[Emerging-updates] Live Commit Output

emerging@emergingthreats.net emerging at emergingthreats.net
Thu May 7 12:13:31 EDT 2009


[***] Results from Oinkmaster started Thu May  7 12:13:31 2009 [***]

[+++]          Added rules:          [+++]

 2009316 - ET WEB_SPECIFIC YapBB class_yapbbcooker.php cfgIncludeDirectory Parameter Remote File Inclusion (emerging-web_sql_injection.rules)
 2009317 - ET WEB_SPECIFIC DesktopOnNet don3_requiem.php app_path Parameter Remote File Inclusion (emerging-web_sql_injection.rules)
 2009318 - ET WEB_SPECIFIC DesktopOnNet frontpage.php app_path Parameter Remote File Inclusion (emerging-web_sql_injection.rules)
 2009319 - ET WEB_SPECIFIC DeZine DZcms products.php pcat parameter SQL injection (emerging-web_sql_injection.rules)
 2009320 - ET WEB_SPECIFIC rgboard _footer.php skin_path parameter local file inclusion (emerging-web_sql_injection.rules)
 2009321 - ET WEB_SPECIFIC rgboard footer.php _path parameter remote file inclusion (emerging-web_sql_injection.rules)
 2009322 - ET WEB_ACTIVEX SupportSoft DNA Editor Module ActiveX Control Insecure Method Remote Code Execution (emerging-web.rules)
 2009323 - ET WEB_SPECIFIC Demium CMS tracking.php follow_kat Parameter SQL Injection (emerging-web_sql_injection.rules)
 2009324 - ET WEB_SPECIFIC Demium CMS urheber.php name Parameter Local File Inclusion (emerging-web_sql_injection.rules)
 2009325 - ET WEB_SPECIFIC phPortal gunaysoft.php icerikyolu Parameter Remote File Inclusion (emerging-web_sql_injection.rules)
 2009326 - ET WEB_SPECIFIC phPortal gunaysoft.php sayfaid Parameter Remote File Inclusion (emerging-web_sql_injection.rules)
 2009327 - ET WEB_SPECIFIC phPortal gunaysoft.php uzanti Parameter Remote File Inclusion (emerging-web_sql_injection.rules)
 2009328 - ET WEB_ACTIVEX GeoVision LiveAudio ActiveX Control Remote Code Execution (emerging-web.rules)
 2009329 - ET WEB_SPECIFIC ZABBIX locales.php srclang Parameter Local File Inclusion (emerging-web_sql_injection.rules)
 2009330 - ET WEB_SPECIFIC MyForum centre.php padmin Parameter Local File Inclusion (emerging-web_sql_injection.rules)
 2009331 - ET WEB_SPECIFIC tinyCMS templater.php Local File Inclusion (emerging-web_sql_injection.rules)
 2009332 - ET WEB_SPECIFIC ODARS resource_categories_view.php CLASSES_ROOT parameter local file inclusion (emerging-web_sql_injection.rules)
 2009333 - ET WEB_SPECIFIC ODARS resource_categories_view.php CLASSES_ROOT parameter Remote file inclusion (emerging-web_sql_injection.rules)
 2009334 - ET WEB_ACTIVEX Morovia Barcode ActiveX Control Arbitrary File Overwrite (emerging-web.rules)
 2009335 - ET WEB_SPECIFIC nicLOR CMS-School showarticle.php aID Parameter SQL Injection (emerging-web_sql_injection.rules)
 2009336 - ET WEB Possible Web Backdoor cfexec.cfm access (emerging-web.rules)
 2009337 - ET WEB Possible Web Backdoor cmdasp.asp access (emerging-web.rules)
 2009338 - ET WEB Possible Web Backdoor cmdasp.aspx access (emerging-web.rules)
 2009339 - ET WEB Possible Web Backdoor simple-backdoor.php access (emerging-web.rules)
 2009340 - ET WEB Possible Web Backdoor php-backdoor.php access (emerging-web.rules)
 2009341 - ET WEB Possible Web Backdoor jsp-reverse.jsp access (emerging-web.rules)
 2009342 - ET WEB Possible Web Backdoor perlcmd.cgi access (emerging-web.rules)
 2009343 - ET WEB Possible Web Backdoor cmdjsp.jsp access (emerging-web.rules)
 2009344 - ET WEB Possible Web Backdoor cmd-asp-5.1.asp access (emerging-web.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to emerging-sid-msg.map (29):
        2009316 || ET WEB_SPECIFIC YapBB class_yapbbcooker.php cfgIncludeDirectory Parameter Remote File Inclusion || bugtraq,30686
        2009317 || ET WEB_SPECIFIC DesktopOnNet don3_requiem.php app_path Parameter Remote File Inclusion || url,milw0rm.com/exploits/5715 || url,xforce.iss.net/xforce/xfdb/42790 || cve,2008-2649
        2009318 || ET WEB_SPECIFIC DesktopOnNet frontpage.php app_path Parameter Remote File Inclusion || url,milw0rm.com/exploits/5715 || url,xforce.iss.net/xforce/xfdb/42790 || cve,2008-2649
        2009319 || ET WEB_SPECIFIC DeZine DZcms products.php pcat parameter SQL injection || url,milw0rm.com/exploits/7722 || bugtraq,33194
        2009320 || ET WEB_SPECIFIC rgboard _footer.php skin_path parameter local file inclusion || url,milw0rm.com/exploits/7978 || bugtraq,33621
        2009321 || ET WEB_SPECIFIC rgboard footer.php _path parameter remote file inclusion || url,milw0rm.com/exploits/7978 || bugtraq,33621
        2009322 || ET WEB_ACTIVEX SupportSoft DNA Editor Module ActiveX Control Insecure Method Remote Code Execution || url,milw0rm.com/exploits/8160 || bugtraq,34004
        2009323 || ET WEB_SPECIFIC Demium CMS tracking.php follow_kat Parameter SQL Injection || url,milw0rm.com/exploits/8124 || bugtraq,33933
        2009324 || ET WEB_SPECIFIC Demium CMS urheber.php name Parameter Local File Inclusion || url,milw0rm.com/exploits/8124 || bugtraq,33933
        2009325 || ET WEB_SPECIFIC phPortal gunaysoft.php icerikyolu Parameter Remote File Inclusion || url,xforce.iss.net/xforce/xfdb/43569 || cve,CVE-2008-3022 || bugtraq,30064
        2009326 || ET WEB_SPECIFIC phPortal gunaysoft.php sayfaid Parameter Remote File Inclusion || url,xforce.iss.net/xforce/xfdb/43569 || cve,CVE-2008-3022 || bugtraq,30064
        2009327 || ET WEB_SPECIFIC phPortal gunaysoft.php uzanti Parameter Remote File Inclusion || url,xforce.iss.net/xforce/xfdb/43569 || cve,CVE-2008-3022 || bugtraq,30064
        2009328 || ET WEB_ACTIVEX GeoVision LiveAudio ActiveX Control Remote Code Execution || url,milw0rm.com/exploits/8206 || bugtraq,34115
        2009329 || ET WEB_SPECIFIC ZABBIX locales.php srclang Parameter Local File Inclusion || bugtraq,33965 || url,milw0rm.com/exploits/8140 || url,secunia.com/advisories/34091/
        2009330 || ET WEB_SPECIFIC MyForum centre.php padmin Parameter Local File Inclusion || url,milw0rm.com/exploits/6846 || url,vupen.com/english/advisories/2008/2938
        2009331 || ET WEB_SPECIFIC tinyCMS templater.php Local File Inclusion || bugtraq,30785 || url,milw0rm.com/exploits/6287
        2009332 || ET WEB_SPECIFIC ODARS resource_categories_view.php CLASSES_ROOT parameter local file inclusion || url,milw0rm.com/exploits/5906 || url,secunia.com/advisories/30784/
        2009333 || ET WEB_SPECIFIC ODARS resource_categories_view.php CLASSES_ROOT parameter Remote file inclusion || url,milw0rm.com/exploits/5906 || url,secunia.com/advisories/30784/
        2009334 || ET WEB_ACTIVEX Morovia Barcode ActiveX Control Arbitrary File Overwrite || bugtraq,23934 || url,milw0rm.com/exploits/8208
        2009335 || ET WEB_SPECIFIC nicLOR CMS-School showarticle.php aID Parameter SQL Injection || url,xforce.iss.net/xforce/xfdb/46330 || url,milw0rm.com/exploits/6982 || bugtraq,32112
        2009336 || ET WEB Possible Web Backdoor cfexec.cfm access || url,ddanchev.blogspot.com/2007/04/compilation-of-web-backdoors.html
        2009337 || ET WEB Possible Web Backdoor cmdasp.asp access || url,ddanchev.blogspot.com/2007/04/compilation-of-web-backdoors.html
        2009338 || ET WEB Possible Web Backdoor cmdasp.aspx access || url,ddanchev.blogspot.com/2007/04/compilation-of-web-backdoors.html
        2009339 || ET WEB Possible Web Backdoor simple-backdoor.php access || url,ddanchev.blogspot.com/2007/04/compilation-of-web-backdoors.html
        2009340 || ET WEB Possible Web Backdoor php-backdoor.php access || url,ddanchev.blogspot.com/2007/04/compilation-of-web-backdoors.html
        2009341 || ET WEB Possible Web Backdoor jsp-reverse.jsp access || url,ddanchev.blogspot.com/2007/04/compilation-of-web-backdoors.html
        2009342 || ET WEB Possible Web Backdoor perlcmd.cgi access || url,ddanchev.blogspot.com/2007/04/compilation-of-web-backdoors.html
        2009343 || ET WEB Possible Web Backdoor cmdjsp.jsp access || url,ddanchev.blogspot.com/2007/04/compilation-of-web-backdoors.html
        2009344 || ET WEB Possible Web Backdoor cmd-asp-5.1.asp access || url,ddanchev.blogspot.com/2007/04/compilation-of-web-backdoors.html

     -> Added to emerging-sid-msg.map.txt (29):
        2009316 || ET WEB_SPECIFIC YapBB class_yapbbcooker.php cfgIncludeDirectory Parameter Remote File Inclusion || bugtraq,30686
        2009317 || ET WEB_SPECIFIC DesktopOnNet don3_requiem.php app_path Parameter Remote File Inclusion || url,milw0rm.com/exploits/5715 || url,xforce.iss.net/xforce/xfdb/42790 || cve,2008-2649
        2009318 || ET WEB_SPECIFIC DesktopOnNet frontpage.php app_path Parameter Remote File Inclusion || url,milw0rm.com/exploits/5715 || url,xforce.iss.net/xforce/xfdb/42790 || cve,2008-2649
        2009319 || ET WEB_SPECIFIC DeZine DZcms products.php pcat parameter SQL injection || url,milw0rm.com/exploits/7722 || bugtraq,33194
        2009320 || ET WEB_SPECIFIC rgboard _footer.php skin_path parameter local file inclusion || url,milw0rm.com/exploits/7978 || bugtraq,33621
        2009321 || ET WEB_SPECIFIC rgboard footer.php _path parameter remote file inclusion || url,milw0rm.com/exploits/7978 || bugtraq,33621
        2009322 || ET WEB_ACTIVEX SupportSoft DNA Editor Module ActiveX Control Insecure Method Remote Code Execution || url,milw0rm.com/exploits/8160 || bugtraq,34004
        2009323 || ET WEB_SPECIFIC Demium CMS tracking.php follow_kat Parameter SQL Injection || url,milw0rm.com/exploits/8124 || bugtraq,33933
        2009324 || ET WEB_SPECIFIC Demium CMS urheber.php name Parameter Local File Inclusion || url,milw0rm.com/exploits/8124 || bugtraq,33933
        2009325 || ET WEB_SPECIFIC phPortal gunaysoft.php icerikyolu Parameter Remote File Inclusion || url,xforce.iss.net/xforce/xfdb/43569 || cve,CVE-2008-3022 || bugtraq,30064
        2009326 || ET WEB_SPECIFIC phPortal gunaysoft.php sayfaid Parameter Remote File Inclusion || url,xforce.iss.net/xforce/xfdb/43569 || cve,CVE-2008-3022 || bugtraq,30064
        2009327 || ET WEB_SPECIFIC phPortal gunaysoft.php uzanti Parameter Remote File Inclusion || url,xforce.iss.net/xforce/xfdb/43569 || cve,CVE-2008-3022 || bugtraq,30064
        2009328 || ET WEB_ACTIVEX GeoVision LiveAudio ActiveX Control Remote Code Execution || url,milw0rm.com/exploits/8206 || bugtraq,34115
        2009329 || ET WEB_SPECIFIC ZABBIX locales.php srclang Parameter Local File Inclusion || bugtraq,33965 || url,milw0rm.com/exploits/8140 || url,secunia.com/advisories/34091/
        2009330 || ET WEB_SPECIFIC MyForum centre.php padmin Parameter Local File Inclusion || url,milw0rm.com/exploits/6846 || url,vupen.com/english/advisories/2008/2938
        2009331 || ET WEB_SPECIFIC tinyCMS templater.php Local File Inclusion || bugtraq,30785 || url,milw0rm.com/exploits/6287
        2009332 || ET WEB_SPECIFIC ODARS resource_categories_view.php CLASSES_ROOT parameter local file inclusion || url,milw0rm.com/exploits/5906 || url,secunia.com/advisories/30784/
        2009333 || ET WEB_SPECIFIC ODARS resource_categories_view.php CLASSES_ROOT parameter Remote file inclusion || url,milw0rm.com/exploits/5906 || url,secunia.com/advisories/30784/
        2009334 || ET WEB_ACTIVEX Morovia Barcode ActiveX Control Arbitrary File Overwrite || bugtraq,23934 || url,milw0rm.com/exploits/8208
        2009335 || ET WEB_SPECIFIC nicLOR CMS-School showarticle.php aID Parameter SQL Injection || url,xforce.iss.net/xforce/xfdb/46330 || url,milw0rm.com/exploits/6982 || bugtraq,32112
        2009336 || ET WEB Possible Web Backdoor cfexec.cfm access || url,ddanchev.blogspot.com/2007/04/compilation-of-web-backdoors.html
        2009337 || ET WEB Possible Web Backdoor cmdasp.asp access || url,ddanchev.blogspot.com/2007/04/compilation-of-web-backdoors.html
        2009338 || ET WEB Possible Web Backdoor cmdasp.aspx access || url,ddanchev.blogspot.com/2007/04/compilation-of-web-backdoors.html
        2009339 || ET WEB Possible Web Backdoor simple-backdoor.php access || url,ddanchev.blogspot.com/2007/04/compilation-of-web-backdoors.html
        2009340 || ET WEB Possible Web Backdoor php-backdoor.php access || url,ddanchev.blogspot.com/2007/04/compilation-of-web-backdoors.html
        2009341 || ET WEB Possible Web Backdoor jsp-reverse.jsp access || url,ddanchev.blogspot.com/2007/04/compilation-of-web-backdoors.html
        2009342 || ET WEB Possible Web Backdoor perlcmd.cgi access || url,ddanchev.blogspot.com/2007/04/compilation-of-web-backdoors.html
        2009343 || ET WEB Possible Web Backdoor cmdjsp.jsp access || url,ddanchev.blogspot.com/2007/04/compilation-of-web-backdoors.html
        2009344 || ET WEB Possible Web Backdoor cmd-asp-5.1.asp access || url,ddanchev.blogspot.com/2007/04/compilation-of-web-backdoors.html

     -> Added to emerging-web.rules (1):
        #by Jaime Blasco



More information about the Emerging-updates mailing list