[Emerging-updates] Live Commit Output

emerging@emergingthreats.net emerging at emergingthreats.net
Thu Jul 29 17:40:37 EDT 2010


[***] Results from Oinkmaster started Thu Jul 29 17:40:37 2010 [***]

[///]     Modified active rules:     [///]

 2003634 - ET SCAN Suspicious User-Agent - get-minimal - Possible Vuln Scan (emerging-scan.rules)
 2008899 - ET WEB_SPECIFIC_APPS Pie RSS module lib parameter remote file inclusion (emerging-web_specific_apps.rules)
 2009513 - ET WEB_SPECIFIC_APPS Possible Rentventory SQL Injection Attempt (emerging-web_specific_apps.rules)
 2009653 - ET WEB_SPECIFIC_APPS SMA-DB format.php _page_css Parameter Remote File Inclusion (emerging-web_specific_apps.rules)
 2009654 - ET WEB_SPECIFIC_APPS SMA-DB format.php _page_javascript Parameter Remote File Inclusion (emerging-web_specific_apps.rules)
 2009656 - ET WEB_SPECIFIC_APPS SMA-DB format.php _page_content Parameter Remote File Inclusion (emerging-web_specific_apps.rules)
 2010092 - ET WEB_SPECIFIC_APPS Webradev Download Protect EmailTemplates.class.php Remote File Inclusion (emerging-web_specific_apps.rules)
 2010093 - ET WEB_SPECIFIC_APPS Webradev Download Protect PDPEmailReplaceConstants.class.php Remote File Inclusion (emerging-web_specific_apps.rules)
 2010094 - ET WEB_SPECIFIC_APPS Webradev Download Protect ResellersManager.class.php Remote File Inclusion (emerging-web_specific_apps.rules)
 2010095 - ET WEB_SPECIFIC_APPS PHPGenealogy CoupleDB.php DataDirectory Parameter Remote File Inclusion (emerging-web_specific_apps.rules)
 2010097 - ET WEB_SPECIFIC_APPS RaXnet Cacti top_graph_header.php config Parameter Remote File Inclusion (emerging-web_specific_apps.rules)
 2010098 - ET WEB_SPECIFIC_APPS Telephone Directory 2008 edit1.php code Parameter SQL Injection (emerging-web_specific_apps.rules)
 2010099 - ET WEB_SPECIFIC_APPS News Manager ch_readalso.php read_xml_include Parameter Remote File Inclusion (emerging-web_specific_apps.rules)
 2010122 - ET WEB_SPECIFIC_APPS NewSolved newsscript.php idneu Parameter SQL Injection (emerging-web_specific_apps.rules)
 2010123 - ET WEB_SPECIFIC_APPS NewSolved newsscript.php newsid Parameter SQL Injection (emerging-web_specific_apps.rules)
 2010379 - ET WEB_SERVER JBOSS/JMX REMOTE WAR deployment attempt (POST) (emerging-web_server.rules)
 2010380 - ET WEB_SERVER JBOSS/JMX REMOTE WAR deployment attempt (GET) (emerging-web_server.rules)
 2010714 - ET WEB_SPECIFIC_APPS Joomla Foobla Suggestions Component idea_id UPDATE SET SQL Injection Attempt (emerging-web_specific_apps.rules)
 2010817 - ET CURRENT_EVENTS Possible Cisco ASA 5500 Series Adaptive Security Appliance Remote SIP Inspection Device Reload Denial of Service Attempt (emerging-current_events.rules)
 2010842 - ET WEB_SPECIFIC_APPS Joomla com_avosbillets Component id Parameter UPDATE SET SQL Injection Attempt (emerging-web_specific_apps.rules)
 2010843 - ET WEB_SPECIFIC_APPS Joomla com_avosbilletsy Component id Parameter SELECT FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2010844 - ET WEB_SPECIFIC_APPS Joomla com_avosbillets Component id Parameter DELETE FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2010845 - ET WEB_SPECIFIC_APPS Joomla com_avosbillets Component id Parameter UNION SELECT SQL Injection Attempt (emerging-web_specific_apps.rules)
 2010846 - ET WEB_SPECIFIC_APPS Joomla com_avosbillets Component id Parameter INSERT INTO SQL Injection Attempt (emerging-web_specific_apps.rules)


[///]    Modified inactive rules:    [///]

 2010818 - ET CURRENT_EVENTS Possible Cisco ASA 5500 Series Adaptive Security Appliance Remote SIP Inspection Device Reload Denial of Service Attempt (emerging-current_events.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to emerging-sid-msg.map (25):
        2003634 || ET SCAN Suspicious User-Agent - get-minimal - Possible Vuln Scan || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Get-minimal_UA || url,doc.emergingthreats.net/2003634
        2008899 || ET WEB_SPECIFIC_APPS Pie RSS module lib parameter remote file inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_PieRSS || url,doc.emergingthreats.net/2008899 || url,milw0rm.com/exploits/7225 || bugtraq,32465
        2009513 || ET WEB_SPECIFIC_APPS Possible Rentventory SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Rentventory || url,doc.emergingthreats.net/2009513 || url,www.milw0rm.com/exploits/9081
        2009653 || ET WEB_SPECIFIC_APPS SMA-DB format.php _page_css Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_SMADB || url,doc.emergingthreats.net/2009653 || url,milw0rm.com/exploits/8460 || bugtraq,34569
        2009654 || ET WEB_SPECIFIC_APPS SMA-DB format.php _page_javascript Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_SMADB || url,doc.emergingthreats.net/2009654 || url,milw0rm.com/exploits/8460 || bugtraq,34569
        2009656 || ET WEB_SPECIFIC_APPS SMA-DB format.php _page_content Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_SMADB || url,doc.emergingthreats.net/2009656 || url,milw0rm.com/exploits/8460 || bugtraq,34569
        2010092 || ET WEB_SPECIFIC_APPS Webradev Download Protect EmailTemplates.class.php Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_WebRadev || url,doc.emergingthreats.net/2010092 || url,milw0rm.com/exploits/8792
        2010093 || ET WEB_SPECIFIC_APPS Webradev Download Protect PDPEmailReplaceConstants.class.php Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_WebRadev || url,doc.emergingthreats.net/2010093 || url,milw0rm.com/exploits/8792
        2010094 || ET WEB_SPECIFIC_APPS Webradev Download Protect ResellersManager.class.php Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_WebRadev || url,doc.emergingthreats.net/2010094 || url,milw0rm.com/exploits/8792
        2010095 || ET WEB_SPECIFIC_APPS PHPGenealogy CoupleDB.php DataDirectory Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_PHPGenealogy || url,doc.emergingthreats.net/2010095 || url,packetstormsecurity.org/0907-exploits/phpgenealogy-rfi.txt || url,milw0rm.com/exploits/9155
        2010097 || ET WEB_SPECIFIC_APPS RaXnet Cacti top_graph_header.php config Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_RaXnet_Cacti || url,doc.emergingthreats.net/2010097 || bugtraq,14030
        2010098 || ET WEB_SPECIFIC_APPS Telephone Directory 2008 edit1.php code Parameter SQL Injection || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Telephone_Dir2008 || url,doc.emergingthreats.net/2010098 || url,milw0rm.com/exploits/5764 || url,xforce.iss.net/xforce/xfdb/42972 || bugtraq,29614
        2010099 || ET WEB_SPECIFIC_APPS News Manager ch_readalso.php read_xml_include Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_News_Manager || url,doc.emergingthreats.net/2010099 || url,milw0rm.com/exploits/5624 || url,xforce.iss.net/xforce/xfdb/42459 || bugtraq,29251
        2010122 || ET WEB_SPECIFIC_APPS NewSolved newsscript.php idneu Parameter SQL Injection || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_NewSolved || url,doc.emergingthreats.net/2010122 || url,milw0rm.com/exploits/9042 || url,secunia.com/advisories/35611/
        2010123 || ET WEB_SPECIFIC_APPS NewSolved newsscript.php newsid Parameter SQL Injection || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_NewSolved || url,doc.emergingthreats.net/2010123 || url,milw0rm.com/exploits/9042 || url,secunia.com/advisories/35611/
        2010379 || ET WEB_SERVER JBOSS/JMX REMOTE WAR deployment attempt (POST) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Jboss || url,doc.emergingthreats.net/2010379 || url,www.nruns.com/_downloads/Whitepaper-Hacking-jBoss-using-a-Browser.pdf || url,www.notsosecure.com/folder2/2009/10/27/hacking-jboss-with-jmx-console/
        2010380 || ET WEB_SERVER JBOSS/JMX REMOTE WAR deployment attempt (GET) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Jboss || url,doc.emergingthreats.net/2010380 || url,www.nruns.com/_downloads/Whitepaper-Hacking-jBoss-using-a-Browser.pdf || url,www.notsosecure.com/folder2/2009/10/27/hacking-jboss-with-jmx-console/
        2010714 || ET WEB_SPECIFIC_APPS Joomla Foobla Suggestions Component idea_id UPDATE SET SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Joomla || url,doc.emergingthreats.net/2010714 || bugtraq,36425
        2010817 || ET CURRENT_EVENTS Possible Cisco ASA 5500 Series Adaptive Security Appliance Remote SIP Inspection Device Reload Denial of Service Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Cisco || url,doc.emergingthreats.net/2010817 || cve,2010-0569 || url,tools.cisco.com/security/center/viewAlert.x?alertId=19915
        2010818 || ET CURRENT_EVENTS Possible Cisco ASA 5500 Series Adaptive Security Appliance Remote SIP Inspection Device Reload Denial of Service Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Cisco || url,doc.emergingthreats.net/2010818 || cve,2010-0569 || url,tools.cisco.com/security/center/viewAlert.x?alertId=19915
        2010842 || ET WEB_SPECIFIC_APPS Joomla com_avosbillets Component id Parameter UPDATE SET SQL Injection Attempt || url,doc.emergingthreats.net/2010842 || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Joomla || bugtraq,37576
        2010843 || ET WEB_SPECIFIC_APPS Joomla com_avosbilletsy Component id Parameter SELECT FROM SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Joomla || url,doc.emergingthreats.net/2010843 || bugtraq,37576
        2010844 || ET WEB_SPECIFIC_APPS Joomla com_avosbillets Component id Parameter DELETE FROM SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Joomla || url,doc.emergingthreats.net/2010844 || bugtraq,37576
        2010845 || ET WEB_SPECIFIC_APPS Joomla com_avosbillets Component id Parameter UNION SELECT SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Joomla || url,doc.emergingthreats.net/2010845 || bugtraq,37576
        2010846 || ET WEB_SPECIFIC_APPS Joomla com_avosbillets Component id Parameter INSERT INTO SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Joomla || url,doc.emergingthreats.net/2010846 || bugtraq,37576

     -> Added to emerging-sid-msg.map.txt (25):
        2003634 || ET SCAN Suspicious User-Agent - get-minimal - Possible Vuln Scan || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Get-minimal_UA || url,doc.emergingthreats.net/2003634
        2008899 || ET WEB_SPECIFIC_APPS Pie RSS module lib parameter remote file inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_PieRSS || url,doc.emergingthreats.net/2008899 || url,milw0rm.com/exploits/7225 || bugtraq,32465
        2009513 || ET WEB_SPECIFIC_APPS Possible Rentventory SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Rentventory || url,doc.emergingthreats.net/2009513 || url,www.milw0rm.com/exploits/9081
        2009653 || ET WEB_SPECIFIC_APPS SMA-DB format.php _page_css Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_SMADB || url,doc.emergingthreats.net/2009653 || url,milw0rm.com/exploits/8460 || bugtraq,34569
        2009654 || ET WEB_SPECIFIC_APPS SMA-DB format.php _page_javascript Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_SMADB || url,doc.emergingthreats.net/2009654 || url,milw0rm.com/exploits/8460 || bugtraq,34569
        2009656 || ET WEB_SPECIFIC_APPS SMA-DB format.php _page_content Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_SMADB || url,doc.emergingthreats.net/2009656 || url,milw0rm.com/exploits/8460 || bugtraq,34569
        2010092 || ET WEB_SPECIFIC_APPS Webradev Download Protect EmailTemplates.class.php Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_WebRadev || url,doc.emergingthreats.net/2010092 || url,milw0rm.com/exploits/8792
        2010093 || ET WEB_SPECIFIC_APPS Webradev Download Protect PDPEmailReplaceConstants.class.php Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_WebRadev || url,doc.emergingthreats.net/2010093 || url,milw0rm.com/exploits/8792
        2010094 || ET WEB_SPECIFIC_APPS Webradev Download Protect ResellersManager.class.php Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_WebRadev || url,doc.emergingthreats.net/2010094 || url,milw0rm.com/exploits/8792
        2010095 || ET WEB_SPECIFIC_APPS PHPGenealogy CoupleDB.php DataDirectory Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_PHPGenealogy || url,doc.emergingthreats.net/2010095 || url,packetstormsecurity.org/0907-exploits/phpgenealogy-rfi.txt || url,milw0rm.com/exploits/9155
        2010097 || ET WEB_SPECIFIC_APPS RaXnet Cacti top_graph_header.php config Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_RaXnet_Cacti || url,doc.emergingthreats.net/2010097 || bugtraq,14030
        2010098 || ET WEB_SPECIFIC_APPS Telephone Directory 2008 edit1.php code Parameter SQL Injection || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Telephone_Dir2008 || url,doc.emergingthreats.net/2010098 || url,milw0rm.com/exploits/5764 || url,xforce.iss.net/xforce/xfdb/42972 || bugtraq,29614
        2010099 || ET WEB_SPECIFIC_APPS News Manager ch_readalso.php read_xml_include Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_News_Manager || url,doc.emergingthreats.net/2010099 || url,milw0rm.com/exploits/5624 || url,xforce.iss.net/xforce/xfdb/42459 || bugtraq,29251
        2010122 || ET WEB_SPECIFIC_APPS NewSolved newsscript.php idneu Parameter SQL Injection || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_NewSolved || url,doc.emergingthreats.net/2010122 || url,milw0rm.com/exploits/9042 || url,secunia.com/advisories/35611/
        2010123 || ET WEB_SPECIFIC_APPS NewSolved newsscript.php newsid Parameter SQL Injection || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_NewSolved || url,doc.emergingthreats.net/2010123 || url,milw0rm.com/exploits/9042 || url,secunia.com/advisories/35611/
        2010379 || ET WEB_SERVER JBOSS/JMX REMOTE WAR deployment attempt (POST) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Jboss || url,doc.emergingthreats.net/2010379 || url,www.nruns.com/_downloads/Whitepaper-Hacking-jBoss-using-a-Browser.pdf || url,www.notsosecure.com/folder2/2009/10/27/hacking-jboss-with-jmx-console/
        2010380 || ET WEB_SERVER JBOSS/JMX REMOTE WAR deployment attempt (GET) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Jboss || url,doc.emergingthreats.net/2010380 || url,www.nruns.com/_downloads/Whitepaper-Hacking-jBoss-using-a-Browser.pdf || url,www.notsosecure.com/folder2/2009/10/27/hacking-jboss-with-jmx-console/
        2010714 || ET WEB_SPECIFIC_APPS Joomla Foobla Suggestions Component idea_id UPDATE SET SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Joomla || url,doc.emergingthreats.net/2010714 || bugtraq,36425
        2010817 || ET CURRENT_EVENTS Possible Cisco ASA 5500 Series Adaptive Security Appliance Remote SIP Inspection Device Reload Denial of Service Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Cisco || url,doc.emergingthreats.net/2010817 || cve,2010-0569 || url,tools.cisco.com/security/center/viewAlert.x?alertId=19915
        2010818 || ET CURRENT_EVENTS Possible Cisco ASA 5500 Series Adaptive Security Appliance Remote SIP Inspection Device Reload Denial of Service Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Cisco || url,doc.emergingthreats.net/2010818 || cve,2010-0569 || url,tools.cisco.com/security/center/viewAlert.x?alertId=19915
        2010842 || ET WEB_SPECIFIC_APPS Joomla com_avosbillets Component id Parameter UPDATE SET SQL Injection Attempt || url,doc.emergingthreats.net/2010842 || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Joomla || bugtraq,37576
        2010843 || ET WEB_SPECIFIC_APPS Joomla com_avosbilletsy Component id Parameter SELECT FROM SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Joomla || url,doc.emergingthreats.net/2010843 || bugtraq,37576
        2010844 || ET WEB_SPECIFIC_APPS Joomla com_avosbillets Component id Parameter DELETE FROM SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Joomla || url,doc.emergingthreats.net/2010844 || bugtraq,37576
        2010845 || ET WEB_SPECIFIC_APPS Joomla com_avosbillets Component id Parameter UNION SELECT SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Joomla || url,doc.emergingthreats.net/2010845 || bugtraq,37576
        2010846 || ET WEB_SPECIFIC_APPS Joomla com_avosbillets Component id Parameter INSERT INTO SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Joomla || url,doc.emergingthreats.net/2010846 || bugtraq,37576

[---]     Removed non-rule lines:    [---]

     -> Removed from emerging-sid-msg.map (25):
        2003634 || ET WEB_SPECIFIC Suspicious User-Agent - get-minimal - Possible Vuln Scan || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Get-minimal_UA || url,doc.emergingthreats.net/2003634
        2008899 || ET WEB_SPECIFIC Pie RSS module lib parameter remote file inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_PieRSS || url,doc.emergingthreats.net/2008899 || url,milw0rm.com/exploits/7225 || bugtraq,32465
        2009513 || ET WEB_SPECIFIC Possible Rentventory SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Rentventory || url,doc.emergingthreats.net/2009513 || url,www.milw0rm.com/exploits/9081
        2009653 || ET WEB_SPECIFIC SMA-DB format.php _page_css Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_SMADB || url,doc.emergingthreats.net/2009653 || url,milw0rm.com/exploits/8460 || bugtraq,34569
        2009654 || ET WEB_SPECIFIC SMA-DB format.php _page_javascript Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_SMADB || url,doc.emergingthreats.net/2009654 || url,milw0rm.com/exploits/8460 || bugtraq,34569
        2009656 || ET WEB_SPECIFIC SMA-DB format.php _page_content Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_SMADB || url,doc.emergingthreats.net/2009656 || url,milw0rm.com/exploits/8460 || bugtraq,34569
        2010092 || ET WEB_SPECIFIC Webradev Download Protect EmailTemplates.class.php Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_WebRadev || url,doc.emergingthreats.net/2010092 || url,milw0rm.com/exploits/8792
        2010093 || ET WEB_SPECIFIC Webradev Download Protect PDPEmailReplaceConstants.class.php Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_WebRadev || url,doc.emergingthreats.net/2010093 || url,milw0rm.com/exploits/8792
        2010094 || ET WEB_SPECIFIC Webradev Download Protect ResellersManager.class.php Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_WebRadev || url,doc.emergingthreats.net/2010094 || url,milw0rm.com/exploits/8792
        2010095 || ET WEB_SPECIFIC PHPGenealogy CoupleDB.php DataDirectory Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_PHPGenealogy || url,doc.emergingthreats.net/2010095 || url,packetstormsecurity.org/0907-exploits/phpgenealogy-rfi.txt || url,milw0rm.com/exploits/9155
        2010097 || ET WEB_SPECIFIC RaXnet Cacti top_graph_header.php config Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_RaXnet_Cacti || url,doc.emergingthreats.net/2010097 || bugtraq,14030
        2010098 || ET WEB_SPECIFIC Telephone Directory 2008 edit1.php code Parameter SQL Injection || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Telephone_Dir2008 || url,doc.emergingthreats.net/2010098 || url,milw0rm.com/exploits/5764 || url,xforce.iss.net/xforce/xfdb/42972 || bugtraq,29614
        2010099 || ET WEB_SPECIFIC News Manager ch_readalso.php read_xml_include Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_News_Manager || url,doc.emergingthreats.net/2010099 || url,milw0rm.com/exploits/5624 || url,xforce.iss.net/xforce/xfdb/42459 || bugtraq,29251
        2010122 || ET WEB_SPECIFIC NewSolved newsscript.php idneu Parameter SQL Injection || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_NewSolved || url,doc.emergingthreats.net/2010122 || url,milw0rm.com/exploits/9042 || url,secunia.com/advisories/35611/
        2010123 || ET WEB_SPECIFIC NewSolved newsscript.php newsid Parameter SQL Injection || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_NewSolved || url,doc.emergingthreats.net/2010123 || url,milw0rm.com/exploits/9042 || url,secunia.com/advisories/35611/
        2010379 || ET WEB-APPS JBOSS/JMX REMOTE WAR deployment attempt (POST) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Jboss || url,doc.emergingthreats.net/2010379 || url,www.nruns.com/_downloads/Whitepaper-Hacking-jBoss-using-a-Browser.pdf || url,www.notsosecure.com/folder2/2009/10/27/hacking-jboss-with-jmx-console/
        2010380 || ET WEB-APPS JBOSS/JMX REMOTE WAR deployment attempt (GET) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Jboss || url,doc.emergingthreats.net/2010380 || url,www.nruns.com/_downloads/Whitepaper-Hacking-jBoss-using-a-Browser.pdf || url,www.notsosecure.com/folder2/2009/10/27/hacking-jboss-with-jmx-console/
        2010714 || ET WEB_SPECIFIC _APPS Joomla Foobla Suggestions Component idea_id UPDATE SET SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Joomla || url,doc.emergingthreats.net/2010714 || bugtraq,36425
        2010817 || ET CURRENT Possible Cisco ASA 5500 Series Adaptive Security Appliance Remote SIP Inspection Device Reload Denial of Service Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Cisco || url,doc.emergingthreats.net/2010817 || cve,2010-0569 || url,tools.cisco.com/security/center/viewAlert.x?alertId=19915
        2010818 || ET CURRENT Possible Cisco ASA 5500 Series Adaptive Security Appliance Remote SIP Inspection Device Reload Denial of Service Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Cisco || url,doc.emergingthreats.net/2010818 || cve,2010-0569 || url,tools.cisco.com/security/center/viewAlert.x?alertId=19915
        2010842 || ET WEB_SPECIFIC Joomla com_avosbillets Component id Parameter UPDATE SET SQL Injection Attempt || url,doc.emergingthreats.net/2010842 || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Joomla || bugtraq,37576
        2010843 || ET WEB_SPECIFIC Joomla com_avosbilletsy Component id Parameter SELECT FROM SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Joomla || url,doc.emergingthreats.net/2010843 || bugtraq,37576
        2010844 || ET WEB_SPECIFIC Joomla com_avosbillets Component id Parameter DELETE FROM SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Joomla || url,doc.emergingthreats.net/2010844 || bugtraq,37576
        2010845 || ET WEB_SPECIFIC Joomla com_avosbillets Component id Parameter UNION SELECT SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Joomla || url,doc.emergingthreats.net/2010845 || bugtraq,37576
        2010846 || ET WEB_SPECIFIC Joomla com_avosbillets Component id Parameter INSERT INTO SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Joomla || url,doc.emergingthreats.net/2010846 || bugtraq,37576

     -> Removed from emerging-sid-msg.map.txt (25):
        2003634 || ET WEB_SPECIFIC Suspicious User-Agent - get-minimal - Possible Vuln Scan || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Get-minimal_UA || url,doc.emergingthreats.net/2003634
        2008899 || ET WEB_SPECIFIC Pie RSS module lib parameter remote file inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_PieRSS || url,doc.emergingthreats.net/2008899 || url,milw0rm.com/exploits/7225 || bugtraq,32465
        2009513 || ET WEB_SPECIFIC Possible Rentventory SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Rentventory || url,doc.emergingthreats.net/2009513 || url,www.milw0rm.com/exploits/9081
        2009653 || ET WEB_SPECIFIC SMA-DB format.php _page_css Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_SMADB || url,doc.emergingthreats.net/2009653 || url,milw0rm.com/exploits/8460 || bugtraq,34569
        2009654 || ET WEB_SPECIFIC SMA-DB format.php _page_javascript Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_SMADB || url,doc.emergingthreats.net/2009654 || url,milw0rm.com/exploits/8460 || bugtraq,34569
        2009656 || ET WEB_SPECIFIC SMA-DB format.php _page_content Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_SMADB || url,doc.emergingthreats.net/2009656 || url,milw0rm.com/exploits/8460 || bugtraq,34569
        2010092 || ET WEB_SPECIFIC Webradev Download Protect EmailTemplates.class.php Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_WebRadev || url,doc.emergingthreats.net/2010092 || url,milw0rm.com/exploits/8792
        2010093 || ET WEB_SPECIFIC Webradev Download Protect PDPEmailReplaceConstants.class.php Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_WebRadev || url,doc.emergingthreats.net/2010093 || url,milw0rm.com/exploits/8792
        2010094 || ET WEB_SPECIFIC Webradev Download Protect ResellersManager.class.php Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_WebRadev || url,doc.emergingthreats.net/2010094 || url,milw0rm.com/exploits/8792
        2010095 || ET WEB_SPECIFIC PHPGenealogy CoupleDB.php DataDirectory Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_PHPGenealogy || url,doc.emergingthreats.net/2010095 || url,packetstormsecurity.org/0907-exploits/phpgenealogy-rfi.txt || url,milw0rm.com/exploits/9155
        2010097 || ET WEB_SPECIFIC RaXnet Cacti top_graph_header.php config Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_RaXnet_Cacti || url,doc.emergingthreats.net/2010097 || bugtraq,14030
        2010098 || ET WEB_SPECIFIC Telephone Directory 2008 edit1.php code Parameter SQL Injection || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Telephone_Dir2008 || url,doc.emergingthreats.net/2010098 || url,milw0rm.com/exploits/5764 || url,xforce.iss.net/xforce/xfdb/42972 || bugtraq,29614
        2010099 || ET WEB_SPECIFIC News Manager ch_readalso.php read_xml_include Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_News_Manager || url,doc.emergingthreats.net/2010099 || url,milw0rm.com/exploits/5624 || url,xforce.iss.net/xforce/xfdb/42459 || bugtraq,29251
        2010122 || ET WEB_SPECIFIC NewSolved newsscript.php idneu Parameter SQL Injection || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_NewSolved || url,doc.emergingthreats.net/2010122 || url,milw0rm.com/exploits/9042 || url,secunia.com/advisories/35611/
        2010123 || ET WEB_SPECIFIC NewSolved newsscript.php newsid Parameter SQL Injection || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_NewSolved || url,doc.emergingthreats.net/2010123 || url,milw0rm.com/exploits/9042 || url,secunia.com/advisories/35611/
        2010379 || ET WEB-APPS JBOSS/JMX REMOTE WAR deployment attempt (POST) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Jboss || url,doc.emergingthreats.net/2010379 || url,www.nruns.com/_downloads/Whitepaper-Hacking-jBoss-using-a-Browser.pdf || url,www.notsosecure.com/folder2/2009/10/27/hacking-jboss-with-jmx-console/
        2010380 || ET WEB-APPS JBOSS/JMX REMOTE WAR deployment attempt (GET) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Jboss || url,doc.emergingthreats.net/2010380 || url,www.nruns.com/_downloads/Whitepaper-Hacking-jBoss-using-a-Browser.pdf || url,www.notsosecure.com/folder2/2009/10/27/hacking-jboss-with-jmx-console/
        2010714 || ET WEB_SPECIFIC _APPS Joomla Foobla Suggestions Component idea_id UPDATE SET SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Joomla || url,doc.emergingthreats.net/2010714 || bugtraq,36425
        2010817 || ET CURRENT Possible Cisco ASA 5500 Series Adaptive Security Appliance Remote SIP Inspection Device Reload Denial of Service Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Cisco || url,doc.emergingthreats.net/2010817 || cve,2010-0569 || url,tools.cisco.com/security/center/viewAlert.x?alertId=19915
        2010818 || ET CURRENT Possible Cisco ASA 5500 Series Adaptive Security Appliance Remote SIP Inspection Device Reload Denial of Service Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Cisco || url,doc.emergingthreats.net/2010818 || cve,2010-0569 || url,tools.cisco.com/security/center/viewAlert.x?alertId=19915
        2010842 || ET WEB_SPECIFIC Joomla com_avosbillets Component id Parameter UPDATE SET SQL Injection Attempt || url,doc.emergingthreats.net/2010842 || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Joomla || bugtraq,37576
        2010843 || ET WEB_SPECIFIC Joomla com_avosbilletsy Component id Parameter SELECT FROM SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Joomla || url,doc.emergingthreats.net/2010843 || bugtraq,37576
        2010844 || ET WEB_SPECIFIC Joomla com_avosbillets Component id Parameter DELETE FROM SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Joomla || url,doc.emergingthreats.net/2010844 || bugtraq,37576
        2010845 || ET WEB_SPECIFIC Joomla com_avosbillets Component id Parameter UNION SELECT SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Joomla || url,doc.emergingthreats.net/2010845 || bugtraq,37576
        2010846 || ET WEB_SPECIFIC Joomla com_avosbillets Component id Parameter INSERT INTO SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Joomla || url,doc.emergingthreats.net/2010846 || bugtraq,37576



More information about the Emerging-updates mailing list