[Emerging-updates] Live Commit Output

emerging@emergingthreats.net emerging at emergingthreats.net
Tue Dec 1 15:33:11 EST 2009


[***] Results from Oinkmaster started Tue Dec  1 15:33:11 2009 [***]

[+++]          Added rules:          [+++]

 2010438 - ET MALWARE Possible Malicious Applet Access (justexploit kit) (emerging-malware.rules)
 2010439 - ET TROJAN Generic Trojan Checkin (UA VBTagEdit) (emerging-virus.rules)
 2010440 - ET CURRENT_EVENTS MALWARE Potential Malware Download, flash-HQ-plugin.40000.exe (emerging-current_events.rules)


[///]     Modified active rules:     [///]

 2010066 - ET TROJAN Data POST to an image file (gif) (emerging-virus.rules)
 2010067 - ET TROJAN Data POST to an image file (jpg) (emerging-virus.rules)
 2010068 - ET TROJAN Data POST to an image file (jpeg) (emerging-virus.rules)
 2010069 - ET TROJAN Data POST to an image file (bmp) (emerging-virus.rules)
 2010070 - ET TROJAN Data POST to an image file (png) (emerging-virus.rules)
 2010369 - ET WEB_CLIENT Possible Symantec Altiris Deployment Solution and Notification Server ActiveX Control RunCmd Arbitrary Code Execution Attempt (emerging-web_client.rules)
 2010370 - ET WEB_CLIENT ACTIVEX Possible Symantec Altiris Deployment Solution and Notification Server ActiveX Control RunCmd Arbitrary Code Execution Function Call Attempt (emerging-web_client.rules)
 2010371 - ET SCAN Amap TCP Service Scan Detected (emerging-scan.rules)
 2010372 - ET SCAN Amap UDP Service Scan Detected (emerging-scan.rules)
 2010373 - ET WEB_CLIENT Haihaisoft Universal Player ActiveX Control URL Property Buffer Overflow Attempt (emerging-web_client.rules)
 2010374 - ET WEB_CLIENT ACTIVEX Haihaisoft Universal Player ActiveX Control URL Property Buffer Overflow Function Call Attempt (emerging-web_client.rules)
 2010375 - ET EXPLOIT Possible Oracle Database Text Component ctxsys.drvxtabc.create_tables Remote SQL Injection Attempt (emerging-exploit.rules)
 2010376 - ET CURRENT_EVENTS WU Malicious Spam Inbound (emerging-current_events.rules)
 2010377 - ET POLICY JBOSS/JMX 80 access from outside (emerging-policy.rules)
 2010378 - ET POLICY JBOSS/JMX 8080 access from outside (emerging-policy.rules)
 2010379 - ET WEB-APPS JBOSS/JMX REMOTE WAR deployment attempt (POST) (emerging-web_server.rules)
 2010380 - ET WEB-APPS JBOSS/JMX REMOTE WAR deployment attempt (GET) (emerging-web_server.rules)
 2010381 - ET TROJAN Bredolab Checkin (emerging-virus.rules)
 2010382 - ET TROJAN Fake AV GET (emerging-virus.rules)


[///]    Modified inactive rules:    [///]

 2010383 - ET EXPLOIT METASPLOIT BSD Bind shell (emerging-exploit.rules)
 2010384 - ET EXPLOIT METASPLOIT BSD Bind shell (Countdown Encoded 1) (emerging-exploit.rules)
 2010385 - ET EXPLOIT METASPLOIT BSD Bind shell (Countdown Encoded 2) (emerging-exploit.rules)
 2010386 - ET EXPLOIT METASPLOIT BSD Bind shell (Countdown Encoded 3) (emerging-exploit.rules)
 2010387 - ET EXPLOIT METASPLOIT BSD Bind shell (Countdown Encoded 4) (emerging-exploit.rules)
 2010388 - ET EXPLOIT METASPLOIT BSD Bind shell (Countdown Encoded 5) (emerging-exploit.rules)
 2010389 - ET EXPLOIT METASPLOIT BSD Bind shell (Pex Encoded 1) (emerging-exploit.rules)
 2010390 - ET EXPLOIT METASPLOIT BSD Bind shell (Pex Encoded 2) (emerging-exploit.rules)
 2010391 - ET EXPLOIT METASPLOIT BSD Bind shell (Not Encoded 1) (emerging-exploit.rules)
 2010392 - ET EXPLOIT METASPLOIT BSD Bind shell (Not Encoded 2) (emerging-exploit.rules)
 2010393 - ET EXPLOIT METASPLOIT BSD Bind shell (Not Encoded 3) (emerging-exploit.rules)
 2010394 - ET EXPLOIT METASPLOIT BSD Bind shell (Not Encoded 4) (emerging-exploit.rules)
 2010395 - ET EXPLOIT METASPLOIT BSD Bind shell (Not Encoded 5) (emerging-exploit.rules)
 2010396 - ET EXPLOIT METASPLOIT BSD Bind shell (Pex Alphanumeric Encoded 1) (emerging-exploit.rules)
 2010397 - ET EXPLOIT METASPLOIT BSD Bind shell (Pex Alphanumeric Encoded 2) (emerging-exploit.rules)
 2010398 - ET EXPLOIT METASPLOIT BSD Bind shell (Pex Alphanumeric Encoded 3) (emerging-exploit.rules)
 2010399 - ET EXPLOIT METASPLOIT BSD Bind shell (Pex Alphanumeric Encoded 4) (emerging-exploit.rules)
 2010400 - ET EXPLOIT METASPLOIT BSD Bind shell (Pex Alphanumeric Encoded 5) (emerging-exploit.rules)
 2010401 - ET EXPLOIT METASPLOIT BSD Bind shell (PexFstEnvMov Encoded 1) (emerging-exploit.rules)
 2010402 - ET EXPLOIT METASPLOIT BSD Bind shell (PexFstEnvMov Encoded 2) (emerging-exploit.rules)
 2010403 - ET EXPLOIT METASPLOIT BSD Bind shell (JmpCallAdditive Encoded) (emerging-exploit.rules)
 2010404 - ET EXPLOIT METASPLOIT BSD Bind shell (Alpha2 Encoded 1) (emerging-exploit.rules)
 2010405 - ET EXPLOIT METASPLOIT BSD Bind shell (Alpha2 Encoded 2) (emerging-exploit.rules)
 2010406 - ET EXPLOIT METASPLOIT BSD Bind shell (Alpha2 Encoded 3) (emerging-exploit.rules)
 2010407 - ET EXPLOIT METASPLOIT BSD Reverse shell (PexFnstenvSub Encoded 1) (emerging-exploit.rules)
 2010408 - ET EXPLOIT METASPLOIT BSD Reverse shell (PexFnstenvSub Encoded 2) (emerging-exploit.rules)
 2010409 - ET EXPLOIT METASPLOIT BSD Reverse shell (Countdown Encoded 1) (emerging-exploit.rules)
 2010410 - ET EXPLOIT METASPLOIT BSD Reverse shell (Countdown Encoded 2) (emerging-exploit.rules)
 2010411 - ET EXPLOIT METASPLOIT BSD Reverse shell (Countdown Encoded 3) (emerging-exploit.rules)
 2010412 - ET EXPLOIT METASPLOIT BSD Reverse shell (Countdown Encoded 4) (emerging-exploit.rules)
 2010413 - ET EXPLOIT METASPLOIT BSD Reverse shell (Pex Encoded 1) (emerging-exploit.rules)
 2010414 - ET EXPLOIT METASPLOIT BSD Reverse shell (Pex Encoded 2) (emerging-exploit.rules)
 2010415 - ET EXPLOIT METASPLOIT BSD Reverse shell (Not Encoded 1) (emerging-exploit.rules)
 2010416 - ET EXPLOIT METASPLOIT BSD Reverse shell (Not Encoded 2) (emerging-exploit.rules)
 2010417 - ET EXPLOIT METASPLOIT BSD Reverse shell (Not Encoded 3) (emerging-exploit.rules)
 2010418 - ET EXPLOIT METASPLOIT BSD Reverse shell (Pex Alphanumeric Encoded 1) (emerging-exploit.rules)
 2010419 - ET EXPLOIT METASPLOIT BSD Reverse shell (Pex Alphanumeric Encoded 2) (emerging-exploit.rules)
 2010420 - ET EXPLOIT METASPLOIT BSD Reverse shell (Pex Alphanumeric Encoded 3) (emerging-exploit.rules)
 2010421 - ET EXPLOIT METASPLOIT BSD Reverse shell (PexFnstenvMov Encoded 1) (emerging-exploit.rules)
 2010422 - ET EXPLOIT METASPLOIT BSD Reverse shell (PexFnstenvMov Encoded 2) (emerging-exploit.rules)
 2010423 - ET EXPLOIT METASPLOIT BSD Reverse shell (JmpCallAdditive Encoded 1) (emerging-exploit.rules)
 2010424 - ET EXPLOIT METASPLOIT BSD Reverse shell (Alpha2 Encoded 1) (emerging-exploit.rules)
 2010425 - ET EXPLOIT METASPLOIT BSD Reverse shell (Alpha2 Encoded 2) (emerging-exploit.rules)
 2010426 - ET EXPLOIT METASPLOIT BSD Reverse shell (Alpha2 Encoded 3) (emerging-exploit.rules)
 2010427 - ET EXPLOIT METASPLOIT BSD SPARC Bind shell (SPARC Encoded 1) (emerging-exploit.rules)
 2010428 - ET EXPLOIT METASPLOIT BSD SPARC Bind shell (SPARC Encoded 2) (emerging-exploit.rules)
 2010429 - ET EXPLOIT METASPLOIT BSD SPARC Bind shell (Not Encoded 1) (emerging-exploit.rules)
 2010430 - ET EXPLOIT METASPLOIT BSD SPARC Bind shell (Not Encoded 2) (emerging-exploit.rules)
 2010431 - ET EXPLOIT METASPLOIT BSD SPARC Bind shell (Not Encoded 3) (emerging-exploit.rules)
 2010432 - ET EXPLOIT METASPLOIT BSD SPARC Bind shell (Not Encoded 4) (emerging-exploit.rules)
 2010433 - ET EXPLOIT METASPLOIT BSD SPARC Reverse shell (Not Encoded 1) (emerging-exploit.rules)
 2010434 - ET EXPLOIT METASPLOIT BSD SPARC Reverse shell (Not Encoded 2) (emerging-exploit.rules)
 2010435 - ET EXPLOIT METASPLOIT BSD SPARC Reverse shell (SPARC Encoded 1) (emerging-exploit.rules)
 2010436 - ET EXPLOIT METASPLOIT BSD SPARC Reverse shell (SPARC Encoded 2) (emerging-exploit.rules)
 2010437 - ET EXPLOIT METASPLOIT BSD SPARC Reverse shell (Not Encoded 3) (emerging-exploit.rules)


[---]         Removed rules:         [---]

 2008357 - ET SCAN Amap Scannner Traffic Inbound (emerging-scan.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to emerging-current_events.rules (1):
        #matt jonkman

     -> Added to emerging-malware.rules (1):
        #by Jamie Blasco

     -> Added to emerging-sid-msg.map (72):
        2010369 || ET WEB_CLIENT Possible Symantec Altiris Deployment Solution and Notification Server ActiveX Control RunCmd Arbitrary Code Execution Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_Symantec || url,doc.emergingthreats.net/2010369 || cve,2009-3033 || url,www.securityfocus.com/bid/37092 || url,securitytracker.com/alerts/2009/Nov/1023238.html
        2010370 || ET WEB_CLIENT ACTIVEX Possible Symantec Altiris Deployment Solution and Notification Server ActiveX Control RunCmd Arbitrary Code Execution Function Call Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_Symantec || url,doc.emergingthreats.net/2010370 || cve,2009-3033 || url,www.securityfocus.com/bid/37092 || url,securitytracker.com/alerts/2009/Nov/1023238.html
        2010371 || ET SCAN Amap TCP Service Scan Detected || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Amap || url,doc.emergingthreats.net/2010371 || url,freeworld.thc.org/thc-amap/
        2010372 || ET SCAN Amap UDP Service Scan Detected || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Amap || url,doc.emergingthreats.net/2010372 || url,freeworld.thc.org/thc-amap/
        2010373 || ET WEB_CLIENT Haihaisoft Universal Player ActiveX Control URL Property Buffer Overflow Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_HaiHaisoft || url,doc.emergingthreats.net/2010373 || url,www.securityfocus.com/bid/37151/info || url,www.shinnai.net/exploits/ZzLsi6TIfSuVPh1kPHmP.txt
        2010374 || ET WEB_CLIENT ACTIVEX Haihaisoft Universal Player ActiveX Control URL Property Buffer Overflow Function Call Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_HaiHaisoft || url,doc.emergingthreats.net/2010374 || url,www.securityfocus.com/bid/37151/info || url,www.shinnai.net/exploits/ZzLsi6TIfSuVPh1kPHmP.txt
        2010375 || ET EXPLOIT Possible Oracle Database Text Component ctxsys.drvxtabc.create_tables Remote SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Oracle || url,doc.emergingthreats.net/2010375 || cve,2009-1991 || url,www.securityfocus.com/bid/36748
        2010376 || ET CURRENT_EVENTS WU Malicious Spam Inbound || url,doc.emergingthreats.net/2010376 || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_DHL
        2010377 || ET POLICY JBOSS/JMX 80 access from outside || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_Jboss || url,doc.emergingthreats.net/2010377 || url,www.nruns.com/_downloads/Whitepaper-Hacking-jBoss-using-a-Browser.pdf || url,www.notsosecure.com/folder2/2009/10/27/hacking-jboss-with-jmx-console/
        2010378 || ET POLICY JBOSS/JMX 8080 access from outside || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_Jboss || url,doc.emergingthreats.net/2010378 || url,www.nruns.com/_downloads/Whitepaper-Hacking-jBoss-using-a-Browser.pdf || url,www.notsosecure.com/folder2/2009/10/27/hacking-jboss-with-jmx-console/
        2010379 || ET WEB-APPS JBOSS/JMX REMOTE WAR deployment attempt (POST) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Jboss || url,doc.emergingthreats.net/2010379 || url,www.nruns.com/_downloads/Whitepaper-Hacking-jBoss-using-a-Browser.pdf || url,www.notsosecure.com/folder2/2009/10/27/hacking-jboss-with-jmx-console/
        2010380 || ET WEB-APPS JBOSS/JMX REMOTE WAR deployment attempt (GET) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Jboss || url,doc.emergingthreats.net/2010380 || url,www.nruns.com/_downloads/Whitepaper-Hacking-jBoss-using-a-Browser.pdf || url,www.notsosecure.com/folder2/2009/10/27/hacking-jboss-with-jmx-console/
        2010381 || ET TROJAN Bredolab Checkin || url,doc.emergingthreats.net/2010381 || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Bredolab || url,threatexpert.com/report.aspx?md5=a5f94577d00d0306e4ef64bad30e5d37
        2010382 || ET TROJAN Fake AV GET || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Bredolab || url,doc.emergingthreats.net/2010382 || url,threatexpert.com/report.aspx?md5=8d1b47452307259f1e191e16ed23cd35
        2010383 || ET EXPLOIT METASPLOIT BSD Bind shell || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010383
        2010384 || ET EXPLOIT METASPLOIT BSD Bind shell (Countdown Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010384
        2010385 || ET EXPLOIT METASPLOIT BSD Bind shell (Countdown Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010385
        2010386 || ET EXPLOIT METASPLOIT BSD Bind shell (Countdown Encoded 3) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010386
        2010387 || ET EXPLOIT METASPLOIT BSD Bind shell (Countdown Encoded 4) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010387
        2010388 || ET EXPLOIT METASPLOIT BSD Bind shell (Countdown Encoded 5) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010388
        2010389 || ET EXPLOIT METASPLOIT BSD Bind shell (Pex Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010389
        2010390 || ET EXPLOIT METASPLOIT BSD Bind shell (Pex Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010390
        2010391 || ET EXPLOIT METASPLOIT BSD Bind shell (Not Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010391
        2010392 || ET EXPLOIT METASPLOIT BSD Bind shell (Not Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010392
        2010393 || ET EXPLOIT METASPLOIT BSD Bind shell (Not Encoded 3) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010393
        2010394 || ET EXPLOIT METASPLOIT BSD Bind shell (Not Encoded 4) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010394
        2010395 || ET EXPLOIT METASPLOIT BSD Bind shell (Not Encoded 5) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010395
        2010396 || ET EXPLOIT METASPLOIT BSD Bind shell (Pex Alphanumeric Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010396
        2010397 || ET EXPLOIT METASPLOIT BSD Bind shell (Pex Alphanumeric Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010397
        2010398 || ET EXPLOIT METASPLOIT BSD Bind shell (Pex Alphanumeric Encoded 3) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010398
        2010399 || ET EXPLOIT METASPLOIT BSD Bind shell (Pex Alphanumeric Encoded 4) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010399
        2010400 || ET EXPLOIT METASPLOIT BSD Bind shell (Pex Alphanumeric Encoded 5) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010400
        2010401 || ET EXPLOIT METASPLOIT BSD Bind shell (PexFstEnvMov Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010401
        2010402 || ET EXPLOIT METASPLOIT BSD Bind shell (PexFstEnvMov Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010402
        2010403 || ET EXPLOIT METASPLOIT BSD Bind shell (JmpCallAdditive Encoded) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010403
        2010404 || ET EXPLOIT METASPLOIT BSD Bind shell (Alpha2 Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010404
        2010405 || ET EXPLOIT METASPLOIT BSD Bind shell (Alpha2 Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010405
        2010406 || ET EXPLOIT METASPLOIT BSD Bind shell (Alpha2 Encoded 3) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010406
        2010407 || ET EXPLOIT METASPLOIT BSD Reverse shell (PexFnstenvSub Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010407
        2010408 || ET EXPLOIT METASPLOIT BSD Reverse shell (PexFnstenvSub Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010408
        2010409 || ET EXPLOIT METASPLOIT BSD Reverse shell (Countdown Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010409
        2010410 || ET EXPLOIT METASPLOIT BSD Reverse shell (Countdown Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010410
        2010411 || ET EXPLOIT METASPLOIT BSD Reverse shell (Countdown Encoded 3) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010411
        2010412 || ET EXPLOIT METASPLOIT BSD Reverse shell (Countdown Encoded 4) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010412
        2010413 || ET EXPLOIT METASPLOIT BSD Reverse shell (Pex Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010413
        2010414 || ET EXPLOIT METASPLOIT BSD Reverse shell (Pex Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010414
        2010415 || ET EXPLOIT METASPLOIT BSD Reverse shell (Not Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010415
        2010416 || ET EXPLOIT METASPLOIT BSD Reverse shell (Not Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010416
        2010417 || ET EXPLOIT METASPLOIT BSD Reverse shell (Not Encoded 3) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010417
        2010418 || ET EXPLOIT METASPLOIT BSD Reverse shell (Pex Alphanumeric Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010418
        2010419 || ET EXPLOIT METASPLOIT BSD Reverse shell (Pex Alphanumeric Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010419
        2010420 || ET EXPLOIT METASPLOIT BSD Reverse shell (Pex Alphanumeric Encoded 3) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010420
        2010421 || ET EXPLOIT METASPLOIT BSD Reverse shell (PexFnstenvMov Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010421
        2010422 || ET EXPLOIT METASPLOIT BSD Reverse shell (PexFnstenvMov Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010422
        2010423 || ET EXPLOIT METASPLOIT BSD Reverse shell (JmpCallAdditive Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010423
        2010424 || ET EXPLOIT METASPLOIT BSD Reverse shell (Alpha2 Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010424
        2010425 || ET EXPLOIT METASPLOIT BSD Reverse shell (Alpha2 Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010425
        2010426 || ET EXPLOIT METASPLOIT BSD Reverse shell (Alpha2 Encoded 3) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010426
        2010427 || ET EXPLOIT METASPLOIT BSD SPARC Bind shell (SPARC Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010427
        2010428 || ET EXPLOIT METASPLOIT BSD SPARC Bind shell (SPARC Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010428
        2010429 || ET EXPLOIT METASPLOIT BSD SPARC Bind shell (Not Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010429
        2010430 || ET EXPLOIT METASPLOIT BSD SPARC Bind shell (Not Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010430
        2010431 || ET EXPLOIT METASPLOIT BSD SPARC Bind shell (Not Encoded 3) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010431
        2010432 || ET EXPLOIT METASPLOIT BSD SPARC Bind shell (Not Encoded 4) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010432
        2010433 || ET EXPLOIT METASPLOIT BSD SPARC Reverse shell (Not Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010433
        2010434 || ET EXPLOIT METASPLOIT BSD SPARC Reverse shell (Not Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010434
        2010435 || ET EXPLOIT METASPLOIT BSD SPARC Reverse shell (SPARC Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010435
        2010436 || ET EXPLOIT METASPLOIT BSD SPARC Reverse shell (SPARC Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010436
        2010437 || ET EXPLOIT METASPLOIT BSD SPARC Reverse shell (Not Encoded 3) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010437
        2010438 || ET MALWARE Possible Malicious Applet Access (justexploit kit) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/MALWARE/MALWARE_Justexploit || url,doc.emergingthreats.net/2010438 || url,www.malwaredomainlist.com/forums/index.php?topic=3570.0
        2010439 || ET TROJAN Generic Trojan Checkin (UA VBTagEdit) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Generic.Malware || url,doc.emergingthreats.net/2010439
        2010440 || ET CURRENT_EVENTS MALWARE Potential Malware Download, flash-HQ-plugin.40000.exe || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Malwareurl_top_downloads || url,doc.emergingthreats.net/2010440 || url,malwareurl.com

     -> Added to emerging-sid-msg.map.txt (72):
        2010369 || ET WEB_CLIENT Possible Symantec Altiris Deployment Solution and Notification Server ActiveX Control RunCmd Arbitrary Code Execution Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_Symantec || url,doc.emergingthreats.net/2010369 || cve,2009-3033 || url,www.securityfocus.com/bid/37092 || url,securitytracker.com/alerts/2009/Nov/1023238.html
        2010370 || ET WEB_CLIENT ACTIVEX Possible Symantec Altiris Deployment Solution and Notification Server ActiveX Control RunCmd Arbitrary Code Execution Function Call Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_Symantec || url,doc.emergingthreats.net/2010370 || cve,2009-3033 || url,www.securityfocus.com/bid/37092 || url,securitytracker.com/alerts/2009/Nov/1023238.html
        2010371 || ET SCAN Amap TCP Service Scan Detected || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Amap || url,doc.emergingthreats.net/2010371 || url,freeworld.thc.org/thc-amap/
        2010372 || ET SCAN Amap UDP Service Scan Detected || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Amap || url,doc.emergingthreats.net/2010372 || url,freeworld.thc.org/thc-amap/
        2010373 || ET WEB_CLIENT Haihaisoft Universal Player ActiveX Control URL Property Buffer Overflow Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_HaiHaisoft || url,doc.emergingthreats.net/2010373 || url,www.securityfocus.com/bid/37151/info || url,www.shinnai.net/exploits/ZzLsi6TIfSuVPh1kPHmP.txt
        2010374 || ET WEB_CLIENT ACTIVEX Haihaisoft Universal Player ActiveX Control URL Property Buffer Overflow Function Call Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_HaiHaisoft || url,doc.emergingthreats.net/2010374 || url,www.securityfocus.com/bid/37151/info || url,www.shinnai.net/exploits/ZzLsi6TIfSuVPh1kPHmP.txt
        2010375 || ET EXPLOIT Possible Oracle Database Text Component ctxsys.drvxtabc.create_tables Remote SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Oracle || url,doc.emergingthreats.net/2010375 || cve,2009-1991 || url,www.securityfocus.com/bid/36748
        2010376 || ET CURRENT_EVENTS WU Malicious Spam Inbound || url,doc.emergingthreats.net/2010376 || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_DHL
        2010377 || ET POLICY JBOSS/JMX 80 access from outside || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_Jboss || url,doc.emergingthreats.net/2010377 || url,www.nruns.com/_downloads/Whitepaper-Hacking-jBoss-using-a-Browser.pdf || url,www.notsosecure.com/folder2/2009/10/27/hacking-jboss-with-jmx-console/
        2010378 || ET POLICY JBOSS/JMX 8080 access from outside || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_Jboss || url,doc.emergingthreats.net/2010378 || url,www.nruns.com/_downloads/Whitepaper-Hacking-jBoss-using-a-Browser.pdf || url,www.notsosecure.com/folder2/2009/10/27/hacking-jboss-with-jmx-console/
        2010379 || ET WEB-APPS JBOSS/JMX REMOTE WAR deployment attempt (POST) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Jboss || url,doc.emergingthreats.net/2010379 || url,www.nruns.com/_downloads/Whitepaper-Hacking-jBoss-using-a-Browser.pdf || url,www.notsosecure.com/folder2/2009/10/27/hacking-jboss-with-jmx-console/
        2010380 || ET WEB-APPS JBOSS/JMX REMOTE WAR deployment attempt (GET) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Jboss || url,doc.emergingthreats.net/2010380 || url,www.nruns.com/_downloads/Whitepaper-Hacking-jBoss-using-a-Browser.pdf || url,www.notsosecure.com/folder2/2009/10/27/hacking-jboss-with-jmx-console/
        2010381 || ET TROJAN Bredolab Checkin || url,doc.emergingthreats.net/2010381 || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Bredolab || url,threatexpert.com/report.aspx?md5=a5f94577d00d0306e4ef64bad30e5d37
        2010382 || ET TROJAN Fake AV GET || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Bredolab || url,doc.emergingthreats.net/2010382 || url,threatexpert.com/report.aspx?md5=8d1b47452307259f1e191e16ed23cd35
        2010383 || ET EXPLOIT METASPLOIT BSD Bind shell || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010383
        2010384 || ET EXPLOIT METASPLOIT BSD Bind shell (Countdown Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010384
        2010385 || ET EXPLOIT METASPLOIT BSD Bind shell (Countdown Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010385
        2010386 || ET EXPLOIT METASPLOIT BSD Bind shell (Countdown Encoded 3) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010386
        2010387 || ET EXPLOIT METASPLOIT BSD Bind shell (Countdown Encoded 4) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010387
        2010388 || ET EXPLOIT METASPLOIT BSD Bind shell (Countdown Encoded 5) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010388
        2010389 || ET EXPLOIT METASPLOIT BSD Bind shell (Pex Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010389
        2010390 || ET EXPLOIT METASPLOIT BSD Bind shell (Pex Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010390
        2010391 || ET EXPLOIT METASPLOIT BSD Bind shell (Not Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010391
        2010392 || ET EXPLOIT METASPLOIT BSD Bind shell (Not Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010392
        2010393 || ET EXPLOIT METASPLOIT BSD Bind shell (Not Encoded 3) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010393
        2010394 || ET EXPLOIT METASPLOIT BSD Bind shell (Not Encoded 4) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010394
        2010395 || ET EXPLOIT METASPLOIT BSD Bind shell (Not Encoded 5) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010395
        2010396 || ET EXPLOIT METASPLOIT BSD Bind shell (Pex Alphanumeric Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010396
        2010397 || ET EXPLOIT METASPLOIT BSD Bind shell (Pex Alphanumeric Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010397
        2010398 || ET EXPLOIT METASPLOIT BSD Bind shell (Pex Alphanumeric Encoded 3) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010398
        2010399 || ET EXPLOIT METASPLOIT BSD Bind shell (Pex Alphanumeric Encoded 4) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010399
        2010400 || ET EXPLOIT METASPLOIT BSD Bind shell (Pex Alphanumeric Encoded 5) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010400
        2010401 || ET EXPLOIT METASPLOIT BSD Bind shell (PexFstEnvMov Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010401
        2010402 || ET EXPLOIT METASPLOIT BSD Bind shell (PexFstEnvMov Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010402
        2010403 || ET EXPLOIT METASPLOIT BSD Bind shell (JmpCallAdditive Encoded) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010403
        2010404 || ET EXPLOIT METASPLOIT BSD Bind shell (Alpha2 Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010404
        2010405 || ET EXPLOIT METASPLOIT BSD Bind shell (Alpha2 Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010405
        2010406 || ET EXPLOIT METASPLOIT BSD Bind shell (Alpha2 Encoded 3) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010406
        2010407 || ET EXPLOIT METASPLOIT BSD Reverse shell (PexFnstenvSub Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010407
        2010408 || ET EXPLOIT METASPLOIT BSD Reverse shell (PexFnstenvSub Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010408
        2010409 || ET EXPLOIT METASPLOIT BSD Reverse shell (Countdown Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010409
        2010410 || ET EXPLOIT METASPLOIT BSD Reverse shell (Countdown Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010410
        2010411 || ET EXPLOIT METASPLOIT BSD Reverse shell (Countdown Encoded 3) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010411
        2010412 || ET EXPLOIT METASPLOIT BSD Reverse shell (Countdown Encoded 4) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010412
        2010413 || ET EXPLOIT METASPLOIT BSD Reverse shell (Pex Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010413
        2010414 || ET EXPLOIT METASPLOIT BSD Reverse shell (Pex Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010414
        2010415 || ET EXPLOIT METASPLOIT BSD Reverse shell (Not Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010415
        2010416 || ET EXPLOIT METASPLOIT BSD Reverse shell (Not Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010416
        2010417 || ET EXPLOIT METASPLOIT BSD Reverse shell (Not Encoded 3) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010417
        2010418 || ET EXPLOIT METASPLOIT BSD Reverse shell (Pex Alphanumeric Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010418
        2010419 || ET EXPLOIT METASPLOIT BSD Reverse shell (Pex Alphanumeric Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010419
        2010420 || ET EXPLOIT METASPLOIT BSD Reverse shell (Pex Alphanumeric Encoded 3) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010420
        2010421 || ET EXPLOIT METASPLOIT BSD Reverse shell (PexFnstenvMov Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010421
        2010422 || ET EXPLOIT METASPLOIT BSD Reverse shell (PexFnstenvMov Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010422
        2010423 || ET EXPLOIT METASPLOIT BSD Reverse shell (JmpCallAdditive Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010423
        2010424 || ET EXPLOIT METASPLOIT BSD Reverse shell (Alpha2 Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010424
        2010425 || ET EXPLOIT METASPLOIT BSD Reverse shell (Alpha2 Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010425
        2010426 || ET EXPLOIT METASPLOIT BSD Reverse shell (Alpha2 Encoded 3) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010426
        2010427 || ET EXPLOIT METASPLOIT BSD SPARC Bind shell (SPARC Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010427
        2010428 || ET EXPLOIT METASPLOIT BSD SPARC Bind shell (SPARC Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010428
        2010429 || ET EXPLOIT METASPLOIT BSD SPARC Bind shell (Not Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010429
        2010430 || ET EXPLOIT METASPLOIT BSD SPARC Bind shell (Not Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010430
        2010431 || ET EXPLOIT METASPLOIT BSD SPARC Bind shell (Not Encoded 3) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010431
        2010432 || ET EXPLOIT METASPLOIT BSD SPARC Bind shell (Not Encoded 4) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010432
        2010433 || ET EXPLOIT METASPLOIT BSD SPARC Reverse shell (Not Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010433
        2010434 || ET EXPLOIT METASPLOIT BSD SPARC Reverse shell (Not Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010434
        2010435 || ET EXPLOIT METASPLOIT BSD SPARC Reverse shell (SPARC Encoded 1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010435
        2010436 || ET EXPLOIT METASPLOIT BSD SPARC Reverse shell (SPARC Encoded 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010436
        2010437 || ET EXPLOIT METASPLOIT BSD SPARC Reverse shell (Not Encoded 3) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Metasploit_Encoders || url,doc.emergingthreats.net/2010437
        2010438 || ET MALWARE Possible Malicious Applet Access (justexploit kit) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/MALWARE/MALWARE_Justexploit || url,doc.emergingthreats.net/2010438 || url,www.malwaredomainlist.com/forums/index.php?topic=3570.0
        2010439 || ET TROJAN Generic Trojan Checkin (UA VBTagEdit) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Generic.Malware || url,doc.emergingthreats.net/2010439
        2010440 || ET CURRENT_EVENTS MALWARE Potential Malware Download, flash-HQ-plugin.40000.exe || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Malwareurl_top_downloads || url,doc.emergingthreats.net/2010440 || url,malwareurl.com

     -> Added to emerging-virus.rules (1):
        #by Jaime Blasco, updates by evilghost

[---]     Removed non-rule lines:    [---]

     -> Removed from emerging-sid-msg.map (70):
        2008357 || ET SCAN Amap Scannner Traffic Inbound || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Amap || url,doc.emergingthreats.net/2008357 || url,freeworld.thc.org/thc-amap/
        2010369 || ET WEB_CLIENT Possible Symantec Altiris Deployment Solution and Notification Server ActiveX Control RunCmd Arbitrary Code Execution Attempt || cve,2009-3033 || url,www.securityfocus.com/bid/37092 || url,securitytracker.com/alerts/2009/Nov/1023238.html
        2010370 || ET WEB_CLIENT ACTIVEX Possible Symantec Altiris Deployment Solution and Notification Server ActiveX Control RunCmd Arbitrary Code Execution Function Call Attempt || cve,2009-3033 || url,www.securityfocus.com/bid/37092 || url,securitytracker.com/alerts/2009/Nov/1023238.html
        2010371 || ET SCAN Amap TCP Service Scan Detected || url,freeworld.thc.org/thc-amap/
        2010372 || ET SCAN Amap UDP Service Scan Detected || url,freeworld.thc.org/thc-amap/
        2010373 || ET WEB_CLIENT Haihaisoft Universal Player ActiveX Control URL Property Buffer Overflow Attempt || url,www.securityfocus.com/bid/37151/info || url,www.shinnai.net/exploits/ZzLsi6TIfSuVPh1kPHmP.txt
        2010374 || ET WEB_CLIENT ACTIVEX Haihaisoft Universal Player ActiveX Control URL Property Buffer Overflow Function Call Attempt || url,www.securityfocus.com/bid/37151/info || url,www.shinnai.net/exploits/ZzLsi6TIfSuVPh1kPHmP.txt
        2010375 || ET EXPLOIT Possible Oracle Database Text Component ctxsys.drvxtabc.create_tables Remote SQL Injection Attempt || cve,2009-1991 || url,www.securityfocus.com/bid/36748
        2010376 || ET CURRENT_EVENTS WU Malicious Spam Inbound || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_DHL
        2010377 || ET POLICY JBOSS/JMX 80 access from outside || url,www.nruns.com/_downloads/Whitepaper-Hacking-jBoss-using-a-Browser.pdf || url,www.notsosecure.com/folder2/2009/10/27/hacking-jboss-with-jmx-console/
        2010378 || ET POLICY JBOSS/JMX 8080 access from outside || url,www.nruns.com/_downloads/Whitepaper-Hacking-jBoss-using-a-Browser.pdf || url,www.notsosecure.com/folder2/2009/10/27/hacking-jboss-with-jmx-console/
        2010379 || ET WEB-APPS JBOSS/JMX REMOTE WAR deployment attempt (POST) || url,www.nruns.com/_downloads/Whitepaper-Hacking-jBoss-using-a-Browser.pdf || url,www.notsosecure.com/folder2/2009/10/27/hacking-jboss-with-jmx-console/
        2010380 || ET WEB-APPS JBOSS/JMX REMOTE WAR deployment  attempt (GET) || url,www.nruns.com/_downloads/Whitepaper-Hacking-jBoss-using-a-Browser.pdf || url,www.notsosecure.com/folder2/2009/10/27/hacking-jboss-with-jmx-console/
        2010381 || ET TROJAN Bredolab Checkin || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Bredolab || url,threatexpert.com/report.aspx?md5=a5f94577d00d0306e4ef64bad30e5d37
        2010382 || ET TROJAN Fake AV GET || url,threatexpert.com/report.aspx?md5=8d1b47452307259f1e191e16ed23cd35
        2010383 || ET EXPLOIT METASPLOIT BSD Bind shell
        2010384 || ET EXPLOIT METASPLOIT BSD Bind shell (Countdown Encoded 1)
        2010385 || ET EXPLOIT METASPLOIT BSD Bind shell (Countdown Encoded 2)
        2010386 || ET EXPLOIT METASPLOIT BSD Bind shell (Countdown Encoded 3)
        2010387 || ET EXPLOIT METASPLOIT BSD Bind shell (Countdown Encoded 4)
        2010388 || ET EXPLOIT METASPLOIT BSD Bind shell (Countdown Encoded 5)
        2010389 || ET EXPLOIT METASPLOIT BSD Bind shell (Pex Encoded 1)
        2010390 || ET EXPLOIT METASPLOIT BSD Bind shell (Pex Encoded 2)
        2010391 || ET EXPLOIT METASPLOIT BSD Bind shell (Not Encoded 1)
        2010392 || ET EXPLOIT METASPLOIT BSD Bind shell (Not Encoded 2)
        2010393 || ET EXPLOIT METASPLOIT BSD Bind shell (Not Encoded 3)
        2010394 || ET EXPLOIT METASPLOIT BSD Bind shell (Not Encoded 4)
        2010395 || ET EXPLOIT METASPLOIT BSD Bind shell (Not Encoded 5)
        2010396 || ET EXPLOIT METASPLOIT BSD Bind shell (Pex Alphanumeric Encoded 1)
        2010397 || ET EXPLOIT METASPLOIT BSD Bind shell (Pex Alphanumeric Encoded 2)
        2010398 || ET EXPLOIT METASPLOIT BSD Bind shell (Pex Alphanumeric Encoded 3)
        2010399 || ET EXPLOIT METASPLOIT BSD Bind shell (Pex Alphanumeric Encoded 4)
        2010400 || ET EXPLOIT METASPLOIT BSD Bind shell (Pex Alphanumeric Encoded 5)
        2010401 || ET EXPLOIT METASPLOIT BSD Bind shell (PexFstEnvMov Encoded 1)
        2010402 || ET EXPLOIT METASPLOIT BSD Bind shell (PexFstEnvMov Encoded 2)
        2010403 || ET EXPLOIT METASPLOIT BSD Bind shell (JmpCallAdditive Encoded)
        2010404 || ET EXPLOIT METASPLOIT BSD Bind shell (Alpha2 Encoded 1)
        2010405 || ET EXPLOIT METASPLOIT BSD Bind shell (Alpha2 Encoded 2)
        2010406 || ET EXPLOIT METASPLOIT BSD Bind shell (Alpha2 Encoded 3)
        2010407 || ET EXPLOIT METASPLOIT BSD Reverse shell (PexFnstenvSub Encoded 1)
        2010408 || ET EXPLOIT METASPLOIT BSD Reverse shell (PexFnstenvSub Encoded 2)
        2010409 || ET EXPLOIT METASPLOIT BSD Reverse shell (Countdown Encoded 1)
        2010410 || ET EXPLOIT METASPLOIT BSD Reverse shell (Countdown Encoded 2)
        2010411 || ET EXPLOIT METASPLOIT BSD Reverse shell (Countdown Encoded 3)
        2010412 || ET EXPLOIT METASPLOIT BSD Reverse shell (Countdown Encoded 4)
        2010413 || ET EXPLOIT METASPLOIT BSD Reverse shell (Pex Encoded 1)
        2010414 || ET EXPLOIT METASPLOIT BSD Reverse shell (Pex Encoded 2)
        2010415 || ET EXPLOIT METASPLOIT BSD Reverse shell (Not Encoded 1)
        2010416 || ET EXPLOIT METASPLOIT BSD Reverse shell (Not Encoded 2)
        2010417 || ET EXPLOIT METASPLOIT BSD Reverse shell (Not Encoded 3)
        2010418 || ET EXPLOIT METASPLOIT BSD Reverse shell (Pex Alphanumeric Encoded 1)
        2010419 || ET EXPLOIT METASPLOIT BSD Reverse shell (Pex Alphanumeric Encoded 2)
        2010420 || ET EXPLOIT METASPLOIT BSD Reverse shell (Pex Alphanumeric Encoded 3)
        2010421 || ET EXPLOIT METASPLOIT BSD Reverse shell (PexFnstenvMov Encoded 1)
        2010422 || ET EXPLOIT METASPLOIT BSD Reverse shell (PexFnstenvMov Encoded 2)
        2010423 || ET EXPLOIT METASPLOIT BSD Reverse shell (JmpCallAdditive Encoded 1)
        2010424 || ET EXPLOIT METASPLOIT BSD Reverse shell (Alpha2 Encoded 1)
        2010425 || ET EXPLOIT METASPLOIT BSD Reverse shell (Alpha2 Encoded 2)
        2010426 || ET EXPLOIT METASPLOIT BSD Reverse shell (Alpha2 Encoded 3)
        2010427 || ET EXPLOIT METASPLOIT BSD SPARC Bind shell (SPARC Encoded 1)
        2010428 || ET EXPLOIT METASPLOIT BSD SPARC Bind shell (SPARC Encoded 2)
        2010429 || ET EXPLOIT METASPLOIT BSD SPARC Bind shell (Not Encoded 1)
        2010430 || ET EXPLOIT METASPLOIT BSD SPARC Bind shell (Not Encoded 2)
        2010431 || ET EXPLOIT METASPLOIT BSD SPARC Bind shell (Not Encoded 3)
        2010432 || ET EXPLOIT METASPLOIT BSD SPARC Bind shell (Not Encoded 4)
        2010433 || ET EXPLOIT METASPLOIT BSD SPARC Reverse shell (Not Encoded 1)
        2010434 || ET EXPLOIT METASPLOIT BSD SPARC Reverse shell (Not Encoded 2)
        2010435 || ET EXPLOIT METASPLOIT BSD SPARC Reverse shell (SPARC Encoded 1)
        2010436 || ET EXPLOIT METASPLOIT BSD SPARC Reverse shell (SPARC Encoded 2)
        2010437 || ET EXPLOIT METASPLOIT BSD SPARC Reverse shell (Not Encoded 3)

     -> Removed from emerging-sid-msg.map.txt (70):
        2008357 || ET SCAN Amap Scannner Traffic Inbound || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Amap || url,doc.emergingthreats.net/2008357 || url,freeworld.thc.org/thc-amap/
        2010369 || ET WEB_CLIENT Possible Symantec Altiris Deployment Solution and Notification Server ActiveX Control RunCmd Arbitrary Code Execution Attempt || cve,2009-3033 || url,www.securityfocus.com/bid/37092 || url,securitytracker.com/alerts/2009/Nov/1023238.html
        2010370 || ET WEB_CLIENT ACTIVEX Possible Symantec Altiris Deployment Solution and Notification Server ActiveX Control RunCmd Arbitrary Code Execution Function Call Attempt || cve,2009-3033 || url,www.securityfocus.com/bid/37092 || url,securitytracker.com/alerts/2009/Nov/1023238.html
        2010371 || ET SCAN Amap TCP Service Scan Detected || url,freeworld.thc.org/thc-amap/
        2010372 || ET SCAN Amap UDP Service Scan Detected || url,freeworld.thc.org/thc-amap/
        2010373 || ET WEB_CLIENT Haihaisoft Universal Player ActiveX Control URL Property Buffer Overflow Attempt || url,www.securityfocus.com/bid/37151/info || url,www.shinnai.net/exploits/ZzLsi6TIfSuVPh1kPHmP.txt
        2010374 || ET WEB_CLIENT ACTIVEX Haihaisoft Universal Player ActiveX Control URL Property Buffer Overflow Function Call Attempt || url,www.securityfocus.com/bid/37151/info || url,www.shinnai.net/exploits/ZzLsi6TIfSuVPh1kPHmP.txt
        2010375 || ET EXPLOIT Possible Oracle Database Text Component ctxsys.drvxtabc.create_tables Remote SQL Injection Attempt || cve,2009-1991 || url,www.securityfocus.com/bid/36748
        2010376 || ET CURRENT_EVENTS WU Malicious Spam Inbound || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_DHL
        2010377 || ET POLICY JBOSS/JMX 80 access from outside || url,www.nruns.com/_downloads/Whitepaper-Hacking-jBoss-using-a-Browser.pdf || url,www.notsosecure.com/folder2/2009/10/27/hacking-jboss-with-jmx-console/
        2010378 || ET POLICY JBOSS/JMX 8080 access from outside || url,www.nruns.com/_downloads/Whitepaper-Hacking-jBoss-using-a-Browser.pdf || url,www.notsosecure.com/folder2/2009/10/27/hacking-jboss-with-jmx-console/
        2010379 || ET WEB-APPS JBOSS/JMX REMOTE WAR deployment attempt (POST) || url,www.nruns.com/_downloads/Whitepaper-Hacking-jBoss-using-a-Browser.pdf || url,www.notsosecure.com/folder2/2009/10/27/hacking-jboss-with-jmx-console/
        2010380 || ET WEB-APPS JBOSS/JMX REMOTE WAR deployment  attempt (GET) || url,www.nruns.com/_downloads/Whitepaper-Hacking-jBoss-using-a-Browser.pdf || url,www.notsosecure.com/folder2/2009/10/27/hacking-jboss-with-jmx-console/
        2010381 || ET TROJAN Bredolab Checkin || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Bredolab || url,threatexpert.com/report.aspx?md5=a5f94577d00d0306e4ef64bad30e5d37
        2010382 || ET TROJAN Fake AV GET || url,threatexpert.com/report.aspx?md5=8d1b47452307259f1e191e16ed23cd35
        2010383 || ET EXPLOIT METASPLOIT BSD Bind shell
        2010384 || ET EXPLOIT METASPLOIT BSD Bind shell (Countdown Encoded 1)
        2010385 || ET EXPLOIT METASPLOIT BSD Bind shell (Countdown Encoded 2)
        2010386 || ET EXPLOIT METASPLOIT BSD Bind shell (Countdown Encoded 3)
        2010387 || ET EXPLOIT METASPLOIT BSD Bind shell (Countdown Encoded 4)
        2010388 || ET EXPLOIT METASPLOIT BSD Bind shell (Countdown Encoded 5)
        2010389 || ET EXPLOIT METASPLOIT BSD Bind shell (Pex Encoded 1)
        2010390 || ET EXPLOIT METASPLOIT BSD Bind shell (Pex Encoded 2)
        2010391 || ET EXPLOIT METASPLOIT BSD Bind shell (Not Encoded 1)
        2010392 || ET EXPLOIT METASPLOIT BSD Bind shell (Not Encoded 2)
        2010393 || ET EXPLOIT METASPLOIT BSD Bind shell (Not Encoded 3)
        2010394 || ET EXPLOIT METASPLOIT BSD Bind shell (Not Encoded 4)
        2010395 || ET EXPLOIT METASPLOIT BSD Bind shell (Not Encoded 5)
        2010396 || ET EXPLOIT METASPLOIT BSD Bind shell (Pex Alphanumeric Encoded 1)
        2010397 || ET EXPLOIT METASPLOIT BSD Bind shell (Pex Alphanumeric Encoded 2)
        2010398 || ET EXPLOIT METASPLOIT BSD Bind shell (Pex Alphanumeric Encoded 3)
        2010399 || ET EXPLOIT METASPLOIT BSD Bind shell (Pex Alphanumeric Encoded 4)
        2010400 || ET EXPLOIT METASPLOIT BSD Bind shell (Pex Alphanumeric Encoded 5)
        2010401 || ET EXPLOIT METASPLOIT BSD Bind shell (PexFstEnvMov Encoded 1)
        2010402 || ET EXPLOIT METASPLOIT BSD Bind shell (PexFstEnvMov Encoded 2)
        2010403 || ET EXPLOIT METASPLOIT BSD Bind shell (JmpCallAdditive Encoded)
        2010404 || ET EXPLOIT METASPLOIT BSD Bind shell (Alpha2 Encoded 1)
        2010405 || ET EXPLOIT METASPLOIT BSD Bind shell (Alpha2 Encoded 2)
        2010406 || ET EXPLOIT METASPLOIT BSD Bind shell (Alpha2 Encoded 3)
        2010407 || ET EXPLOIT METASPLOIT BSD Reverse shell (PexFnstenvSub Encoded 1)
        2010408 || ET EXPLOIT METASPLOIT BSD Reverse shell (PexFnstenvSub Encoded 2)
        2010409 || ET EXPLOIT METASPLOIT BSD Reverse shell (Countdown Encoded 1)
        2010410 || ET EXPLOIT METASPLOIT BSD Reverse shell (Countdown Encoded 2)
        2010411 || ET EXPLOIT METASPLOIT BSD Reverse shell (Countdown Encoded 3)
        2010412 || ET EXPLOIT METASPLOIT BSD Reverse shell (Countdown Encoded 4)
        2010413 || ET EXPLOIT METASPLOIT BSD Reverse shell (Pex Encoded 1)
        2010414 || ET EXPLOIT METASPLOIT BSD Reverse shell (Pex Encoded 2)
        2010415 || ET EXPLOIT METASPLOIT BSD Reverse shell (Not Encoded 1)
        2010416 || ET EXPLOIT METASPLOIT BSD Reverse shell (Not Encoded 2)
        2010417 || ET EXPLOIT METASPLOIT BSD Reverse shell (Not Encoded 3)
        2010418 || ET EXPLOIT METASPLOIT BSD Reverse shell (Pex Alphanumeric Encoded 1)
        2010419 || ET EXPLOIT METASPLOIT BSD Reverse shell (Pex Alphanumeric Encoded 2)
        2010420 || ET EXPLOIT METASPLOIT BSD Reverse shell (Pex Alphanumeric Encoded 3)
        2010421 || ET EXPLOIT METASPLOIT BSD Reverse shell (PexFnstenvMov Encoded 1)
        2010422 || ET EXPLOIT METASPLOIT BSD Reverse shell (PexFnstenvMov Encoded 2)
        2010423 || ET EXPLOIT METASPLOIT BSD Reverse shell (JmpCallAdditive Encoded 1)
        2010424 || ET EXPLOIT METASPLOIT BSD Reverse shell (Alpha2 Encoded 1)
        2010425 || ET EXPLOIT METASPLOIT BSD Reverse shell (Alpha2 Encoded 2)
        2010426 || ET EXPLOIT METASPLOIT BSD Reverse shell (Alpha2 Encoded 3)
        2010427 || ET EXPLOIT METASPLOIT BSD SPARC Bind shell (SPARC Encoded 1)
        2010428 || ET EXPLOIT METASPLOIT BSD SPARC Bind shell (SPARC Encoded 2)
        2010429 || ET EXPLOIT METASPLOIT BSD SPARC Bind shell (Not Encoded 1)
        2010430 || ET EXPLOIT METASPLOIT BSD SPARC Bind shell (Not Encoded 2)
        2010431 || ET EXPLOIT METASPLOIT BSD SPARC Bind shell (Not Encoded 3)
        2010432 || ET EXPLOIT METASPLOIT BSD SPARC Bind shell (Not Encoded 4)
        2010433 || ET EXPLOIT METASPLOIT BSD SPARC Reverse shell (Not Encoded 1)
        2010434 || ET EXPLOIT METASPLOIT BSD SPARC Reverse shell (Not Encoded 2)
        2010435 || ET EXPLOIT METASPLOIT BSD SPARC Reverse shell (SPARC Encoded 1)
        2010436 || ET EXPLOIT METASPLOIT BSD SPARC Reverse shell (SPARC Encoded 2)
        2010437 || ET EXPLOIT METASPLOIT BSD SPARC Reverse shell (Not Encoded 3)



More information about the Emerging-updates mailing list