[Emerging-updates] Live Commit Output

emerging@emergingthreats.net emerging at emergingthreats.net
Thu Jun 3 14:32:46 EDT 2010


[***] Results from Oinkmaster started Thu Jun  3 14:32:45 2010 [***]

[+++]          Added rules:          [+++]

 2011152 - ET WEB_SPECIFIC_APPS Consona Products n6plugindestructor.asp Cross Site Scripting Attempt (emerging-web_specific_apps.rules)
 2011153 - ET WEB_SPECIFIC_APPS Ektron CMS400.NET reterror.aspx info Parameter Cross Site Scripting Attempt (emerging-web_specific_apps.rules)
 2011154 - ET WEB_SPECIFIC_APPS Ektron CMS400.NET medialist.aspx selectids Parameter Cross Site Scripting Attempt (emerging-web_specific_apps.rules)
 2011155 - ET WEB_SPECIFIC_APPS RJ-iTop Network Vulnerabilities Scan System id SELECT FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011156 - ET WEB_SPECIFIC_APPS RJ-iTop Network Vulnerabilities Scan System id DELETE FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011157 - ET WEB_SPECIFIC_APPS RJ-iTop Network Vulnerabilities Scan System id UNION SELECT SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011158 - ET WEB_SPECIFIC_APPS RJ-iTop Network Vulnerabilities Scan System id INSERT INTO SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011159 - ET WEB_SPECIFIC_APPS RJ-iTop Network Vulnerabilities Scan System id UPDATE SET SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011160 - ET WEB_SERVER Apache Axis2 xsd Parameter Directory Traversal Attempt (emerging-web_server.rules)
 2011161 - ET WEB_SPECIFIC_APPS HotNews hnmain.inc.php3 incdir Parameter Remote File Inclusion Attempt (emerging-web_specific_apps.rules)


[///]     Modified active rules:     [///]

 2002912 - ET EXPLOIT VNC Possible Vulnerable Server Response (emerging-exploit.rules)
 2002913 - ET EXPLOIT VNC Client response (emerging-exploit.rules)
 2002914 - ET EXPLOIT VNC Server VNC Auth Offer (emerging-exploit.rules)
 2002915 - ET EXPLOIT VNC Authentication Reply (emerging-exploit.rules)
 2002918 - ET EXPLOIT VNC Server VNC Auth Offer - No Challenge string (emerging-exploit.rules)
 2002919 - ET EXPLOIT VNC Good Authentication Reply (emerging-exploit.rules)
 2002921 - ET EXPLOIT VNC Multiple Authentication Failures (emerging-exploit.rules)
 2002923 - ET EXPLOIT VNC Server Not Requiring Authentication (case 2) (emerging-exploit.rules)
 2002924 - ET EXPLOIT VNC Server Not Requiring Authentication (emerging-exploit.rules)
 2011149 - ET USER_AGENTS Suspicious User Agent (webcount) (emerging-user_agents.rules)
 2011151 - ET CURRENT_EVENTS UPS Spam Inbound Variant 3 (emerging-current_events.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to emerging-sid-msg.map (21):
        2002912 || ET EXPLOIT VNC Possible Vulnerable Server Response || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002912 || cve,2006-2369 || url,www.realvnc.com/docs/rfbproto.pdf
        2002913 || ET EXPLOIT VNC Client response || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002913 || url,www.realvnc.com/docs/rfbproto.pdf
        2002914 || ET EXPLOIT VNC Server VNC Auth Offer || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002914 || url,www.realvnc.com/docs/rfbproto.pdf
        2002915 || ET EXPLOIT VNC Authentication Reply || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002915 || url,www.realvnc.com/docs/rfbproto.pdf
        2002918 || ET EXPLOIT VNC Server VNC Auth Offer - No Challenge string || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002918 || url,www.realvnc.com/docs/rfbproto.pdf
        2002919 || ET EXPLOIT VNC Good Authentication Reply || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002919 || url,www.realvnc.com/docs/rfbproto.pdf
        2002921 || ET EXPLOIT VNC Multiple Authentication Failures || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002921 || url,www.realvnc.com/docs/rfbproto.pdf
        2002923 || ET EXPLOIT VNC Server Not Requiring Authentication (case 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002923 || cve,2006-2369 || url,www.realvnc.com/docs/rfbproto.pdf
        2002924 || ET EXPLOIT VNC Server Not Requiring Authentication || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002924 || cve,2006-2369 || url,www.realvnc.com/docs/rfbproto.pdf
        2011149 || ET USER_AGENTS Suspicious User Agent (webcount) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/USER_AGENTS/USER_AGENTS_Suspicious || url,doc.emergingthreats.net/2011149
        2011151 || ET CURRENT_EVENTS UPS Spam Inbound Variant 3 || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_DHL || url,doc.emergingthreats.net/2011151
        2011152 || ET WEB_SPECIFIC_APPS Consona Products n6plugindestructor.asp Cross Site Scripting Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Consona || url,doc.emergingthreats.net/2011152 || url,juniper.net/security/auto/vulnerabilities/vuln39999.html || bugtraq,39999
        2011153 || ET WEB_SPECIFIC_APPS Ektron CMS400.NET reterror.aspx info Parameter Cross Site Scripting Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Ektron || url,doc.emergingthreats.net/2011153 || url,secunia.com/advisories/39547/ || bugtraq,39679
        2011154 || ET WEB_SPECIFIC_APPS Ektron CMS400.NET medialist.aspx selectids Parameter Cross Site Scripting Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Ektron || url,doc.emergingthreats.net/2011154 || url,secunia.com/advisories/39547/ || bugtraq,39679
        2011155 || ET WEB_SPECIFIC_APPS RJ-iTop Network Vulnerabilities Scan System id SELECT FROM SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Rj-itop || url,doc.emergingthreats.net/2011155 || url,secunia.com/advisories/39404/
        2011156 || ET WEB_SPECIFIC_APPS RJ-iTop Network Vulnerabilities Scan System id DELETE FROM SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Rj-itop || url,doc.emergingthreats.net/2011156 || url,secunia.com/advisories/39404/
        2011157 || ET WEB_SPECIFIC_APPS RJ-iTop Network Vulnerabilities Scan System id UNION SELECT SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Rj-itop || url,doc.emergingthreats.net/2011157 || url,secunia.com/advisories/39404/
        2011158 || ET WEB_SPECIFIC_APPS RJ-iTop Network Vulnerabilities Scan System id INSERT INTO SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Rj-itop || url,doc.emergingthreats.net/2011158 || url,secunia.com/advisories/39404/
        2011159 || ET WEB_SPECIFIC_APPS RJ-iTop Network Vulnerabilities Scan System id UPDATE SET SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Rj-itop || url,doc.emergingthreats.net/2011159 || url,secunia.com/advisories/39404/
        2011160 || ET WEB_SERVER Apache Axis2 xsd Parameter Directory Traversal Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Axis2 || url,doc.emergingthreats.net/2011160 || bugtraq,40343
        2011161 || ET WEB_SPECIFIC_APPS HotNews hnmain.inc.php3 incdir Parameter Remote File Inclusion Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_HotNews || url,doc.emergingthreats.net/2011161 || url,exploit-db.com/exploits/12160 || url,inj3ct0r.com/exploits/11731

     -> Added to emerging-sid-msg.map.txt (21):
        2002912 || ET EXPLOIT VNC Possible Vulnerable Server Response || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002912 || cve,2006-2369 || url,www.realvnc.com/docs/rfbproto.pdf
        2002913 || ET EXPLOIT VNC Client response || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002913 || url,www.realvnc.com/docs/rfbproto.pdf
        2002914 || ET EXPLOIT VNC Server VNC Auth Offer || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002914 || url,www.realvnc.com/docs/rfbproto.pdf
        2002915 || ET EXPLOIT VNC Authentication Reply || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002915 || url,www.realvnc.com/docs/rfbproto.pdf
        2002918 || ET EXPLOIT VNC Server VNC Auth Offer - No Challenge string || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002918 || url,www.realvnc.com/docs/rfbproto.pdf
        2002919 || ET EXPLOIT VNC Good Authentication Reply || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002919 || url,www.realvnc.com/docs/rfbproto.pdf
        2002921 || ET EXPLOIT VNC Multiple Authentication Failures || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002921 || url,www.realvnc.com/docs/rfbproto.pdf
        2002923 || ET EXPLOIT VNC Server Not Requiring Authentication (case 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002923 || cve,2006-2369 || url,www.realvnc.com/docs/rfbproto.pdf
        2002924 || ET EXPLOIT VNC Server Not Requiring Authentication || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002924 || cve,2006-2369 || url,www.realvnc.com/docs/rfbproto.pdf
        2011149 || ET USER_AGENTS Suspicious User Agent (webcount) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/USER_AGENTS/USER_AGENTS_Suspicious || url,doc.emergingthreats.net/2011149
        2011151 || ET CURRENT_EVENTS UPS Spam Inbound Variant 3 || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_DHL || url,doc.emergingthreats.net/2011151
        2011152 || ET WEB_SPECIFIC_APPS Consona Products n6plugindestructor.asp Cross Site Scripting Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Consona || url,doc.emergingthreats.net/2011152 || url,juniper.net/security/auto/vulnerabilities/vuln39999.html || bugtraq,39999
        2011153 || ET WEB_SPECIFIC_APPS Ektron CMS400.NET reterror.aspx info Parameter Cross Site Scripting Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Ektron || url,doc.emergingthreats.net/2011153 || url,secunia.com/advisories/39547/ || bugtraq,39679
        2011154 || ET WEB_SPECIFIC_APPS Ektron CMS400.NET medialist.aspx selectids Parameter Cross Site Scripting Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Ektron || url,doc.emergingthreats.net/2011154 || url,secunia.com/advisories/39547/ || bugtraq,39679
        2011155 || ET WEB_SPECIFIC_APPS RJ-iTop Network Vulnerabilities Scan System id SELECT FROM SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Rj-itop || url,doc.emergingthreats.net/2011155 || url,secunia.com/advisories/39404/
        2011156 || ET WEB_SPECIFIC_APPS RJ-iTop Network Vulnerabilities Scan System id DELETE FROM SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Rj-itop || url,doc.emergingthreats.net/2011156 || url,secunia.com/advisories/39404/
        2011157 || ET WEB_SPECIFIC_APPS RJ-iTop Network Vulnerabilities Scan System id UNION SELECT SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Rj-itop || url,doc.emergingthreats.net/2011157 || url,secunia.com/advisories/39404/
        2011158 || ET WEB_SPECIFIC_APPS RJ-iTop Network Vulnerabilities Scan System id INSERT INTO SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Rj-itop || url,doc.emergingthreats.net/2011158 || url,secunia.com/advisories/39404/
        2011159 || ET WEB_SPECIFIC_APPS RJ-iTop Network Vulnerabilities Scan System id UPDATE SET SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Rj-itop || url,doc.emergingthreats.net/2011159 || url,secunia.com/advisories/39404/
        2011160 || ET WEB_SERVER Apache Axis2 xsd Parameter Directory Traversal Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Axis2 || url,doc.emergingthreats.net/2011160 || bugtraq,40343
        2011161 || ET WEB_SPECIFIC_APPS HotNews hnmain.inc.php3 incdir Parameter Remote File Inclusion Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_HotNews || url,doc.emergingthreats.net/2011161 || url,exploit-db.com/exploits/12160 || url,inj3ct0r.com/exploits/11731

     -> Added to emerging-web_server.rules (1):
        #by stillsecure

[---]     Removed non-rule lines:    [---]

     -> Removed from emerging-sid-msg.map (11):
        2002912 || ET EXPLOIT VNC Possible Vulnerable Server Response || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002912 || cve,2006-2369 || url,www.cl.cam.ac.uk/Research/DTG/attarchive/vnc/rfbproto.pdf
        2002913 || ET EXPLOIT VNC Client response || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002913 || url,www.cl.cam.ac.uk/Research/DTG/attarchive/vnc/rfbproto.pdf
        2002914 || ET EXPLOIT VNC Server VNC Auth Offer || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002914 || url,www.cl.cam.ac.uk/Research/DTG/attarchive/vnc/rfbproto.pdf
        2002915 || ET EXPLOIT VNC Authentication Reply || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002915 || url,www.cl.cam.ac.uk/Research/DTG/attarchive/vnc/rfbproto.pdf
        2002918 || ET EXPLOIT VNC Server VNC Auth Offer - No Challenge string || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002918 || url,www.cl.cam.ac.uk/Research/DTG/attarchive/vnc/rfbproto.pdf
        2002919 || ET EXPLOIT VNC Good Authentication Reply || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002919 || url,www.cl.cam.ac.uk/Research/DTG/attarchive/vnc/rfbproto.pdf
        2002921 || ET EXPLOIT VNC Multiple Authentication Failures || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002921 || url,www.cl.cam.ac.uk/Research/DTG/attarchive/vnc/rfbproto.pdf
        2002923 || ET EXPLOIT VNC Server Not Requiring Authentication (case 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002923 || cve,2006-2369 || url,www.cl.cam.ac.uk/Research/DTG/attarchive/vnc/rfbproto.pdf
        2002924 || ET EXPLOIT VNC Server Not Requiring Authentication || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002924 || cve,2006-2369 || url,www.cl.cam.ac.uk/Research/DTG/attarchive/vnc/rfbproto.pdf
        2011149 || ET USER_AGENTS Suspicious User Agent (webcount)
        2011151 || ET CURRENT_EVENTS UPS Spam Inbound Variant 3

     -> Removed from emerging-sid-msg.map.txt (11):
        2002912 || ET EXPLOIT VNC Possible Vulnerable Server Response || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002912 || cve,2006-2369 || url,www.cl.cam.ac.uk/Research/DTG/attarchive/vnc/rfbproto.pdf
        2002913 || ET EXPLOIT VNC Client response || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002913 || url,www.cl.cam.ac.uk/Research/DTG/attarchive/vnc/rfbproto.pdf
        2002914 || ET EXPLOIT VNC Server VNC Auth Offer || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002914 || url,www.cl.cam.ac.uk/Research/DTG/attarchive/vnc/rfbproto.pdf
        2002915 || ET EXPLOIT VNC Authentication Reply || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002915 || url,www.cl.cam.ac.uk/Research/DTG/attarchive/vnc/rfbproto.pdf
        2002918 || ET EXPLOIT VNC Server VNC Auth Offer - No Challenge string || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002918 || url,www.cl.cam.ac.uk/Research/DTG/attarchive/vnc/rfbproto.pdf
        2002919 || ET EXPLOIT VNC Good Authentication Reply || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002919 || url,www.cl.cam.ac.uk/Research/DTG/attarchive/vnc/rfbproto.pdf
        2002921 || ET EXPLOIT VNC Multiple Authentication Failures || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002921 || url,www.cl.cam.ac.uk/Research/DTG/attarchive/vnc/rfbproto.pdf
        2002923 || ET EXPLOIT VNC Server Not Requiring Authentication (case 2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002923 || cve,2006-2369 || url,www.cl.cam.ac.uk/Research/DTG/attarchive/vnc/rfbproto.pdf
        2002924 || ET EXPLOIT VNC Server Not Requiring Authentication || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC || url,doc.emergingthreats.net/bin/view/Main/2002924 || cve,2006-2369 || url,www.cl.cam.ac.uk/Research/DTG/attarchive/vnc/rfbproto.pdf
        2011149 || ET USER_AGENTS Suspicious User Agent (webcount)
        2011151 || ET CURRENT_EVENTS UPS Spam Inbound Variant 3



More information about the Emerging-updates mailing list