[Emerging-Sigs] Emerging Threats Daily Signature Changes

emerging@emergingthreats.net emerging at emergingthreats.net
Thu Jan 29 16:00:09 EST 2009


[***] Results from Oinkmaster started Thu Jan 29 16:00:09 2009 [***]

[+++]          Added rules:          [+++]

 2009054 - ET TROJAN Asprox Form Submission to C&C (emerging-virus.rules)
 2009055 - ET WEB_SPECIFIC Pligg check_url.php url parameter SQL Injection (emerging-web_sql_injection.rules)
 2009056 - ET WEB_SPECIFIC Pixel8 Web Photo Album AlbumID SQL Injection (emerging-web_sql_injection.rules)
 2009057 - ET WEB_SPECIFIC PowerNews news.php newsid parameter SQL Injection (emerging-web_sql_injection.rules)
 2009058 - ET WEB_SPECIFIC WSN Guest search.php search parameter SQL Injection (emerging-web_sql_injection.rules)
 2009059 - ET WEB_SPECIFIC Recly Feederator add_tmsp.php mosConfig_absolute_path parameter remote file inclusion (emerging-web_sql_injection.rules)
 2009060 - ET WEB_SPECIFIC Recly Feederator edit_tmsp.php mosConfig_absolute_path parameter remote file inclusion (emerging-web_sql_injection.rules)
 2009061 - ET WEB_SPECIFIC Recly Feederator subscription.php GLOBALS[mosConfig_absolute_path] parameter remote file inclusion (emerging-web_sql_injection.rules)
 2009062 - ET WEB_SPECIFIC Recly Feederator tmsp.php mosConfig_absolute_path parameter remote file inclusion (emerging-web_sql_injection.rules)
 2009063 - ET WEB_ACTIVEX Easy Grid ActiveX Multiple Arbitrary File Overwrite (emerging-web.rules)
 2009064 - ET WEB_ACTIVEX Ciansoft PDFBuilderX Control ActiveX Arbitrary File Overwrite (emerging-web.rules)


[///]     Modified active rules:     [///]

 2008334 - ET TROJAN Beizhu/Womble/Vipdataend Checking in with Controller (emerging-virus.rules)
 2008335 - ET TROJAN Beizhu/Womble/Vipdataend Controller Keepalive (emerging-virus.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to emerging-sid-msg.map (11):
        2009054 || ET TROJAN Asprox Form Submission to C&C
        2009055 || ET WEB_SPECIFIC Pligg check_url.php url parameter SQL Injection || bugtraq,32970 || url,milw0rm.com/exploits/7544
        2009056 || ET WEB_SPECIFIC Pixel8 Web Photo Album AlbumID SQL Injection || url,milw0rm.com/exploits/7627 || url,secunia.com/advisories/33373/
        2009057 || ET WEB_SPECIFIC PowerNews news.php newsid parameter SQL Injection || url,milw0rm.com/exploits/7641 || url,secunia.com/advisories/33363/
        2009058 || ET WEB_SPECIFIC WSN Guest search.php search parameter SQL Injection || url,milw0rm.com/exploits/7659 || bugtraq,33097
        2009059 || ET WEB_SPECIFIC Recly Feederator add_tmsp.php mosConfig_absolute_path parameter remote file inclusion || url,milw0rm.com/exploits/7040 || bugtraq,32194
        2009060 || ET WEB_SPECIFIC Recly Feederator edit_tmsp.php mosConfig_absolute_path parameter remote file inclusion || url,milw0rm.com/exploits/7040 || bugtraq,32194
        2009061 || ET WEB_SPECIFIC Recly Feederator subscription.php GLOBALS[mosConfig_absolute_path] parameter remote file inclusion || url,milw0rm.com/exploits/7040 || bugtraq,32194
        2009062 || ET WEB_SPECIFIC Recly Feederator tmsp.php mosConfig_absolute_path parameter remote file inclusion || url,milw0rm.com/exploits/7040 || bugtraq,32194
        2009063 || ET WEB_ACTIVEX Easy Grid ActiveX Multiple Arbitrary File Overwrite || bugtraq,33272
        2009064 || ET WEB_ACTIVEX Ciansoft PDFBuilderX Control ActiveX Arbitrary File Overwrite || url,milw0rm.com/exploits/7794 || bugtraq,33233

     -> Added to emerging-sid-msg.map.txt (11):
        2009054 || ET TROJAN Asprox Form Submission to C&C
        2009055 || ET WEB_SPECIFIC Pligg check_url.php url parameter SQL Injection || bugtraq,32970 || url,milw0rm.com/exploits/7544
        2009056 || ET WEB_SPECIFIC Pixel8 Web Photo Album AlbumID SQL Injection || url,milw0rm.com/exploits/7627 || url,secunia.com/advisories/33373/
        2009057 || ET WEB_SPECIFIC PowerNews news.php newsid parameter SQL Injection || url,milw0rm.com/exploits/7641 || url,secunia.com/advisories/33363/
        2009058 || ET WEB_SPECIFIC WSN Guest search.php search parameter SQL Injection || url,milw0rm.com/exploits/7659 || bugtraq,33097
        2009059 || ET WEB_SPECIFIC Recly Feederator add_tmsp.php mosConfig_absolute_path parameter remote file inclusion || url,milw0rm.com/exploits/7040 || bugtraq,32194
        2009060 || ET WEB_SPECIFIC Recly Feederator edit_tmsp.php mosConfig_absolute_path parameter remote file inclusion || url,milw0rm.com/exploits/7040 || bugtraq,32194
        2009061 || ET WEB_SPECIFIC Recly Feederator subscription.php GLOBALS[mosConfig_absolute_path] parameter remote file inclusion || url,milw0rm.com/exploits/7040 || bugtraq,32194
        2009062 || ET WEB_SPECIFIC Recly Feederator tmsp.php mosConfig_absolute_path parameter remote file inclusion || url,milw0rm.com/exploits/7040 || bugtraq,32194
        2009063 || ET WEB_ACTIVEX Easy Grid ActiveX Multiple Arbitrary File Overwrite || bugtraq,33272
        2009064 || ET WEB_ACTIVEX Ciansoft PDFBuilderX Control ActiveX Arbitrary File Overwrite || url,milw0rm.com/exploits/7794 || bugtraq,33233

     -> Added to emerging-web_sql_injection.rules (1):
        ##by tinytwitty



More information about the Emerging-sigs mailing list