Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Snort-Signatures
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Snort-sigs] Emerging Threats Daily Signature Changes

from [emerging] Network Security [Permanent Link]
Subject: [Snort-sigs] Emerging Threats Daily Signature Changes
Date: Mon, 3 Mar 2008 17:00:10 -0500 (EST) 

[***] Results from Oinkmaster started Mon Mar  3 17:00:10 2008 [***]

[+++]          Added rules:          [+++]

 2007902 - ET CURRENT EVENTS Likely Storm Binary Requested (ecard.exe) 
(bleeding.rules)
 2007903 - ET EXPLOIT 4XEM VatDecoder VatCtrl Class ActiveX Control Url 
Property Buffer Overflow Vulnerability (bleeding-exploit.rules)
 2007904 - ET EXPLOIT RTSP MPEG4 SP Control ActiveX Control Url Property Buffer 
Overflow Vulnerability (bleeding-exploit.rules)
 2007905 - ET EXPLOIT D-Link MPEG4 SHM (Audio) Control ActiveX Control Url 
Property Buffer Overflow Vulnerability (bleeding-exploit.rules)
 2007906 - ET GAME Ourgame GLWorld 2.x hgs_startNotify()/hgs_startGame() 
ActiveX BoF (bleeding-game.rules)
 2007907 - ET EXPLOIT Move Networks Quantum Streaming Player Control 
UploadLogs() BOF (bleeding-exploit.rules)


[///]     Modified active rules:     [///]

 2002157 - ET POLICY Skype User-Agent detected (bleeding-policy.rules)
 2002950 - ET POLICY TOR 1.0 Server Key Retrieval (bleeding-policy.rules)
 2007760 - ET CURRENT EVENTS Likely Storm Binary Requested (postcard.exe) 
(bleeding.rules)
 2007761 - ET CURRENT EVENTS Likely Storm Binary Requested (e-card.exe) 
(bleeding.rules)


[---]         Removed rules:         [---]

 2007835 - ET CURRENT EVENTS Likely Storm Binary Requested (valentine.exe) 
(bleeding.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-exploit.rules (2):
        #by Akash Mahajan at stillsecure
        #by Akash Mahajan at Stillsecure

     -> Added to bleeding-game.rules (1):
        #by Akash Mahajan at Stillsecure

     -> Added to bleeding-sid-msg.map (9):
        2002950 || ET POLICY TOR 1.0 Server Key Retrieval || url,tor.eff.org
        2007760 || ET CURRENT EVENTS Likely Storm Binary Requested 
(postcard.exe)
        2007761 || ET CURRENT EVENTS Likely Storm Binary Requested (e-card.exe)
        2007902 || ET CURRENT EVENTS Likely Storm Binary Requested (ecard.exe)
        2007903 || ET EXPLOIT 4XEM VatDecoder VatCtrl Class ActiveX Control Url 
Property Buffer Overflow Vulnerability || url,www.milw0rm.com/exploits/5193 || 
bugtraq,28010
        2007904 || ET EXPLOIT RTSP MPEG4 SP Control ActiveX Control Url 
Property Buffer Overflow Vulnerability || url,www.milw0rm.com/exploits/5193 || 
bugtraq,28010
        2007905 || ET EXPLOIT D-Link MPEG4 SHM (Audio) Control ActiveX Control 
Url Property Buffer Overflow Vulnerability || url,www.milw0rm.com/exploits/5193 
|| bugtraq,28010
        2007906 || ET GAME Ourgame GLWorld 2.x 
hgs_startNotify()/hgs_startGame() ActiveX BoF || 
url,www.symantec.com/enterprise/security_response/weblog/2008/02/zeroday_exploit_for_lianzong_g.html
 || cve,CVE-2008-0647 || bugtraq,27626 || url,www.milw0rm.com/exploits/5153
        2007907 || ET EXPLOIT Move Networks Quantum Streaming Player Control 
UploadLogs() BOF || url,www.milw0rm.com/exploits/5190

     -> Added to bleeding-sid-msg.map.txt (9):
        2002950 || ET POLICY TOR 1.0 Server Key Retrieval || url,tor.eff.org
        2007760 || ET CURRENT EVENTS Likely Storm Binary Requested 
(postcard.exe)
        2007761 || ET CURRENT EVENTS Likely Storm Binary Requested (e-card.exe)
        2007902 || ET CURRENT EVENTS Likely Storm Binary Requested (ecard.exe)
        2007903 || ET EXPLOIT 4XEM VatDecoder VatCtrl Class ActiveX Control Url 
Property Buffer Overflow Vulnerability || url,www.milw0rm.com/exploits/5193 || 
bugtraq,28010
        2007904 || ET EXPLOIT RTSP MPEG4 SP Control ActiveX Control Url 
Property Buffer Overflow Vulnerability || url,www.milw0rm.com/exploits/5193 || 
bugtraq,28010
        2007905 || ET EXPLOIT D-Link MPEG4 SHM (Audio) Control ActiveX Control 
Url Property Buffer Overflow Vulnerability || url,www.milw0rm.com/exploits/5193 
|| bugtraq,28010
        2007906 || ET GAME Ourgame GLWorld 2.x 
hgs_startNotify()/hgs_startGame() ActiveX BoF || 
url,www.symantec.com/enterprise/security_response/weblog/2008/02/zeroday_exploit_for_lianzong_g.html
 || cve,CVE-2008-0647 || bugtraq,27626 || url,www.milw0rm.com/exploits/5153
        2007907 || ET EXPLOIT Move Networks Quantum Streaming Player Control 
UploadLogs() BOF || url,www.milw0rm.com/exploits/5190

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-sid-msg.map (4):
        2002950 || ET POLICY TOR 1.0 Server Key Retrival || url,tor.eff.org
        2007760 || ET CURRENT EVENTS Likely Storm Binary Requested 
(withlove.exe) || 
url,asert.arbornetworks.com/2008/01/storm-loves-you-new-campaign-valentines-day-theme/
        2007761 || ET CURRENT EVENTS Likely Storm Binary Requested 
(with_love.exe) || 
url,asert.arbornetworks.com/2008/01/storm-loves-you-new-campaign-valentines-day-theme/
        2007835 || ET CURRENT EVENTS Likely Storm Binary Requested 
(valentine.exe)

     -> Removed from bleeding-sid-msg.map.txt (4):
        2002950 || ET POLICY TOR 1.0 Server Key Retrival || url,tor.eff.org
        2007760 || ET CURRENT EVENTS Likely Storm Binary Requested 
(withlove.exe) || 
url,asert.arbornetworks.com/2008/01/storm-loves-you-new-campaign-valentines-day-theme/
        2007761 || ET CURRENT EVENTS Likely Storm Binary Requested 
(with_love.exe) || 
url,asert.arbornetworks.com/2008/01/storm-loves-you-new-campaign-valentines-day-theme/
        2007835 || ET CURRENT EVENTS Likely Storm Binary Requested 
(valentine.exe)


-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Snort-sigs] Emerging Threats Weekly Signature Changes, emerging
Next by Date:  [Snort-sigs] Sourcefire VRT Certified Snort Rules Update, research
Previous by Thread:  [Snort-sigs] Emerging Threats Daily Signature Changes, emerging
Next by Thread:  [Snort-sigs] Emerging Threats Daily Signature Changes, emerging
Indexes:  [Date] [Thread] [Top] [All Lists]