[Emerging-updates] Live Commit Output

emerging@emergingthreats.net emerging at emergingthreats.net
Mon Jun 14 14:32:49 EDT 2010


[***] Results from Oinkmaster started Mon Jun 14 14:32:49 2010 [***]

[///]     Modified active rules:     [///]

 2011173 - ET CURRENT_EVENTS Windows Help Center Arbitrary Command Execution Exploit Attempt (emerging-current_events.rules)
 2011669 - ET EXPLOIT Linksys WAP54G debug.cgi Shell Access as Gemtek (emerging-exploit.rules)
 2011670 - ET CURRENT_EVENTS Fake AV Related CSS Download (emerging-current_events.rules)
 2011671 - ET WEB_SERVER Litespeed Null Byte Source Code Disclosure Attempt (emerging-web_server.rules)
 2011672 - ET CURRENT_EVENTS Adobe Flash 0Day Exploit Attempt (emerging-current_events.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to emerging-sid-msg.map (5):
        2011173 || ET CURRENT_EVENTS Windows Help Center Arbitrary Command Execution Exploit Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_WinHelp || url,doc.emergingthreats.net/2011173 || url,www.exploit-db.com/exploits/13808/
        2011669 || ET EXPLOIT Linksys WAP54G debug.cgi Shell Access as Gemtek || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Linksys || url,doc.emergingthreats.net/2011669 || url,seclists.org/fulldisclosure/2010/Jun/176
        2011670 || ET CURRENT_EVENTS Fake AV Related CSS Download || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Nod32 || url,doc.emergingthreats.net/2011670
        2011671 || ET WEB_SERVER Litespeed Null Byte Source Code Disclosure Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_LightSpeed || url,doc.emergingthreats.net/2011671 || url,www.exploit-db.com/exploits/13850/
        2011672 || ET CURRENT_EVENTS Adobe Flash 0Day Exploit Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe || url,doc.emergingthreats.net/2011672 || url,www.exploit-db.com/exploits/13787/

     -> Added to emerging-sid-msg.map.txt (5):
        2011173 || ET CURRENT_EVENTS Windows Help Center Arbitrary Command Execution Exploit Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_WinHelp || url,doc.emergingthreats.net/2011173 || url,www.exploit-db.com/exploits/13808/
        2011669 || ET EXPLOIT Linksys WAP54G debug.cgi Shell Access as Gemtek || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Linksys || url,doc.emergingthreats.net/2011669 || url,seclists.org/fulldisclosure/2010/Jun/176
        2011670 || ET CURRENT_EVENTS Fake AV Related CSS Download || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Nod32 || url,doc.emergingthreats.net/2011670
        2011671 || ET WEB_SERVER Litespeed Null Byte Source Code Disclosure Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_LightSpeed || url,doc.emergingthreats.net/2011671 || url,www.exploit-db.com/exploits/13850/
        2011672 || ET CURRENT_EVENTS Adobe Flash 0Day Exploit Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe || url,doc.emergingthreats.net/2011672 || url,www.exploit-db.com/exploits/13787/

[---]     Removed non-rule lines:    [---]

     -> Removed from emerging-sid-msg.map (5):
        2011173 || ET CUERRENT_EVENTS Windows Help Center Arbitrary Command Execution Exploit Attempt || url,www.exploit-db.com/exploits/13808/
        2011669 || ET EXPLOIT Linksys WAP54G debug.cgi Shell Access as Gemtek || url,seclists.org/fulldisclosure/2010/Jun/176
        2011670 || ET CURRENT_EVENTS Fake AV Related CSS Download
        2011671 || ET WEB_SERVER Litespeed Null Byte Source Code Disclosure Attempt || url,www.exploit-db.com/exploits/13850/
        2011672 || ET CURRENT_EVENTS Adobe Flash 0Day Exploit Attempt || url,www.exploit-db.com/exploits/13787/

     -> Removed from emerging-sid-msg.map.txt (5):
        2011173 || ET CUERRENT_EVENTS Windows Help Center Arbitrary Command Execution Exploit Attempt || url,www.exploit-db.com/exploits/13808/
        2011669 || ET EXPLOIT Linksys WAP54G debug.cgi Shell Access as Gemtek || url,seclists.org/fulldisclosure/2010/Jun/176
        2011670 || ET CURRENT_EVENTS Fake AV Related CSS Download
        2011671 || ET WEB_SERVER Litespeed Null Byte Source Code Disclosure Attempt || url,www.exploit-db.com/exploits/13850/
        2011672 || ET CURRENT_EVENTS Adobe Flash 0Day Exploit Attempt || url,www.exploit-db.com/exploits/13787/



More information about the Emerging-updates mailing list