[Emerging-updates] Live Commit Output

emerging@emergingthreats.net emerging at emergingthreats.net
Mon Jul 26 14:02:42 EDT 2010


[***] Results from Oinkmaster started Mon Jul 26 14:02:42 2010 [***]

[+++]          Added rules:          [+++]

 2011247 - ET USER_AGENTS Forthgoer User Agent - Likely Hostile (emerging-user_agents.rules)


[///]     Modified active rules:     [///]

 2008354 - ET TROJAN LDPinch Checkin on Port 82 (emerging-virus.rules)
 2009215 - ET TROJAN Farfli HTTP Checkin Activity (emerging-virus.rules)
 2009693 - ET WEB_SPECIFIC_APPS Zen Cart Remote Code Execution  (emerging-web_specific_apps.rules)
 2010019 - ET SCAN Tomcat Web Application Manager scanning (emerging-scan.rules)


[---]         Removed rules:         [---]

 2007658 - ET TROJAN Farfli User Agent Detected (VYG) (emerging-virus.rules)
 2008018 - ET MALWARE Beautyscreens.com Related Spyware Install Success Report (emerging-malware.rules)
 2010063 - ET WEB_CLIENT Possible Google Apps 'googleapps.url.mailto' Handler IE Command Injection Attempt (emerging-web_client.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to emerging-sid-msg.map (1):
        2011247 || ET USER_AGENTS Forthgoer User Agent - Likely Hostile

     -> Added to emerging-sid-msg.map.txt (1):
        2011247 || ET USER_AGENTS Forthgoer User Agent - Likely Hostile

[---]     Removed non-rule lines:    [---]

     -> Removed from emerging-sid-msg.map (3):
        2007658 || ET TROJAN Farfli User Agent Detected (VYG) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Farfli || url,doc.emergingthreats.net/2007658
        2008018 || ET MALWARE Beautyscreens.com Related Spyware Install Success Report || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/MALWARE/MALWARE_Beautyscreens.com || url,doc.emergingthreats.net/bin/view/Main/2008018
        2010063 || ET WEB_CLIENT Possible Google Apps 'googleapps.url.mailto' Handler IE Command Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_Google || url,doc.emergingthreats.net/2010063 || url,retrogod.altervista.org/9sg_google_apps_uri.html || url,www.securityfocus.com/archive/1/506888 || url,www.securityfocus.com/bid/36581/info

     -> Removed from emerging-sid-msg.map.txt (3):
        2007658 || ET TROJAN Farfli User Agent Detected (VYG) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Farfli || url,doc.emergingthreats.net/2007658
        2008018 || ET MALWARE Beautyscreens.com Related Spyware Install Success Report || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/MALWARE/MALWARE_Beautyscreens.com || url,doc.emergingthreats.net/bin/view/Main/2008018
        2010063 || ET WEB_CLIENT Possible Google Apps 'googleapps.url.mailto' Handler IE Command Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_Google || url,doc.emergingthreats.net/2010063 || url,retrogod.altervista.org/9sg_google_apps_uri.html || url,www.securityfocus.com/archive/1/506888 || url,www.securityfocus.com/bid/36581/info

     -> Removed from emerging-virus.rules (1):
        # https://sandnet.emergingthreats.net/index.php?q=10493bc6d4d6f2f0d8fe61946315dcbd



More information about the Emerging-updates mailing list