[Emerging-updates] Live Commit Output

emerging@emergingthreats.net emerging at emergingthreats.net
Tue Jul 20 16:24:22 EDT 2010


[***] Results from Oinkmaster started Tue Jul 20 16:24:22 2010 [***]

[+++]          Added rules:          [+++]

 2011229 - ET USER_AGENTS Suspicious User Agent (Suggestion) (emerging-user_agents.rules)


[///]     Modified active rules:     [///]

 2011173 - ET CURRENT_EVENTS Windows Help Center Malformed Escape Sequence XSS Command Execution Attempt (emerging-current_events.rules)
 2011766 - ET SCAN Sipvicious User-Agent Detected (sundayddr) (emerging-scan.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to emerging-sid-msg.map (2):
        2011173 || ET CURRENT_EVENTS Windows Help Center Malformed Escape Sequence XSS Command Execution Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_WinHelp || url,doc.emergingthreats.net/2011173 || cve,2010-1885 || url,http://technet.microsoft.com/en-us/windowsserver/bb310732.aspx || url,archives.neohapsis.com/archives/fulldisclosure/2010-06/0197.html || url,www.microsoft.com/technet/security/bulletin/MS10-042.mspx || url,tools.cisco.com/security/center/viewAlert.x?alertId=20864 || url,www.exploit-db.com/exploits/13808/
        2011229 || ET USER_AGENTS Suspicious User Agent (Suggestion)

     -> Added to emerging-sid-msg.map.txt (2):
        2011173 || ET CURRENT_EVENTS Windows Help Center Malformed Escape Sequence XSS Command Execution Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_WinHelp || url,doc.emergingthreats.net/2011173 || cve,2010-1885 || url,http://technet.microsoft.com/en-us/windowsserver/bb310732.aspx || url,archives.neohapsis.com/archives/fulldisclosure/2010-06/0197.html || url,www.microsoft.com/technet/security/bulletin/MS10-042.mspx || url,tools.cisco.com/security/center/viewAlert.x?alertId=20864 || url,www.exploit-db.com/exploits/13808/
        2011229 || ET USER_AGENTS Suspicious User Agent (Suggestion)

[---]     Removed non-rule lines:    [---]

     -> Removed from emerging-sid-msg.map (1):
        2011173 || ET CURRENT_EVENTS Windows Help Center Arbitrary Command Execution Exploit Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_WinHelp || url,doc.emergingthreats.net/2011173 || url,www.exploit-db.com/exploits/13808/

     -> Removed from emerging-sid-msg.map.txt (1):
        2011173 || ET CURRENT_EVENTS Windows Help Center Arbitrary Command Execution Exploit Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_WinHelp || url,doc.emergingthreats.net/2011173 || url,www.exploit-db.com/exploits/13808/



More information about the Emerging-updates mailing list