Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Snort-Signatures
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Snort-sigs] Bleeding Edge Threats Daily Signature Changes

from [bleeding] Network Security [Permanent Link]
Subject: [Snort-sigs] Bleeding Edge Threats Daily Signature Changes
Date: Thu, 17 May 2007 16:00:06 -0400 (EDT) 

[***] Results from Oinkmaster started Thu May 17 16:00:05 2007 [***]

[+++]          Added rules:          [+++]

       0 - BLEEDING-EDGE WEB TellTarget CMS Remote Inclusion 3_lay.php 
tt_docroot (bleeding-web.rules)
 2003638 - BLEEDING-EDGE VIRUS AV-Killer.Win32 User Agent Detected 
(p4r4z1t3v3.one14.J) (bleeding-virus.rules)
 2003660 - BLEEDING-EDGE WEB Persism CMS Remote Inclusion Attempt - 
Headerfile.php System (bleeding-web.rules)
 2003661 - BLEEDING-EDGE WEB Persism CMS Remote Inclusion Attempt -- 
latest_files.php System (bleeding-web.rules)
 2003662 - BLEEDING-EDGE WEB Persism CMS Remote Inclusion Attempt -- 
latest_posts.php System (bleeding-web.rules)
 2003663 - BLEEDING-EDGE WEB Persism CMS Remote Inclusion Attempt -- 
groups_headerfile.php System (bleeding-web.rules)
 2003664 - BLEEDING-EDGE WEB Persism CMS Remote Inclusion Attempt -- 
filters_headerfile.php System (bleeding-web.rules)
 2003665 - BLEEDING-EDGE WEB Persism CMS Remote Inclusion Attempt -- links.php 
System (bleeding-web.rules)
 2003666 - BLEEDING-EDGE WEB Persism CMS Remote Inclusion Attempt -- 
menu_headerfile.php System (bleeding-web.rules)
 2003667 - BLEEDING-EDGE WEB Persism CMS Remote Inclusion Attempt -- 
latest_news.php System (bleeding-web.rules)
 2003668 - BLEEDING-EDGE WEB Persism CMS Remote Inclusion Attempt -- 
settings_headerfile.php System (bleeding-web.rules)
 2003669 - BLEEDING-EDGE WEB TopTree Remote Inclusion Attempt -- 
tpl_message.php right_file (bleeding-web.rules)
 2003670 - BLEEDING-EDGE WEB Workbench Survival Guide Remote Inclusion Attempt 
-- headerfile.php path (bleeding-web.rules)
 2003671 - BLEEDING-EDGE WEB Versado CMS Remote Inclusion Attempt -- 
ajax_listado.php urlModulo (bleeding-web.rules)
 2003672 - BLEEDING-EDGE WEB PMECMS Remote Inclusion Attempt -- 
mod_image_index.php config[pathMod] (bleeding-web.rules)
 2003673 - BLEEDING-EDGE WEB PMECMS Remote Inclusion Attempt -- 
mod_liens_index.php config[pathMod] (bleeding-web.rules)
 2003674 - BLEEDING-EDGE WEB PMECMS Remote Inclusion Attempt -- 
mod_liste_index.php config[pathMod] (bleeding-web.rules)
 2003675 - BLEEDING-EDGE WEB PMECMS Remote Inclusion Attempt -- 
mod_special_index.php config[pathMod] (bleeding-web.rules)
 2003676 - BLEEDING-EDGE WEB PMECMS Remote Inclusion Attempt -- 
mod_texte_index.php config[pathMod] (bleeding-web.rules)
 2003677 - BLEEDING-EDGE WEB Berylium2 Remote Inclusion Attempt -- 
berylium-classes.php beryliumroot (bleeding-web.rules)
 2003678 - BLEEDING-EDGE WEB Tropicalm Remote Inclusion Attempt -- dosearch.php 
RESPATH (bleeding-web.rules)
 2003679 - BLEEDING-EDGE WEB DynamicPAD Remote Inclusion Attempt -- dp_logs.php 
HomeDir (bleeding-web.rules)
 2003680 - BLEEDING-EDGE WEB DynamicPAD Remote Inclusion Attempt -- index.php 
HomeDir (bleeding-web.rules)
 2003681 - BLEEDING-EDGE WEB Persism CMS Remote Inclusion Attempt -- 
users_headerfile.php System (bleeding-web.rules)
 2003682 - BLEEDING-EDGE WEB E-Gads Remote Inclusion Attempt -- common.php 
locale (bleeding-web.rules)
 2003683 - BLEEDING-EDGE WEB PHP Turbulence Remote Inclusion Attempt -- 
turbulence.php GLOBALS[tcore] (bleeding-web.rules)
 2003684 - BLEEDING-EDGE WEB MXBB Remote Inclusion Attempt -- faq.php 
module_root_path (bleeding-web.rules)
 2003685 - BLEEDING-EDGE WEB Wordpress Remote Inclusion Attempt -- 
wptable-button.php wpPATH (bleeding-web.rules)
 2003686 - BLEEDING-EDGE WEB Wordpress Remote Inclusion Attempt -- 
wordtube-button.php wpPATH (bleeding-web.rules)
 2003687 - BLEEDING-EDGE WEB TurnKeyWebTools Remote Inclusion Attempt -- 
payflow_pro.php abs_path (bleeding-web.rules)
 2003688 - BLEEDING-EDGE WEB TurnKeyWebTools Remote Inclusion Attempt -- 
global.php abs_path (bleeding-web.rules)
 2003689 - BLEEDING-EDGE WEB TurnKeyWebTools Remote Inclusion Attempt -- 
libsecure.php abs_path (bleeding-web.rules)
 2003690 - BLEEDING-EDGE WEB Firefly Remote Inclusion Attempt -- config.php 
DOCUMENT_ROOT (bleeding-web.rules)
 2003691 - BLEEDING-EDGE WEB Pixaria Gallery Remote Inclusion Attempt -- 
psg.smarty.lib.php cfg[sys][base_path] (bleeding-web.rules)
 2003692 - BLEEDING-EDGE WEB VM Watermark Remote Inclusion Attempt -- 
watermark.php GALLERY_BASEDIR (bleeding-web.rules)
 2003693 - BLEEDING-EDGE WEB PHPtree Remote Inclusion Attempt -- cms2.php s_dir 
(bleeding-web.rules)
 2003694 - BLEEDING-EDGE WEB NoAH Remote Inclusion Attempt -- mfa_theme.php 
tpls (bleeding-web.rules)
 2003696 - BLEEDING-EDGE WEB Wikivi5 Remote Inclusion Attempt -- show.php 
sous_rep (bleeding-web.rules)
 2003698 - BLEEDING-EDGE WEB pfa CMS Remote Inclusion index.php abs_path 
(bleeding-web.rules)
 2003699 - BLEEDING-EDGE WEB pfa CMS Remote Inclusion checkout.php abs_path 
(bleeding-web.rules)
 2003700 - BLEEDING-EDGE WEB pfa CMS Remote Inclusion libsecure.php abs_path 
(bleeding-web.rules)
 2003701 - BLEEDING-EDGE WEB pfa CMS Remote Inclusion index.php repinc 
(bleeding-web.rules)
 2003702 - BLEEDING-EDGE WEB Pixaria Gallery Remote Inclusion class.Smarty.php 
cfg[sys][base_path] (bleeding-web.rules)
 2003703 - BLEEDING-EDGE WEB phpMyPortal Remote Inclusion Attempt -- 
articles.inc.php GLOBALS[CHEMINMODULES] (bleeding-web.rules)
 2003704 - BLEEDING-EDGE WEB AForum Remote Inclusion func.php CommonAbsDir 
(bleeding-web.rules)
 2003705 - BLEEDING-EDGE WEB TellTarget CMS Remote Inclusion site_conf.php 
ordnertiefe (bleeding-web.rules)
 2003706 - BLEEDING-EDGE WEB TellTarget CMS Remote Inclusion class.csv.php 
tt_docroot (bleeding-web.rules)
 2003707 - BLEEDING-EDGE WEB TellTarget CMS Remote Inclusion 
produkte_nach_serie.php tt_docroot (bleeding-web.rules)
 2003708 - BLEEDING-EDGE WEB TellTarget CMS Remote Inclusion ref_kd_rubrik.php 
tt_docroot (bleeding-web.rules)
 2003709 - BLEEDING-EDGE WEB TellTarget CMS Remote Inclusion 
hg_referenz_jobgalerie.php tt_docroot (bleeding-web.rules)
 2003710 - BLEEDING-EDGE WEB TellTarget CMS Remote Inclusion 
surfer_anmeldung_NWL.php tt_docroot (bleeding-web.rules)
 2003711 - BLEEDING-EDGE WEB TellTarget CMS Remote Inclusion 
produkte_nach_serie_alle.php tt_docroot (bleeding-web.rules)
 2003712 - BLEEDING-EDGE WEB TellTarget CMS Remote Inclusion surfer_aendern.php 
tt_docroot (bleeding-web.rules)
 2003713 - BLEEDING-EDGE WEB TellTarget CMS Remote Inclusion referenz.php 
tt_docroot (bleeding-web.rules)
 2003714 - BLEEDING-EDGE WEB TellTarget CMS Remote Inclusion lay.php tt_docroot 
(bleeding-web.rules)
 2003715 - BLEEDING-EDGE WEB TellTarget CMS Remote Inclusion ref_kd_rubrik.php 
tt_docroot (bleeding-web.rules)
 2003716 - BLEEDING-EDGE WEB LaVague Remote Inclusion Attempt -- printbar.php 
views_path (bleeding-web.rules)
 2003717 - BLEEDING-EDGE WEB miplex2 Remote Inclusion SmartyFU.class.php system 
(bleeding-web.rules)
 2003718 - BLEEDING-EDGE WEB gnuedu Remote Inclusion Attempt -- lom.php ETCDIR 
(bleeding-web.rules)
 2003719 - BLEEDING-EDGE WEB gnuedu Remote Inclusion Attempt -- lom_update.php 
ETCDIR (bleeding-web.rules)
 2003720 - BLEEDING-EDGE WEB gnuedu Remote Inclusion Attempt -- check-lom.php 
ETCDIR (bleeding-web.rules)
 2003721 - BLEEDING-EDGE WEB gnuedu Remote Inclusion Attempt -- 
weigh_keywords.php ETCDIR (bleeding-web.rules)
 2003722 - BLEEDING-EDGE WEB gnuedu Remote Inclusion Attempt -- logout.php 
ETCDIR (bleeding-web.rules)
 2003723 - BLEEDING-EDGE WEB gnuedu Remote Inclusion Attempt -- help.php ETCDIR 
(bleeding-web.rules)
 2003724 - BLEEDING-EDGE WEB gnuedu Remote Inclusion Attempt -- index.php 
ETCDIR (bleeding-web.rules)
 2003725 - BLEEDING-EDGE WEB gnuedu Remote Inclusion Attempt -- login.php 
ETCDIR (bleeding-web.rules)
 2003726 - BLEEDING-EDGE WEB CGX Remote Inclusion Attempt -- mtdialogo.php 
pathCGX (bleeding-web.rules)
 2003727 - BLEEDING-EDGE WEB CGX Remote Inclusion Attempt -- ltdialogo.php 
pathCGX (bleeding-web.rules)
 2003728 - BLEEDING-EDGE WEB CGX Remote Inclusion Attempt -- logingecon.php 
pathCGX (bleeding-web.rules)
 2003729 - BLEEDING-EDGE WEB CGX Remote Inclusion Attempt -- login.php pathCGX 
(bleeding-web.rules)
 2003730 - BLEEDING-EDGE WEB PHPHtmlLib Remote Inclusion Attempt -- widget8.php 
phphtmllib (bleeding-web.rules)
 2003731 - BLEEDING-EDGE WEB PHPLojaFacil Remote Inclusion Attempt -- ftp.php 
path_local (bleeding-web.rules)
 2003732 - BLEEDING-EDGE WEB PHPLojaFacil Remote Inclusion Attempt -- db.php 
path_local (bleeding-web.rules)
 2003733 - BLEEDING-EDGE WEB PHPLojaFacil Remote Inclusion Attempt -- 
libs_ftp.php path_local (bleeding-web.rules)
 2003735 - BLEEDING-EDGE WEB PHPSecurityAdmin Remote Inclusion Attempt -- 
logout.php PSA_PATH (bleeding-web.rules)
 2003736 - BLEEDING-EDGE WEB AForum Remote Inclusion Attempt -- errormsg.php 
header (bleeding-web.rules)
 2003737 - BLEEDING-EDGE WEB CJG Explorer Remote Inclusion Attempt -- 
pcltrace.lib.php g_pcltar_lib_dir (bleeding-web.rules)
 2003738 - BLEEDING-EDGE WEB Beacon Remote Inclusion Attempt -- splash.lang.php 
languagePath (bleeding-web.rules)
 2003739 - BLEEDING-EDGE WEB Yaap Remote Inclusion Attempt -- common.php 
root_path (bleeding-web.rules)
 2003740 - BLEEDING-EDGE WEB PHPFirstPost Remote Inclusion Attempt block.php 
Include (bleeding-web.rules)
 2003741 - BLEEDING-EDGE WEB Open Translation Engine Remote Inclusion Attempt 
-- header.php ote_home (bleeding-web.rules)
 2003742 - BLEEDING-EDGE WEB PHPChess Remote Inclusion Attempt -- language.php 
config (bleeding-web.rules)
 2003743 - BLEEDING-EDGE WEB PHPChess Remote Inclusion Attempt -- 
layout_admin_cfg.php Root_Path (bleeding-web.rules)
 2003744 - BLEEDING-EDGE WEB PHPChess Remote Inclusion Attempt -- 
layout_cfg.php Root_Path (bleeding-web.rules)
 2003745 - BLEEDING-EDGE WEB PHPChess Remote Inclusion Attempt -- 
layout_t_top.php Root_Path (bleeding-web.rules)
 2003746 - BLEEDING-EDGE WEB Simple PHP Script Gallery Remote Inclusion 
index.php gallery (bleeding-web.rules)
 2003747 - BLEEDING-EDGE WEB gnuedu Remote Inclusion Attempt -- lom.php ETCDIR 
(bleeding-web.rules)


[///]     Modified active rules:     [///]

 2003302 - BLEEDING-EDGE TROJAN psyBNC IRC Server Connection 
(bleeding-virus.rules)
 2400000 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound 
(bleeding-drop.rules)
 2400001 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound 
(bleeding-drop.rules)
 2400002 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound 
(bleeding-drop.rules)
 2400003 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound 
(bleeding-drop.rules)
 2400004 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound 
(bleeding-drop.rules)
 2401000 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING 
SOURCE (bleeding-drop-BLOCK.rules)
 2401001 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING 
SOURCE (bleeding-drop-BLOCK.rules)
 2401002 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING 
SOURCE (bleeding-drop-BLOCK.rules)
 2401003 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING 
SOURCE (bleeding-drop-BLOCK.rules)
 2401004 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING 
SOURCE (bleeding-drop-BLOCK.rules)
 2402000 - BLEEDING-EDGE DROP Dshield Block Listed Source 
(bleeding-dshield.rules)
 2403000 - BLEEDING-EDGE DROP Dshield Block Listed Source - BLOCKING 
(bleeding-dshield-BLOCK.rules)
 2404000 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 1)  
(bleeding-botcc.rules)
 2404001 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 2)  
(bleeding-botcc.rules)
 2404002 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 3)  
(bleeding-botcc.rules)
 2404003 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 4)  
(bleeding-botcc.rules)
 2404004 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 5)  
(bleeding-botcc.rules)
 2404005 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 6)  
(bleeding-botcc.rules)
 2405000 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 1) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2405001 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 2) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2405002 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 3) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2405003 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 4) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2405004 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 5) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2405005 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 6) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)


[---]         Removed rules:         [---]

 2003633 - BLEEDING-EDGE CURRENT EVENTS Traffic with a window of 55808 - 
Unknown likely hostile scanning - Please report hits to Bleeding Edge or ISC 
(bleeding.rules)
 2404006 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 7)  
(bleeding-botcc.rules)
 2405006 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 7) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-drop-BLOCK.rules (1):
        #  VERSION 186

     -> Added to bleeding-drop.rules (1):
        #  VERSION 186

     -> Added to bleeding-sid-msg.map (87):
        0000000 || BLEEDING-EDGE WEB TellTarget CMS Remote Inclusion 3_lay.php 
tt_docroot || url,www.milw0rm.com/exploits/3885 || cve,CVE-2007-2597
        2003638 || BLEEDING-EDGE VIRUS AV-Killer.Win32 User Agent Detected 
(p4r4z1t3v3.one14.J)
        2003660 || BLEEDING-EDGE WEB Persism CMS Remote Inclusion Attempt - 
Headerfile.php System || url,www.milw0rm.com/exploits/3853 || cve,CVE-2007-2545
        2003661 || BLEEDING-EDGE WEB Persism CMS Remote Inclusion Attempt -- 
latest_files.php System || url,www.milw0rm.com/exploits/3853 || 
cve,CVE-2007-2545
        2003662 || BLEEDING-EDGE WEB Persism CMS Remote Inclusion Attempt -- 
latest_posts.php System || url,www.milw0rm.com/exploits/3853 || 
cve,CVE-2007-2545
        2003663 || BLEEDING-EDGE WEB Persism CMS Remote Inclusion Attempt -- 
groups_headerfile.php System || url,www.milw0rm.com/exploits/3853 || 
cve,CVE-2007-2545
        2003664 || BLEEDING-EDGE WEB Persism CMS Remote Inclusion Attempt -- 
filters_headerfile.php System || url,www.milw0rm.com/exploits/3853 || 
cve,CVE-2007-2545
        2003665 || BLEEDING-EDGE WEB Persism CMS Remote Inclusion Attempt -- 
links.php System || url,www.milw0rm.com/exploits/3853 || cve,CVE-2007-2545
        2003666 || BLEEDING-EDGE WEB Persism CMS Remote Inclusion Attempt -- 
menu_headerfile.php System || url,www.milw0rm.com/exploits/3853 || 
cve,CVE-2007-2545
        2003667 || BLEEDING-EDGE WEB Persism CMS Remote Inclusion Attempt -- 
latest_news.php System || url,www.milw0rm.com/exploits/3853 || cve,CVE-2007-2545
        2003668 || BLEEDING-EDGE WEB Persism CMS Remote Inclusion Attempt -- 
settings_headerfile.php System || url,www.milw0rm.com/exploits/3853 || 
cve,CVE-2007-2545
        2003669 || BLEEDING-EDGE WEB TopTree Remote Inclusion Attempt -- 
tpl_message.php right_file || url,www.milw0rm.com/exploits/3854 || 
cve,CVE-2007-2544
        2003670 || BLEEDING-EDGE WEB Workbench Survival Guide Remote Inclusion 
Attempt -- headerfile.php path || url,www.milw0rm.com/exploits/3848 || 
cve,CVE-2007-2542
        2003671 || BLEEDING-EDGE WEB Versado CMS Remote Inclusion Attempt -- 
ajax_listado.php urlModulo || url,www.milw0rm.com/exploits/3847 || 
cve,CVE-2007-2541
        2003672 || BLEEDING-EDGE WEB PMECMS Remote Inclusion Attempt -- 
mod_image_index.php config[pathMod] || url,www.milw0rm.com/exploits/3852 || 
cve,CVE-2007-2540
        2003673 || BLEEDING-EDGE WEB PMECMS Remote Inclusion Attempt -- 
mod_liens_index.php config[pathMod] || url,www.milw0rm.com/exploits/3852 || 
cve,CVE-2007-2540
        2003674 || BLEEDING-EDGE WEB PMECMS Remote Inclusion Attempt -- 
mod_liste_index.php config[pathMod] || url,www.milw0rm.com/exploits/3852 || 
cve,CVE-2007-2540
        2003675 || BLEEDING-EDGE WEB PMECMS Remote Inclusion Attempt -- 
mod_special_index.php config[pathMod] || url,www.milw0rm.com/exploits/3852 || 
cve,CVE-2007-2540
        2003676 || BLEEDING-EDGE WEB PMECMS Remote Inclusion Attempt -- 
mod_texte_index.php config[pathMod] || url,www.milw0rm.com/exploits/3852 || 
cve,CVE-2007-2540
        2003677 || BLEEDING-EDGE WEB Berylium2 Remote Inclusion Attempt -- 
berylium-classes.php beryliumroot || url,www.milw0rm.com/exploits/3869 || 
cve,CVE-2007-2531
        2003678 || BLEEDING-EDGE WEB Tropicalm Remote Inclusion Attempt -- 
dosearch.php RESPATH || url,www.milw0rm.com/exploits/3865 || cve,CVE-2007-2530
        2003679 || BLEEDING-EDGE WEB DynamicPAD Remote Inclusion Attempt -- 
dp_logs.php HomeDir || url,milw0rm.com/exploits/3868 || cve,CVE-2007-2527
        2003680 || BLEEDING-EDGE WEB DynamicPAD Remote Inclusion Attempt -- 
index.php HomeDir || url,milw0rm.com/exploits/3868 || cve,CVE-2007-2527
        2003681 || BLEEDING-EDGE WEB Persism CMS Remote Inclusion Attempt -- 
users_headerfile.php System || url,www.milw0rm.com/exploits/3853 || 
cve,CVE-2007-2545
        2003682 || BLEEDING-EDGE WEB E-Gads Remote Inclusion Attempt -- 
common.php locale || url,www.milw0rm.com/exploits/3846 || cve,CVE-2007-2521
        2003683 || BLEEDING-EDGE WEB PHP Turbulence Remote Inclusion Attempt -- 
turbulence.php GLOBALS[tcore] || url,www.securityfocus.com/bid/23580 || 
cve,CVE-2007-2504
        2003684 || BLEEDING-EDGE WEB MXBB Remote Inclusion Attempt -- faq.php 
module_root_path || url,www.milw0rm.com/exploits/3833 || cve,CVE-2007-2493
        2003685 || BLEEDING-EDGE WEB Wordpress Remote Inclusion Attempt -- 
wptable-button.php wpPATH || url,www.milw0rm.com/exploits/3824 || 
cve,CVE-2007-2484
        2003686 || BLEEDING-EDGE WEB Wordpress Remote Inclusion Attempt -- 
wordtube-button.php wpPATH || url,www.milw0rm.com/exploits/3825 || 
cve,CVE-2007-2481
        2003687 || BLEEDING-EDGE WEB TurnKeyWebTools Remote Inclusion Attempt 
-- payflow_pro.php abs_path || url,www.securityfocus.com/bid/23662 || 
cve,CVE-2007-2474
        2003688 || BLEEDING-EDGE WEB TurnKeyWebTools Remote Inclusion Attempt 
-- global.php abs_path || url,www.securityfocus.com/bid/23662 || 
cve,CVE-2007-2474
        2003689 || BLEEDING-EDGE WEB TurnKeyWebTools Remote Inclusion Attempt 
-- libsecure.php abs_path || url,www.securityfocus.com/bid/23662 || 
cve,CVE-2007-2474
        2003690 || BLEEDING-EDGE WEB Firefly Remote Inclusion Attempt -- 
config.php DOCUMENT_ROOT || url,www.frsirt.com/english/advisories/2007/1554 || 
cve,CVE-2007-2460
        2003691 || BLEEDING-EDGE WEB Pixaria Gallery Remote Inclusion Attempt 
-- psg.smarty.lib.php cfg[sys][base_path] || 
url,www.frsirt.com/english/advisories/2007/1390 || cve,CVE-2007-2458
        2003692 || BLEEDING-EDGE WEB VM Watermark Remote Inclusion Attempt -- 
watermark.php GALLERY_BASEDIR || url,www.milw0rm.com/exploits/3857 || 
cve,CVE-2007-2575
        2003693 || BLEEDING-EDGE WEB PHPtree Remote Inclusion Attempt -- 
cms2.php s_dir || url,www.milw0rm.com/exploits/3860 || cve,CVE-2007-2573
        2003694 || BLEEDING-EDGE WEB NoAH Remote Inclusion Attempt -- 
mfa_theme.php tpls || url,www.milw0rm.com/exploits/3861 || cve,CVE-2007-2572
        2003696 || BLEEDING-EDGE WEB Wikivi5 Remote Inclusion Attempt -- 
show.php sous_rep || url,www.milw0rm.com/exploits/3863 || cve,CVE-2007-2570
        2003698 || BLEEDING-EDGE WEB pfa CMS Remote Inclusion index.php 
abs_path || url,www.securityfocus.com/archive/1/archive/1/467840/100/0/threaded 
|| cve,CVE-2007-2559
        2003699 || BLEEDING-EDGE WEB pfa CMS Remote Inclusion checkout.php 
abs_path || url,www.securityfocus.com/archive/1/archive/1/467840/100/0/threaded 
|| cve,CVE-2007-2559
        2003700 || BLEEDING-EDGE WEB pfa CMS Remote Inclusion libsecure.php 
abs_path || url,www.securityfocus.com/archive/1/archive/1/467840/100/0/threaded 
|| cve,CVE-2007-2559
        2003701 || BLEEDING-EDGE WEB pfa CMS Remote Inclusion index.php repinc 
|| url,www.securityfocus.com/archive/1/archive/1/467827/100/0/threaded || 
cve,CVE-2007-2558
        2003702 || BLEEDING-EDGE WEB Pixaria Gallery Remote Inclusion 
class.Smarty.php cfg[sys][base_path] || url,www.milw0rm.com/exploits/3733 || 
cve,CVE-2007-2457
        2003703 || BLEEDING-EDGE WEB phpMyPortal Remote Inclusion Attempt -- 
articles.inc.php GLOBALS[CHEMINMODULES] || url,www.milw0rm.com/exploits/3879 || 
cve,CVE-2007-2594
        2003704 || BLEEDING-EDGE WEB AForum Remote Inclusion func.php 
CommonAbsDir || url,www.milw0rm.com/exploits/3884 || cve,CVE-2007-2596
        2003705 || BLEEDING-EDGE WEB TellTarget CMS Remote Inclusion 
site_conf.php ordnertiefe || url,www.milw0rm.com/exploits/3885 || 
cve,CVE-2007-2597
        2003706 || BLEEDING-EDGE WEB TellTarget CMS Remote Inclusion 
class.csv.php tt_docroot || url,www.milw0rm.com/exploits/3885 || 
cve,CVE-2007-2597
        2003707 || BLEEDING-EDGE WEB TellTarget CMS Remote Inclusion 
produkte_nach_serie.php tt_docroot || url,www.milw0rm.com/exploits/3885 || 
cve,CVE-2007-2597
        2003708 || BLEEDING-EDGE WEB TellTarget CMS Remote Inclusion 
ref_kd_rubrik.php tt_docroot || url,www.milw0rm.com/exploits/3885 || 
cve,CVE-2007-2597
        2003709 || BLEEDING-EDGE WEB TellTarget CMS Remote Inclusion 
hg_referenz_jobgalerie.php tt_docroot || url,www.milw0rm.com/exploits/3885 || 
cve,CVE-2007-2597
        2003710 || BLEEDING-EDGE WEB TellTarget CMS Remote Inclusion 
surfer_anmeldung_NWL.php tt_docroot || url,www.milw0rm.com/exploits/3885 || 
cve,CVE-2007-2597
        2003711 || BLEEDING-EDGE WEB TellTarget CMS Remote Inclusion 
produkte_nach_serie_alle.php tt_docroot || url,www.milw0rm.com/exploits/3885 || 
cve,CVE-2007-2597
        2003712 || BLEEDING-EDGE WEB TellTarget CMS Remote Inclusion 
surfer_aendern.php tt_docroot || url,www.milw0rm.com/exploits/3885 || 
cve,CVE-2007-2597
        2003713 || BLEEDING-EDGE WEB TellTarget CMS Remote Inclusion 
referenz.php tt_docroot || url,www.milw0rm.com/exploits/3885 || 
cve,CVE-2007-2597
        2003714 || BLEEDING-EDGE WEB TellTarget CMS Remote Inclusion lay.php 
tt_docroot || url,www.milw0rm.com/exploits/3885 || cve,CVE-2007-2597
        2003715 || BLEEDING-EDGE WEB TellTarget CMS Remote Inclusion 
ref_kd_rubrik.php tt_docroot || url,www.milw0rm.com/exploits/3885 || 
cve,CVE-2007-2597
        2003716 || BLEEDING-EDGE WEB LaVague Remote Inclusion Attempt -- 
printbar.php views_path || url,www.milw0rm.com/exploits/3870 || 
cve,CVE-2007-2607
        2003717 || BLEEDING-EDGE WEB miplex2 Remote Inclusion 
SmartyFU.class.php system || url,www.milw0rm.com/exploits/3878 || 
cve,CVE-2007-2608
        2003718 || BLEEDING-EDGE WEB gnuedu Remote Inclusion Attempt -- lom.php 
ETCDIR || url,www.milw0rm.com/exploits/3876 || cve,CVE-2007-2609
        2003719 || BLEEDING-EDGE WEB gnuedu Remote Inclusion Attempt -- 
lom_update.php ETCDIR || url,www.milw0rm.com/exploits/3876 || cve,CVE-2007-2609
        2003720 || BLEEDING-EDGE WEB gnuedu Remote Inclusion Attempt -- 
check-lom.php ETCDIR || url,www.milw0rm.com/exploits/3876 || cve,CVE-2007-2609
        2003721 || BLEEDING-EDGE WEB gnuedu Remote Inclusion Attempt -- 
weigh_keywords.php ETCDIR || url,www.milw0rm.com/exploits/3876 || 
cve,CVE-2007-2609
        2003722 || BLEEDING-EDGE WEB gnuedu Remote Inclusion Attempt -- 
logout.php ETCDIR || url,www.milw0rm.com/exploits/3876 || cve,CVE-2007-2609
        2003723 || BLEEDING-EDGE WEB gnuedu Remote Inclusion Attempt -- 
help.php ETCDIR || url,www.milw0rm.com/exploits/3876 || cve,CVE-2007-2609
        2003724 || BLEEDING-EDGE WEB gnuedu Remote Inclusion Attempt -- 
index.php ETCDIR || url,www.milw0rm.com/exploits/3876 || cve,CVE-2007-2609
        2003725 || BLEEDING-EDGE WEB gnuedu Remote Inclusion Attempt -- 
login.php ETCDIR || url,www.milw0rm.com/exploits/3876 || cve,CVE-2007-2609
        2003726 || BLEEDING-EDGE WEB CGX Remote Inclusion Attempt -- 
mtdialogo.php pathCGX || url,www.milw0rm.com/exploits/3874 || cve,CVE-2007-2611
        2003727 || BLEEDING-EDGE WEB CGX Remote Inclusion Attempt -- 
ltdialogo.php pathCGX || url,www.milw0rm.com/exploits/3874 || cve,CVE-2007-2611
        2003728 || BLEEDING-EDGE WEB CGX Remote Inclusion Attempt -- 
logingecon.php pathCGX || url,www.milw0rm.com/exploits/3874 || cve,CVE-2007-2611
        2003729 || BLEEDING-EDGE WEB CGX Remote Inclusion Attempt -- login.php 
pathCGX || url,www.milw0rm.com/exploits/3874 || cve,CVE-2007-2611
        2003730 || BLEEDING-EDGE WEB PHPHtmlLib Remote Inclusion Attempt -- 
widget8.php phphtmllib || 
url,www.securityfocus.com/archive/1/archive/1/467837/100/0/threaded || 
cve,CVE-2007-2614
        2003731 || BLEEDING-EDGE WEB PHPLojaFacil Remote Inclusion Attempt -- 
ftp.php path_local || url,www.milw0rm.com/exploits/3875 || cve,CVE-2007-2615
        2003732 || BLEEDING-EDGE WEB PHPLojaFacil Remote Inclusion Attempt -- 
db.php path_local || url,www.milw0rm.com/exploits/3875 || cve,CVE-2007-2615
        2003733 || BLEEDING-EDGE WEB PHPLojaFacil Remote Inclusion Attempt -- 
libs_ftp.php path_local || url,www.milw0rm.com/exploits/3875 || 
cve,CVE-2007-2615
        2003735 || BLEEDING-EDGE WEB PHPSecurityAdmin Remote Inclusion Attempt 
-- logout.php PSA_PATH || url,www.securityfocus.com/bid/23801 || 
cve,CVE-2007-2628
        2003736 || BLEEDING-EDGE WEB AForum Remote Inclusion Attempt -- 
errormsg.php header || url,secunia.com/advisories/25224 || cve,CVE-2007-2634
        2003737 || BLEEDING-EDGE WEB CJG Explorer Remote Inclusion Attempt -- 
pcltrace.lib.php g_pcltar_lib_dir || url,www.milw0rm.com/exploits/3915 || 
cve,CVE-2007-2660
        2003738 || BLEEDING-EDGE WEB Beacon Remote Inclusion Attempt -- 
splash.lang.php languagePath || url,www.milw0rm.com/exploits/3909 || 
cve,CVE-2007-2663
        2003739 || BLEEDING-EDGE WEB Yaap Remote Inclusion Attempt -- 
common.php root_path || url,www.milw0rm.com/exploits/3908 || cve,CVE-2007-2664
        2003740 || BLEEDING-EDGE WEB PHPFirstPost Remote Inclusion Attempt 
block.php Include || url,www.milw0rm.com/exploits/3906 || cve,CVE-2007-2665
        2003741 || BLEEDING-EDGE WEB Open Translation Engine Remote Inclusion 
Attempt -- header.php ote_home || url,www.milw0rm.com/exploits/3838 || 
cve,CVE-2007-2676
        2003742 || BLEEDING-EDGE WEB PHPChess Remote Inclusion Attempt -- 
language.php config || url,www.milw0rm.com/exploits/3837 || cve,CVE-2007-2677
        2003743 || BLEEDING-EDGE WEB PHPChess Remote Inclusion Attempt -- 
layout_admin_cfg.php Root_Path || url,www.milw0rm.com/exploits/3837 || 
cve,CVE-2007-2677
        2003744 || BLEEDING-EDGE WEB PHPChess Remote Inclusion Attempt -- 
layout_cfg.php Root_Path || url,www.milw0rm.com/exploits/3837 || 
cve,CVE-2007-2677
        2003745 || BLEEDING-EDGE WEB PHPChess Remote Inclusion Attempt -- 
layout_t_top.php Root_Path || url,www.milw0rm.com/exploits/3837 || 
cve,CVE-2007-2677
        2003746 || BLEEDING-EDGE WEB Simple PHP Script Gallery Remote Inclusion 
index.php gallery || url,www.securityfocus.com/bid/23534 || cve,CVE-2007-2679
        2003747 || BLEEDING-EDGE WEB gnuedu Remote Inclusion Attempt -- lom.php 
ETCDIR || url,www.milw0rm.com/exploits/3876 || cve,CVE-2007-2609

     -> Added to bleeding-web.rules (38):
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #OTE = Open Translation Engine
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty
        #by tinytwitty

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-drop-BLOCK.rules (1):
        #  VERSION 180

     -> Removed from bleeding-drop.rules (1):
        #  VERSION 180

     -> Removed from bleeding-sid-msg.map (3):
        2003633 || BLEEDING-EDGE CURRENT EVENTS Traffic with a window of 55808 
- Unknown likely hostile scanning - Please report hits to Bleeding Edge or ISC 
|| url,www.cert.org/current/archive/2003/06/25/archive.html || 
url,isc.sans.org/diary.html?n&storyid=2717
        2404006 || BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 7)  
|| url,www.shadowserver.org
        2405006 || BLEEDING-EDGE DROP Known Bot C&C Traffic (group 7) - 
BLOCKING SOURCE || url,www.shadowserver.org

     -> Removed from bleeding.rules (2):
        #by Matt Jonkman
        #From ISC post here: isc.sans.org/diary.html?n&storyid=2717


-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Snort-sigs] Problems with rules in web-clients.rules over the last two days, Russell Fulton
Next by Date:  [Snort-sigs] Bleeding Edge Threats Daily Signature Changes, bleeding
Previous by Thread:  [Snort-sigs] Bleeding Edge Threats Daily Signature Changes, bleeding
Next by Thread:  [Snort-sigs] Bleeding Edge Threats Daily Signature Changes, bleeding
Indexes:  [Date] [Thread] [Top] [All Lists]