Emerging Threats

  • Increase font size
  • Default font size
  • Decrease font size

Weekly New Signatures April 4 2009

Monday, 06 April 2009 11:49 Matt Jonkman
E-mail Print PDF

[+++] Added rules: [+++]

2009170 - ET CURRENT_EVENTS Psyb0t Code Download (emerging.rules)
2009171 - ET CURRENT_EVENTS Psyb0t Bot Nick (emerging.rules)
2009172 - ET CURRENT_EVENTS Psyb0t joining an IRC Channel (emerging.rules)
2009173 - ET TROJAN Possible Vundo Trojan Variant reporting to Controller (emerging-virus.rules)
2009174 - ET TROJAN Possible Vundo EXE Download Attempt (emerging-virus.rules)
2009175 - ET TROJAN Zbot/Zeus C&C Access (emerging-virus.rules)
2009176 - ET CURRENT_EVENTS Malware Communication with Control Servers (Possible GhostNet Related Activity) (emerging.rules)
2009178 - ET WEB_ACTIVEX Nokia Phoenix Service Software ActiveX Control Buffer Overflow (emerging-web.rules)
2009179 - ET WEB_SPECIFIC SnippetMaster vars.inc.php _SESSION Parameter Remote File Inclusion (emerging-web_sql_injection.rules)
2009180 - ET WEB_SPECIFIC SnippetMaster pcltar.lib.php g_pcltar_lib_dir Parameter Remote File Inclusion (emerging-web_sql_injection.rules)
2009181 - ET WEB_SPECIFIC SnippetMaster vars.inc.php _SESSION Parameter Local File Inclusion (emerging-web_sql_injection.rules)
2009182 - ET WEB_SPECIFIC SnippetMaster pcltar.lib.php g_pcltar_lib_dir Parameter Local File Inclusion (emerging-web_sql_injection.rules)
2009184 - ET WEB_ACTIVEX FathFTP ActiveX DeleteFile Arbitrary File Deletion (emerging-web.rules)
2009185 - ET WEB_SPECIFIC A Better Member-Based ASP Photo Gallery view.asp entry parameter SQL injection (emerging-web_sql_injection.rules)
2009186 - ET WEB_SPECIFIC Auto Listings Script moreinfo.php itemno Parameter SQL Injection (emerging-web_sql_injection.rules)
2009187 - ET WEB_ACTIVEX iDefense COMRaider ActiveX Control Arbitrary File Deletion (emerging-web.rules)
2009188 - ET WEB_SPECIFIC gapicms toolbar.php dirDepth Parameter Remote File Inclusion (emerging-web_sql_injection.rules)
2009190 - ET WEB_SPECIFIC YACS update_trailer.php context Parameter Remote File Inclusion (emerging-web_sql_injection.rules)
2009191 - ET WEB_SPECIFIC YACS update_trailer.php context Parameter Local File Inclusion (emerging-web_sql_injection.rules)
2009192 - ET WEB_SPECIFIC CMS Faethon info.php item Parameter SQL Injection (emerging-web_sql_injection.rules)
2009194 - ET WEB_SPECIFIC X7 Chat mini.php help_file Parameter Local File Inclusion (emerging-web_sql_injection.rules)
2009195 - ET WEB_SPECIFIC Basebuilder main.inc.php mj_config Parameter Local File Inclusion (emerging-web_sql_injection.rules)
2009196 - ET WEB_SPECIFIC Basebuilder main.inc.php mj_config Parameter Remote File inclusion (emerging-web_sql_injection.rules)
2009198 - ET WEB_SPECIFIC Kalptaru Infotech Product Sale Framework customer.forumtopic.php forum_topic_id parameter SQL Injection (emerging-web_sql_injection.rules)
2009199 - ET WEB_SPECIFIC Script Toko Online shop_display_products.php cat_id Parameter SQL Injection (emerging-web_sql_injection.rules)
2009200 - ET CURRENT_EVENTS Conficker.a Shellcode (emerging.rules)
2009201 - ET CURRENT_EVENTS Conficker.b Shellcode (emerging.rules)
2009202 - ET CURRENT_EVENTS GhostNet Trojan Reporting (emerging.rules)
2009203 - ET TROJAN Alman Dropper Checkin (emerging-virus.rules)
2009204 - ET TROJAN Crypt.CFI.Gen Checkin (emerging-virus.rules)
2009205 - ET CURRENT_EVENTS Possible Downadup/Conficker-C P2P encrypted traffic UDP Ping Packet (bit value 1) (emerging.rules)
2009206 - ET CURRENT_EVENTS Possible Downadup/Conficker-C P2P encrypted traffic UDP Ping Packet (bit value 4) (emerging.rules)
2009207 - ET CURRENT_EVENTS Possible Downadup/Conficker-C P2P encrypted traffic UDP Ping Packet (bit value 5) (emerging.rules)
2009208 - ET CURRENT_EVENTS Possible Downadup/Conficker-C P2P encrypted traffic UDP Ping Packet (bit value 16) (emerging.rules)



[///] Modified active rules: [///]

2008759 - ET MALWARE Matcash Trojan Related Spyware Code Download (emerging-malware.rules)
2009125 - ET TROJAN Trojan.Win32.Inject.esi Outbound Communication (emerging-virus.rules)
2009160 - ET WEB_ACTIVEX GeoVision LiveX_v8200 ActiveX Control Arbitrary File Overwrite (emerging-web.rules)
2009161 - ET WEB_ACTIVEX GeoVision LiveX_v7000 ActiveX Control Arbitrary File Overwrite (emerging-web.rules)
2009162 - ET WEB_ACTIVEX GeoVision LiveX_v8120 ActiveX Control Arbitrary File Overwrite (emerging-web.rules)
2009163 - ET WEB_SPECIFIC GBook header.php abspath Parameter Remote File Inclusion (emerging-web_sql_injection.rules)
2009164 - ET WEB_SPECIFIC openEngine filepool.php oe_classpath parameter Remote File Inclusion (emerging-web_sql_injection.rules)
2009165 - ET WEB_SPECIFIC Barcode Generator LSTable.php class_dir parameter Remote File Inclusion (emerging-web_sql_injection.rules)
2009166 - ET WEB_SPECIFIC Concord Consortium CoAST header.php sections_file parameter remote file inclusion (emerging-web_sql_injection.rules)
2009167 - ET WEB_SPECIFIC AdaptCMS Lite rss_importer_functions.php sitepath Parameter Remote File Inclusion (emerging-web_sql_injection.rules)
2009168 - ET WEB_SPECIFIC Papoo CMS message_class.php pfadhier Local File Inclusion (emerging-web_sql_injection.rules)
2009169 - ET WEB_SPECIFIC Thyme export.php export_to Parameter Local File Inclusion (emerging-web_sql_injection.rules)

 

< Prev   Next >
 

Funded!
Emerging Threats has been grant funded! We're here to stay for the long term!