Emerging Threats

  • Increase font size
  • Default font size
  • Decrease font size

Weekly New Signatures March 28 2009

Sunday, 29 March 2009 12:51 Matt Jonkman
E-mail Print PDF

[+++] Added rules: [+++]

2009156 - ET MALWARE Unknown Dropper Checkin (emerging-virus.rules)
2009157 - ET MALWARE N1 Fake AV User-Agent Detected (N1) (emerging-malware.rules)
2009158 - ET SCAN WebShag Web Application Scan Detected (emerging-scan.rules)
2009159 - ET CURRENT_EVENTS Toata Scanner User-Agent Detected (emerging.rules)
2009160 - ET WEB_ACTIVEX GeoVision LiveX_v8200 ActiveX Control Arbitrary File Overwrite (emerging-web.rules)
2009161 - ET WEB_ACTIVEX GeoVision LiveX_v7000 ActiveX Control Arbitrary File Overwrite (emerging-web.rules)
2009162 - ET WEB_ACTIVEX GeoVision LiveX_v8120 ActiveX Control Arbitrary File Overwrite (emerging-web.rules)
2009163 - ET WEB_SPECIFIC GBook header.php abspath Parameter Remote File Inclusion (emerging-web_sql_injection.rules)
2009164 - ET WEB_SPECIFIC openEngine filepool.php oe_classpath parameter Remote File Inclusion (emerging-web_sql_injection.rules)
2009165 - ET WEB_SPECIFIC Barcode Generator LSTable.php class_dir parameter Remote File Inclusion (emerging-web_sql_injection.rules)
2009166 - ET WEB_SPECIFIC Concord Consortium CoAST header.php sections_file parameter remote file inclusion (emerging-web_sql_injection.rules)
2009167 - ET WEB_SPECIFIC AdaptCMS Lite rss_importer_functions.php sitepath Parameter Remote File Inclusion (emerging-web_sql_injection.rules)
2009168 - ET WEB_SPECIFIC Papoo CMS message_class.php pfadhier Local File Inclusion (emerging-web_sql_injection.rules)
2009169 - ET WEB_SPECIFIC Thyme export.php export_to Parameter Local File Inclusion (emerging-web_sql_injection.rules)


[///] Modified active rules: [///]

2009152 - ET WEB PHP Generic Remote File Include Attempt (HTTPS) (emerging-web.rules)
2009153 - ET WEB PHP Generic Remote File Include Attempt (FTP) (emerging-web.rules)
2009155 - ET WEB PHP Generic Remote File Include Attempt (FTPS) (emerging-web.rules)


[///] Modified inactive rules: [///]

2009151 - ET WEB PHP Generic Remote File Include Attempt (HTTP) (emerging-web.rules)


[---] Removed rules: [---]

2008960 - ET CURRENT_EVENTS Unknown Roundcube Vulnerability Scan (emerging.rules)
2404022 - ET DROP Known Bot C&C Server Traffic (group 23) (emerging-botcc.rules)
2405022 - ET DROP Known Bot C&C Traffic (group 23) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)

 

 

< Prev   Next >
 

OISF Founded
The Open Information Security Foundation has been founded. More at http://www.openinfosecfoundation.org