[Snort-sigs] Bleeding Edge Threats Daily Update

[***] Results from Oinkmaster started Fri Nov 10 20:00:10 2006 [***]

[///]     Modified active rules:     [///]

 2001720 - BLEEDING-EDGE EXPLOIT CAN-2004-0597 PNG with indexed color 
(bleeding-exploit.rules)
 2001721 - BLEEDING-EDGE EXPLOIT CAN-2004-0597 PNG with too big PLTE 
(bleeding-exploit.rules)
 2001722 - BLEEDING-EDGE EXPLOIT CAN-2004-0597 PNG with too big hIST 
(bleeding-exploit.rules)
 2001807 - BLEEDING-EDGE EXPLOIT CAN-2005-0399 Gif Vuln via http 
(bleeding-exploit.rules)
 2402000 - BLEEDING-EDGE DROP Dshield Block Listed Source 
(bleeding-dshield.rules)
 2403000 - BLEEDING-EDGE DROP Dshield Block Listed Source - BLOCKING 
(bleeding-dshield-BLOCK.rules)
 2410000 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 1)  
(bleeding-botcc.rules)
 2410001 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 2)  
(bleeding-botcc.rules)
 2410002 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 3)  
(bleeding-botcc.rules)
 2410003 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 4)  
(bleeding-botcc.rules)
 2410004 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 5)  
(bleeding-botcc.rules)
 2410005 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 6)  
(bleeding-botcc.rules)
 2410006 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 7)  
(bleeding-botcc.rules)
 2410007 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 8)  
(bleeding-botcc.rules)
 2410008 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 9)  
(bleeding-botcc.rules)
 2411000 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 1) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2411001 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 2) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2411002 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 3) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2411003 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 4) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2411004 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 5) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2411005 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 6) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2411006 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 7) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2411007 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 8) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2411008 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 9) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)


[///]    Modified inactive rules:    [///]

 2001718 - BLEEDING-EDGE EXPLOIT CAN-2004-1244 PNG with bad width 
(bleeding-exploit.rules)
 2001719 - BLEEDING-EDGE EXPLOIT CAN-2004-1244 PNG with bad height 
(bleeding-exploit.rules)
 2001723 - BLEEDING-EDGE EXPLOIT ATmaCA PoC for CORE-2004-0819 - Bad PNG 
(bleeding-exploit.rules)


[---]         Removed rules:         [---]

 2410009 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 10)  
(bleeding-botcc.rules)
 2411009 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 10) - BLOCKING 
SOURCE (bleeding-botcc-BLOCK.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-sid-msg.map (6):
        2001718 || BLEEDING-EDGE EXPLOIT CAN-2004-1244 PNG with bad width || 
cve,2004-1214
        2001719 || BLEEDING-EDGE EXPLOIT CAN-2004-1244 PNG with bad height || 
cve,2004-1214
        2001720 || BLEEDING-EDGE EXPLOIT CAN-2004-0597 PNG with indexed color 
|| cve,2004-0597
        2001721 || BLEEDING-EDGE EXPLOIT CAN-2004-0597 PNG with too big PLTE || 
cve,2004-0597
        2001722 || BLEEDING-EDGE EXPLOIT CAN-2004-0597 PNG with too big hIST || 
cve,2004-0597
        2001807 || BLEEDING-EDGE EXPLOIT CAN-2005-0399 Gif Vuln via http || 
cve,2005-0399

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-sid-msg.map (8):
        2001718 || BLEEDING-EDGE EXPLOIT CAN-2004-1244 PNG with bad width
        2001719 || BLEEDING-EDGE EXPLOIT CAN-2004-1244 PNG with bad height
        2001720 || BLEEDING-EDGE EXPLOIT CAN-2004-0597 PNG with indexed color
        2001721 || BLEEDING-EDGE EXPLOIT CAN-2004-0597 PNG with too big PLTE
        2001722 || BLEEDING-EDGE EXPLOIT CAN-2004-0597 PNG with too big hIST
        2001807 || BLEEDING-EDGE EXPLOIT CAN-2005-0399 Gif Vuln via http
        2410009 || BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 10)  
|| url,www.shadowserver.org
        2411009 || BLEEDING-EDGE DROP Known Bot C&C Traffic (group 10) - 
BLOCKING SOURCE || url,www.shadowserver.org


-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs