[Emerging-updates] Live Commit Output

emerging@emergingthreats.net emerging at emergingthreats.net
Mon Jun 14 17:24:51 EDT 2010


[***] Results from Oinkmaster started Mon Jun 14 17:24:51 2010 [***]

[+++]          Added rules:          [+++]

 2011673 - ET DOS Possible SolarWinds TFTP Server Read Request Denial Of Service Attempt (emerging-dos.rules)
 2011674 - ET DOS SolarWinds TFTP Server Long Write Request Denial Of Service Attempt (emerging-dos.rules)
 2011675 - ET CURRENT_EVENTS Possible NOS Microsystems Adobe Reader/Acrobat getPlus Get_atlcom Helper ActiveX Control Multiple Stack Overflows Remote Code Execution Attempt (emerging-current_events.rules)


[///]     Modified active rules:     [///]

 2001901 - ET TROJAN Possible Bobax trojan infection (emerging-virus.rules)
 2010665 - ET CURRENT_EVENTS Possible NOS Microsystems Adobe Reader/Acrobat getPlus Get_atlcomHelper ActiveX Control Multiple Stack Overflows Remote Code Execution Attempt (emerging-current_events.rules)
 2010834 - ET WEB_CLIENT Windows Defender ActiveX DeleteValue/WriteValue method Heap Overflow Attempt (emerging-web_client.rules)
 2011075 - ET WEB_CLIENT HP Operations Manager SourceView ActiveX LoadFile/SaveFile Method Buffer Overflow Attempt (emerging-web_client.rules)


[---]         Removed rules:         [---]

 2009510 - ET WEB_SERVER Sun Java System Web Server .jsp Source Code Disclosure Attempt (emerging-web_server.rules)
 2010836 - ET WEB_CLIENT Windows Defender ActiveX WriteValue method Heap Overflow Attempt (emerging-web_client.rules)
 2011076 - ET WEB_CLIENT HP Operations Manager SourceView ActiveX SaveFile Method Buffer Overflow Attempt (emerging-web_client.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to emerging-sid-msg.map (6):
        2010665 || ET CURRENT_EVENTS Possible NOS Microsystems Adobe Reader/Acrobat getPlus Get_atlcomHelper ActiveX Control Multiple Stack Overflows Remote Code Execution Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe || url,doc.emergingthreats.net/2010665 || cve,2009-3958 || url,www.exploit-db.com/exploits/11172/ || url,www.adobe.com/support/security/bulletins/apsb10-02.html || url,www.kb.cert.org/vuls/id/773545 || url,www.securityfocus.com/bid/37759
        2010834 || ET WEB_CLIENT Windows Defender ActiveX DeleteValue/WriteValue method Heap Overflow Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_Windows_Defender || url,doc.emergingthreats.net/2010834 || url,www.packetstormsecurity.org/1001-exploits/msdef1-overflow.txt
        2011075 || ET WEB_CLIENT HP Operations Manager SourceView ActiveX LoadFile/SaveFile Method Buffer Overflow Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_HP || url,doc.emergingthreats.net/2011075 || url,secunia.com/advisories/39538/ || url,packetstormsecurity.org/1004-exploits/CORELAN-10-027.txt
        2011673 || ET DOS Possible SolarWinds TFTP Server Read Request Denial Of Service Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/DOS/DOS_Solarwinds || url,doc.emergingthreats.net/2011673 || url,www.exploit-db.com/exploits/12683/
        2011674 || ET DOS SolarWinds TFTP Server Long Write Request Denial Of Service Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/DOS/DOS_Solarwinds || url,doc.emergingthreats.net/2011674 || url,www.exploit-db.com/exploits/13836/
        2011675 || ET CURRENT_EVENTS Possible NOS Microsystems Adobe Reader/Acrobat getPlus Get_atlcom Helper ActiveX Control Multiple Stack Overflows Remote Code Execution Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe || url,doc.emergingthreats.net/2011675 || cve,2009-3958 || url,www.adobe.com/support/security/bulletins/apsb10-02.html || url,www.exploit-db.com/exploits/11172/ || url,www.kb.cert.org/vuls/id/773545 || url,www.securityfocus.com/bid/37759

     -> Added to emerging-sid-msg.map.txt (6):
        2010665 || ET CURRENT_EVENTS Possible NOS Microsystems Adobe Reader/Acrobat getPlus Get_atlcomHelper ActiveX Control Multiple Stack Overflows Remote Code Execution Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe || url,doc.emergingthreats.net/2010665 || cve,2009-3958 || url,www.exploit-db.com/exploits/11172/ || url,www.adobe.com/support/security/bulletins/apsb10-02.html || url,www.kb.cert.org/vuls/id/773545 || url,www.securityfocus.com/bid/37759
        2010834 || ET WEB_CLIENT Windows Defender ActiveX DeleteValue/WriteValue method Heap Overflow Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_Windows_Defender || url,doc.emergingthreats.net/2010834 || url,www.packetstormsecurity.org/1001-exploits/msdef1-overflow.txt
        2011075 || ET WEB_CLIENT HP Operations Manager SourceView ActiveX LoadFile/SaveFile Method Buffer Overflow Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_HP || url,doc.emergingthreats.net/2011075 || url,secunia.com/advisories/39538/ || url,packetstormsecurity.org/1004-exploits/CORELAN-10-027.txt
        2011673 || ET DOS Possible SolarWinds TFTP Server Read Request Denial Of Service Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/DOS/DOS_Solarwinds || url,doc.emergingthreats.net/2011673 || url,www.exploit-db.com/exploits/12683/
        2011674 || ET DOS SolarWinds TFTP Server Long Write Request Denial Of Service Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/DOS/DOS_Solarwinds || url,doc.emergingthreats.net/2011674 || url,www.exploit-db.com/exploits/13836/
        2011675 || ET CURRENT_EVENTS Possible NOS Microsystems Adobe Reader/Acrobat getPlus Get_atlcom Helper ActiveX Control Multiple Stack Overflows Remote Code Execution Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe || url,doc.emergingthreats.net/2011675 || cve,2009-3958 || url,www.adobe.com/support/security/bulletins/apsb10-02.html || url,www.exploit-db.com/exploits/11172/ || url,www.kb.cert.org/vuls/id/773545 || url,www.securityfocus.com/bid/37759

[---]     Removed non-rule lines:    [---]

     -> Removed from emerging-sid-msg.map (6):
        2009510 || ET WEB_SERVER Sun Java System Web Server .jsp Source Code Disclosure Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Java || url,doc.emergingthreats.net/2009510 || url,isowarez.de/SunOne_Webserver.txt || url,www.securitytracker.com/alerts/2009/Jul/1022511.html
        2010665 || ET CURRENT_EVENTS NOS Microsystems Adobe Reader/Acrobat getPlus Helper ActiveX Control Multiple Stack Buffer Overflows CLSID Access Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe || url,doc.emergingthreats.net/2010665 || cve,2009-3958 || url,www.adobe.com/support/security/bulletins/apsb10-02.html || url,www.kb.cert.org/vuls/id/773545 || url,www.securityfocus.com/bid/37759
        2010834 || ET WEB_CLIENT Windows Defender ActiveX DeleteValue method Heap Overflow Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_Windows_Defender || url,doc.emergingthreats.net/2010834 || url,www.packetstormsecurity.org/1001-exploits/msdef1-overflow.txt
        2010836 || ET WEB_CLIENT Windows Defender ActiveX WriteValue method Heap Overflow Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_Windows_Defender || url,doc.emergingthreats.net/2010836 || url,www.packetstormsecurity.org/1001-exploits/msdef2-overflow.txt
        2011075 || ET WEB_CLIENT HP Operations Manager SourceView ActiveX LoadFile Method Buffer Overflow Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_HP || url,doc.emergingthreats.net/2011075 || url,secunia.com/advisories/39538/ || url,packetstormsecurity.org/1004-exploits/CORELAN-10-027.txt
        2011076 || ET WEB_CLIENT HP Operations Manager SourceView ActiveX SaveFile Method Buffer Overflow Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_HP || url,doc.emergingthreats.net/2011076 || url,secunia.com/advisories/39538/ || url,packetstormsecurity.org/1004-exploits/CORELAN-10-027.txt

     -> Removed from emerging-sid-msg.map.txt (6):
        2009510 || ET WEB_SERVER Sun Java System Web Server .jsp Source Code Disclosure Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Java || url,doc.emergingthreats.net/2009510 || url,isowarez.de/SunOne_Webserver.txt || url,www.securitytracker.com/alerts/2009/Jul/1022511.html
        2010665 || ET CURRENT_EVENTS NOS Microsystems Adobe Reader/Acrobat getPlus Helper ActiveX Control Multiple Stack Buffer Overflows CLSID Access Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe || url,doc.emergingthreats.net/2010665 || cve,2009-3958 || url,www.adobe.com/support/security/bulletins/apsb10-02.html || url,www.kb.cert.org/vuls/id/773545 || url,www.securityfocus.com/bid/37759
        2010834 || ET WEB_CLIENT Windows Defender ActiveX DeleteValue method Heap Overflow Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_Windows_Defender || url,doc.emergingthreats.net/2010834 || url,www.packetstormsecurity.org/1001-exploits/msdef1-overflow.txt
        2010836 || ET WEB_CLIENT Windows Defender ActiveX WriteValue method Heap Overflow Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_Windows_Defender || url,doc.emergingthreats.net/2010836 || url,www.packetstormsecurity.org/1001-exploits/msdef2-overflow.txt
        2011075 || ET WEB_CLIENT HP Operations Manager SourceView ActiveX LoadFile Method Buffer Overflow Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_HP || url,doc.emergingthreats.net/2011075 || url,secunia.com/advisories/39538/ || url,packetstormsecurity.org/1004-exploits/CORELAN-10-027.txt
        2011076 || ET WEB_CLIENT HP Operations Manager SourceView ActiveX SaveFile Method Buffer Overflow Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_HP || url,doc.emergingthreats.net/2011076 || url,secunia.com/advisories/39538/ || url,packetstormsecurity.org/1004-exploits/CORELAN-10-027.txt



More information about the Emerging-updates mailing list