLEEDING-EDGE EXPLOIT Microsoft Business Object Factory object call 
CSLID (bleeding-exploit.rules)
 2003165 - BLEEDING-EDGE EXPLOIT Microsoft Outlook Data Object object call 
CSLID (bleeding-exploit.rules)
 2003166 - BLEEDING-EDGE EXPLOIT Microsoft Outlook.Application object call 
CSLID (bleeding-exploit.rules)
 2003167 - BLEEDING-EDGE tikiwiki featured link XSS attempt (bleeding-web.rules)


[///]     Modified active rules:     [///]

 2402000 - BLEEDING-EDGE DROP Dshield Block Listed Source 
(bleeding-dshield.rules)
 2403000 - BLEEDING-EDGE DROP Dshield Block Listed Source - BLOCKING 
(bleeding-dshield-BLOCK.rules)
 2410000 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 1)  
(bleeding-botcc.rules)
 2410001 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 2)  
(bleeding-botcc.rules)
 2410002 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 3)  
(bleeding-botcc.rules)
 2410003 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 4)  
(bleeding-botcc.rules)
 2410004 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 5)  
(bleeding-botcc.rules)
 2410005 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 6)  
(bleeding-botcc.rules)
 2410006 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 7)  
(bleeding-botcc.rules)
 2410007 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 8)  
(bleeding-botcc.rules)
 2410008 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 9)  
(bleeding-botcc.rules)
 2411000 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 1) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2411001 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 2) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2411002 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 3) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2411003 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 4) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2411004 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 5) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2411005 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 6) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2411006 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 7) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2411007 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 8) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2411008 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 9) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-exploit.rules (1):
        # Submitted 2006-11-01 by Frank Knobbe

     -> Added to bleeding-sid-msg.map (10):
        2003158 || BLEEDING-EDGE EXPLOIT Microsoft 
WMIScriptUtils.WMIObjectBroker object call CSLID || cve,2006-4704 || 
url,secunia.com/advisories/22603 || url,www.securityfocus.com/bid/20843
        2003159 || BLEEDING-EDGE EXPLOIT Microsoft VsmIDE.DTE object call CSLID
        2003160 || BLEEDING-EDGE EXPLOIT Microsoft DExplore.AppObj.8.0 object 
call CSLID
        2003161 || BLEEDING-EDGE EXPLOIT Microsoft VisualStudio.DTE.8.0 object 
call CSLID
        2003162 || BLEEDING-EDGE EXPLOIT Microsoft Microsoft.DbgClr.DTE.8.0 
object call CSLID
        2003163 || BLEEDING-EDGE EXPLOIT Microsoft VsaIDE.DTE object call CSLID
        2003164 || BLEEDING-EDGE EXPLOIT Microsoft Business Object Factory 
object call CSLID
        2003165 || BLEEDING-EDGE EXPLOIT Microsoft Outlook Data Object object 
call CSLID
        2003166 || BLEEDING-EDGE EXPLOIT Microsoft Outlook.Application object 
call CSLID
        2003167 || BLEEDING-EDGE tikiwiki featured link XSS attempt || 
url,www.securityfocus.com/archive/1/450268/30/0

     -> Added to bleeding-web.rules (1):
        # Submitted 2006-11-01 by Victor Julien as sighted on Bugtraq


-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs

<Prev in Thread]	Current Thread	[Next in Thread>
[Snort-sigs] Bleeding Edge Threats Daily Update, bleeding <= [Snort-sigs] Bleeding Edge Threats Daily Update, bleeding [Snort-sigs] Bleeding Edge Threats Daily Update, bleeding [Snort-sigs] Bleeding Edge Threats Daily Update, bleeding [Snort-sigs] Bleeding Edge Threats Daily Update, bleeding [Snort-sigs] Bleeding Edge Threats Daily Update, bleeding [Snort-sigs] Bleeding Edge Threats Daily Update, bleeding [Snort-sigs] Bleeding Edge Threats Daily Update, bleeding [Snort-sigs] Bleeding Edge Threats Daily Update, bleeding [Snort-sigs] Bleeding Edge Threats Daily Update, bleeding [Snort-sigs] Bleeding Edge Threats Daily Update, bleeding

Previous by Date:	Re: [Snort-sigs] Dynamic DNS update attempt (new sig), Brian
Next by Date:	[Snort-sigs] Bleeding Edge Threats Daily Update, bleeding
Previous by Thread:	Re: [Snort-sigs] new rule for detect windows NAT DNS DoS, M. Shirk
Next by Thread:	[Snort-sigs] Bleeding Edge Threats Daily Update, bleeding
Indexes:	[Date] [Thread] [Top] [All Lists]