[Snort-sigs] Bleeding Edge Threats Weekly Signature Changes

[***] Results from Oinkmaster started Fri Nov 30 22:00:12 2007 [***]

[+++]          Added rules:          [+++]

 2007703 - BLEEDING-EDGE WEB-CLIENT Apple Quicktime RTSP Content-Type overflow 
attempt (bleeding-web.rules)


[///]     Modified active rules:     [///]

 2003173 - BLEEDING-EDGE EXPLOIT Possible UTF-8 encoded Shellcode Detected 
(bleeding-exploit.rules)
 2003174 - BLEEDING-EDGE EXPLOIT Possible UTF-16 encoded Shellcode Detected 
(bleeding-exploit.rules)


[---]         Disabled rules:        [---]

 2007665 - BLEEDING-EDGE TROJAN Win32.Agent.GRW Checkin via HTTP 
(bleeding-virus.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-sid-msg.map (1):
        2007703 || BLEEDING-EDGE WEB-CLIENT Apple Quicktime RTSP Content-Type 
overflow attempt || url,www.milw0rm.com/exploits/4657 || 
url,www.kb.cert.org/vuls/id/659761

     -> Added to bleeding-virus.rules (1):
        # Duplicate of sid:2007644, without nocase qualifiers.

     -> Added to bleeding-web.rules (1):
        #Joint contribution from Andre Ludwig, Blake Hartstein, and Chris Byrd 
at riosec.com


-------------------------------------------------------------------------
SF.Net email is sponsored by: The Future of Linux Business White Paper
from Novell.  From the desktop to the data center, Linux is going
mainstream.  Let it simplify your IT future.
http://altfarm.mediaplex.com/ad/ck/8857-50307-18918-4
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs