[Emerging-Sigs] Emerging Threats Daily Signature Changes

emerging@emergingthreats.net emerging at emergingthreats.net
Tue Jun 29 16:00:12 EDT 2010


[***] Results from Oinkmaster started Tue Jun 29 16:00:12 2010 [***]

[+++]          Added rules:          [+++]

 2011695 - ET WEB_CLIENT Possible Microsoft Internet Explorer Dynamic Object Tag/URLMON Sniffing Cross Domain Information Disclosure Attempt (emerging-web_client.rules)
 2011696 - ET WEB_SPECIFIC_APPS Possible JBoss JMX Console Beanshell Deployer WAR Upload and Deployment Exploit Attempt (emerging-web_specific_apps.rules)
 2011697 - ET WEB_SPECIFIC_APPS JBoss JMX Console Beanshell Deployer .WAR File Upload and Deployment Cross Site Request Forgery Attempt (emerging-web_specific_apps.rules)
 2011698 - ET CURRENT_EVENTS Java Web Start Command Injection (.jar) (emerging-current_events.rules)
 2011699 - ET P2P Bittorrent P2P Client User-Agent (Transmission/1.x) (emerging-p2p.rules)
 2011700 - ET P2P Bittorrent P2P Client User-Agent (KTorrent/3.x.x) (emerging-p2p.rules)
 2011701 - ET P2P Bittorrent P2P Client User-Agent (Opera/10.x) (emerging-p2p.rules)
 2011702 - ET P2P Bittorrent P2P Client User-Agent (BitTornado) (emerging-p2p.rules)
 2011703 - ET P2P Bittorrent P2P Client User-Agent (Enhanced CTorrent 3.x) (emerging-p2p.rules)
 2011704 - ET P2P Bittorrent P2P Client User-Agent (Deluge 1.x.x) (emerging-p2p.rules)
 2011705 - ET P2P Bittorrent P2P Client User-Agent (rTorrent) (emerging-p2p.rules)
 2011706 - ET P2P Bittorrent P2P Client User-Agent (uTorrent) (emerging-p2p.rules)
 2011707 - ET P2P Client User-Agent (Shareaza 2.x) (emerging-p2p.rules)
 2011708 - ET P2P Bittorrent P2P Client User-Agent (Blizzard Downloader 2.x) (emerging-p2p.rules)
 2011710 - ET P2P Bittorrent P2P Client User-Agent (BitComet) (emerging-p2p.rules)
 2011711 - ET P2P Bittorrent P2P Client User-Agent (KTorrent 2.x) (emerging-p2p.rules)
 2011712 - ET P2P Bittorrent P2P Client User-Agent (FDM 3.x) (emerging-p2p.rules)
 2011713 - ET P2P Bittorrent P2P Client User-Agent (BTSP) (emerging-p2p.rules)
 2011714 - ET CURRENT_EVENTS Hidden iframe Served by nginx - Likely Hostile Code (emerging-current_events.rules)
 2011715 - ET CURRENT_EVENTS MALVERTISING Adobe Exploited Check-In (emerging-current_events.rules)
 2011716 - ET SCAN Sipvicious User-Agent Detected (friendly-scanner) (emerging-scan.rules)
 2011717 - ET SCAN Sipvicious Svmap or Svlearnfp Scan Detected (emerging-scan.rules)
 2011718 - ET USER_AGENTS Suspicious User-Agent (RangeCheck/0.1) (emerging-user_agents.rules)
 2011719 - ET USER_AGENTS Suspicious User-Agent (SOGOU_UPDATER) (emerging-user_agents.rules)
 2011720 - ET SCAN Possible WafWoof Web Application Firewall Detection Scan (emerging-scan.rules)
 2011721 - ET SCAN Possible Fast-Track Tool Spidering User-Agent Detected (emerging-scan.rules)
 2011722 - ET WEB_SPECIFIC_APPS Axis Media Controller ActiveX SetImage Method Remote Code Execution Attempt (emerging-web_specific_apps.rules)
 2011723 - ET WEB_SPECIFIC_APPS Webmoney Advisor ActiveX Redirect Method Remote DoS Attempt (emerging-web_specific_apps.rules)
 2011724 - ET WEB_SPECIFIC_APPS Webmoney Advisor ActiveX Control DoS Function Call (emerging-web_specific_apps.rules)
 2011725 - ET WEB_SPECIFIC_APPS EZPX photoblog tpl_base_dir Parameter Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011726 - ET WEB_SPECIFIC_APPS SchoolMation studentmain.php session Parameter SELECT FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011727 - ET WEB_SPECIFIC_APPS SchoolMation studentmain.php session Parameter DELETE FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011728 - ET WEB_SPECIFIC_APPS SchoolMation studentmain.php session Parameter UNION SELECT SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011729 - ET WEB_SPECIFIC_APPS SchoolMation studentmain.php session Parameter INSERT INTO SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011730 - ET WEB_SPECIFIC_APPS SchoolMation studentmain.php session Parameter UPDATE SET SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011731 - ET WEB_SPECIFIC_APPS SchoolMation studentmain.php session Parameter Cross Site Scripting Attempt (emerging-web_specific_apps.rules)
 2011732 - ET DOS Possible VNC ClientCutText Message Denial of Service/Memory Corruption Attempt (emerging-dos.rules)


[///]     Modified active rules:     [///]

 2000015 - ET P2P Phatbot Control Connection (emerging-p2p.rules)
 2000026 - ET USER_AGENTS Gator Agent Traffic (emerging-user_agents.rules)
 2000040 - ET WORM Sasser FTP Traffic (emerging-virus.rules)
 2000306 - ET MALWARE Virtumonde Spyware siae3123.exe GET (emerging-malware.rules)
 2000307 - ET MALWARE Virtumonde Spyware siae3123.exe GET (8081) (emerging-malware.rules)
 2000308 - ET MALWARE Virtumonde Spyware Information Post (emerging-malware.rules)
 2000309 - ET POLICY GotoMyPC Polling Client (emerging-policy.rules)
 2000328 - ET POLICY Outbound Multiple Non-SMTP Server Emails (emerging-policy.rules)
 2000334 - ET P2P BitTorrent peer sync (emerging-p2p.rules)
 2000335 - ET P2P Overnet (Edonkey) Server Announce (emerging-p2p.rules)
 2000336 - ET MALWARE Yesadvertising Banking Spyware RETRIEVE (emerging-malware.rules)
 2000337 - ET MALWARE Yesadvertising Banking Spyware INFORMATION SUBMIT (emerging-malware.rules)
 2000338 - ET P2P iroffer IRC Bot help message (emerging-p2p.rules)
 2000339 - ET P2P iroffer IRC Bot offered files advertisement (emerging-p2p.rules)
 2000355 - ET POLICY IRC authorization message (emerging-policy.rules)
 2000356 - ET POLICY IRC connection (emerging-policy.rules)
 2000357 - ET P2P BitTorrent Traffic (emerging-p2p.rules)
 2000369 - ET P2P BitTorrent Announce (emerging-p2p.rules)
 2000419 - ET POLICY PE EXE or DLL Windows file download (emerging-policy.rules)
 2000559 - ET WEB_SERVER THCIISLame IIS SSL Exploit Attempt (emerging-web_server.rules)
 2000562 - ET VIRUS OUTBOUND Suspicious Email Attachment (emerging-virus.rules)
 2000569 - ET POLICY KitCo Kcast Ticker (agtray) (emerging-policy.rules)
 2000570 - ET POLICY KitCo Kcast Ticker (autray) (emerging-policy.rules)
 2000571 - ET POLICY AOL Webmail Message Send (emerging-policy.rules)
 2000572 - ET POLICY AOL Webmail Login (emerging-policy.rules)
 2000575 - ET SCAN ICMP PING IPTools (emerging-scan.rules)
 2000586 - ET USER_AGENTS Ezula Related Calling Home (emerging-user_agents.rules)
 2000588 - ET MALWARE TopMoxie Reporting Data to External Host (emerging-malware.rules)
 2000589 - ET MALWARE TopMoxie Retrieving Data (downloads) (emerging-malware.rules)
 2000590 - ET MALWARE TopMoxie Retrieving Data (common) (emerging-malware.rules)
 2000908 - ET MALWARE WhenUClick.com App and Search Bar Install (1) (emerging-malware.rules)
 2000909 - ET MALWARE WhenUClick.com App and Search Bar Install (2) (emerging-malware.rules)
 2000910 - ET MALWARE WhenUClick.com Clock Sync App Checkin (emerging-malware.rules)
 2000911 - ET MALWARE WhenUClick.com Weather App Checkin (emerging-malware.rules)
 2000912 - ET MALWARE WhenUClick.com Clock Sync App Checkin (1) (emerging-malware.rules)
 2000913 - ET MALWARE WhenUClick.com Clock Sync App Checkin (2) (emerging-malware.rules)
 2000914 - ET MALWARE WhenUClick.com Weather App Checkin (1) (emerging-malware.rules)
 2000915 - ET MALWARE WhenUClick.com Weather App Checkin (2) (emerging-malware.rules)
 2000916 - ET MALWARE WhenUClick.com WhenUSave App Checkin (emerging-malware.rules)
 2000917 - ET MALWARE WhenUClick.com WhenUSave Data Retrieval (offersdata) (emerging-malware.rules)
 2000918 - ET MALWARE WhenUClick.com Desktop Bar Install (emerging-malware.rules)
 2000919 - ET MALWARE WhenUClick.com WhenUSave Data Retrieval (Searchdb) (emerging-malware.rules)
 2001035 - ET P2P Morpheus Install (emerging-p2p.rules)
 2001036 - ET P2P Morpheus Install ini Download (emerging-p2p.rules)
 2001037 - ET P2P Morpheus Update Request (emerging-p2p.rules)
 2001044 - ET Yahoo Briefcase Upload (emerging-policy.rules)
 2001046 - ET WORM UPX compressed file download - possible worm (emerging-virus.rules)
 2001047 - ET WORM UPX encrypted file download - possible worm (emerging-virus.rules)
 2001055 - ET MISC HP Web JetAdmin ExecuteFile admin access (emerging-policy.rules)
 2001056 - ET WORM W32/Sasser.worm.b (emerging-virus.rules)
 2001057 - ET WORM W32/Sasser.worm.a (emerging-virus.rules)
 2001066 - ET TROJAN IE Ilookup Trojan (emerging-virus.rules)
 2001181 - ET WEB_CLIENT Internet Explorer Plugin.ocx Heap Overflow (emerging-web_client.rules)
 2001182 - ET WEB_CLIENT IE trojan Ants3set 1.exe - process injection (emerging-web_client.rules)
 2001185 - ET P2P Soulseek traffic (1) (emerging-p2p.rules)
 2001186 - ET P2P Soulseek traffic (2) (emerging-p2p.rules)
 2001187 - ET P2P Soulseek Filesearch Results (emerging-p2p.rules)
 2001188 - ET P2P Soulseek (emerging-p2p.rules)
 2001197 - ET WEB_SPECIFIC_APPS PHPNuke SQL injection attempt (emerging-web_specific_apps.rules)
 2001202 - ET WEB_SPECIFIC_APPS PHPNuke general SQL injection attempt (emerging-web_specific_apps.rules)
 2001218 - ET WEB_SPECIFIC_APPS PHPNuke general XSS attempt (emerging-web_specific_apps.rules)
 2001219 - ET SCAN Potential SSH Scan (emerging-scan.rules)
 2001233 - ET WORM Possible CIA Trojan download/upload attempt (emerging-virus.rules)
 2001235 - ET MALWARE Weatherbug (emerging-malware.rules)
 2001238 - ET WEB_SPECIFIC_APPS Possible Xedus Webserver Directory Traversal Attempt (emerging-web_specific_apps.rules)
 2001239 - ET POLICY Cisco Device in Config Mode (emerging-policy.rules)
 2001240 - ET POLICY Cisco Device New Config Built (emerging-policy.rules)
 2001241 - ET CHAT MSN file transfer request (emerging-policy.rules)
 2001242 - ET CHAT MSN file transfer accept (emerging-policy.rules)
 2001243 - ET CHAT MSN file transfer reject (emerging-policy.rules)
 2001253 - ET CHAT Yahoo IM successful logon (emerging-policy.rules)
 2001254 - ET CHAT Yahoo IM voicechat (emerging-policy.rules)
 2001256 - ET CHAT Yahoo IM conference invitation (emerging-policy.rules)
 2001257 - ET CHAT Yahoo IM conference logon success (emerging-policy.rules)
 2001258 - ET CHAT Yahoo IM conference message (emerging-policy.rules)
 2001259 - ET CHAT Yahoo IM file transfer request (emerging-policy.rules)
 2001261 - ET CHAT Yahoo IM successful chat join (emerging-policy.rules)
 2001262 - ET CHAT Yahoo IM conference offer invitation (emerging-policy.rules)
 2001263 - ET CHAT Yahoo IM conference request (emerging-policy.rules)
 2001269 - ET WORM Beagle User Agent Detected (emerging-virus.rules)
 2001294 - ET POLICY Dameware Remote Control Service Install (emerging-policy.rules)
 2001295 - ET USER_AGENTS Browseraid.com Agent (emerging-user_agents.rules)
 2001307 - ET MALWARE Wild Tangent Agent Installation (emerging-malware.rules)
 2001309 - ET MALWARE Wild Tangent Agent Checking In (emerging-malware.rules)
 2001310 - ET MALWARE Wild Tangent Agent Traffic (emerging-malware.rules)
 2001313 - ET MALWARE Traffic Syndicate Add/Remove (emerging-malware.rules)
 2001314 - ET MALWARE Wild Tangent Agent (emerging-malware.rules)
 2001315 - ET MALWARE Traffic Syndicate Agent Updating (1) (emerging-malware.rules)
 2001316 - ET MALWARE Traffic Syndicate Agent Updating (2) (emerging-malware.rules)
 2001317 - ET MALWARE Webhancer Data Upload (emerging-malware.rules)
 2001322 - ET MALWARE Wild Tangent New Install (emerging-malware.rules)
 2001325 - ET MALWARE Websearch.com Spyware (emerging-malware.rules)
 2001329 - ET POLICY RDP connection request (emerging-policy.rules)
 2001330 - ET POLICY RDP connection confirm (emerging-policy.rules)
 2001331 - ET POLICY RDP disconnect request (emerging-policy.rules)
 2001334 - ET MALWARE Ezula (emerging-malware.rules)
 2001335 - ET MALWARE Ezula Installer Download (emerging-malware.rules)
 2001337 - ET WORM Korgo.P offering executable (emerging-virus.rules)
 2001338 - ET WORM Korgo.P binary upload (emerging-virus.rules)
 2001342 - ET WEB_SERVER IIS ASP.net Auth Bypass / Canonicalization (emerging-web_server.rules)
 2001343 - ET WEB_SERVER IIS ASP.net Auth Bypass / Canonicalization % 5 C (emerging-web_server.rules)
 2001365 - ET WEB_SERVER Alternate Data Stream source view attempt (emerging-web_server.rules)
 2001406 - ET POLICY Possible hidden zip extension .cpl (emerging-policy.rules)
 2001407 - ET POLICY Possible hidden zip extension .pif (emerging-policy.rules)
 2001408 - ET POLICY Possible hidden zip extension .scr (emerging-policy.rules)
 2001424 - ET POLICY Gmail Inbox Access (emerging-policy.rules)
 2001425 - ET POLICY Gmail File Send (emerging-policy.rules)
 2001426 - ET POLICY Gmail Message Send (emerging-policy.rules)
 2001427 - ET CHAT Yahoo IM Unavailable Status (emerging-policy.rules)
 2001430 - ET WORM Bofra Victim Accessing Reactor Page (emerging-virus.rules)
 2001443 - ET MALWARE WhenUClick.com Desktop Bar App Checkin (emerging-malware.rules)
 2001461 - ET MALWARE Xpire.info Multiple Spyware Installs (1) (emerging-malware.rules)
 2001462 - ET MALWARE Xpire.info Multiple Spyware Installs Occuring (emerging-malware.rules)
 2001463 - ET MALWARE Xpire.info Multiple Spyware Installs (2) (emerging-malware.rules)
 2001464 - ET MALWARE Xpire.info Multiple Spyware Installs (3) (emerging-malware.rules)
 2001466 - ET MALWARE Xpire.info Multiple Spyware Installs (4) (emerging-malware.rules)
 2001467 - ET MALWARE Xpire.info Multiple Spyware Installs (5) (emerging-malware.rules)
 2001468 - ET MALWARE Xpire.info Multiple Spyware Installs CHM Exploit (emerging-malware.rules)
 2001469 - ET MALWARE Xpire.info Multiple Spyware Installs (6) (emerging-malware.rules)
 2001470 - ET MALWARE Xpire.info Multiple Spyware Installs (7) (emerging-malware.rules)
 2001471 - ET MALWARE Xpire.info Spyware Exploit (emerging-malware.rules)
 2001472 - ET MALWARE Xpire.info Spyware Install Reporting (emerging-malware.rules)
 2001491 - ET MALWARE Xpire.info Install Code Download (emerging-malware.rules)
 2001492 - ET USER_AGENTS ISearchTech.com XXXPornToolbar Activity (MyApp) (emerging-user_agents.rules)
 2001493 - ET USER_AGENTS ISearchTech.com XXXPornToolbar Activity (IST) (emerging-user_agents.rules)
 2001498 - ET USER_AGENTS Internet Optimizer Activity (emerging-user_agents.rules)
 2001517 - ET MALWARE Websearch.com Outbound Dialer Retrieval (emerging-malware.rules)
 2001520 - ET MALWARE Spywaremover Activity (emerging-malware.rules)
 2001525 - ET MALWARE Virtumonde Spyware Code Download mmdom.exe (emerging-malware.rules)
 2001526 - ET MALWARE Virtumonde Spyware Code Download bkinst.exe (emerging-malware.rules)
 2001541 - ET MALWARE Xpire.info Install Report (emerging-malware.rules)
 2001547 - ET VIRUS Sobig.E-F Trojan Site Download Request (emerging-virus.rules)
 2001548 - ET WORM Sasser FTP exploit attempt (emerging-virus.rules)
 2001553 - ET SCAN Possible SSL Brute Force attack or Site Crawl (emerging-scan.rules)
 2001562 - ET USER_AGENTS MarketScore.com Spyware User Configuration and Setup Access (emerging-user_agents.rules)
 2001569 - ET SCAN Behavioral Unusual Port 445 traffic, Potential Scan or Infection (emerging-scan.rules)
 2001579 - ET SCAN Behavioral Unusual Port 139 traffic, Potential Scan or Infection (emerging-scan.rules)
 2001580 - ET SCAN Behavioral Unusual Port 137 traffic, Potential Scan or Infection (emerging-scan.rules)
 2001581 - ET SCAN Behavioral Unusual Port 135 traffic, Potential Scan or Infection (emerging-scan.rules)
 2001582 - ET SCAN Behavioral Unusual Port 1434 traffic, Potential Scan or Infection (emerging-scan.rules)
 2001583 - ET SCAN Behavioral Unusual Port 1433 traffic, Potential Scan or Infection (emerging-scan.rules)
 2001595 - ET POLICY Skype VOIP Checking Version (Startup) (emerging-policy.rules)
 2001596 - ET POLICY Skype VOIP Reporting Install (emerging-policy.rules)
 2001597 - ET POLICY Netop Remote Control Usage (emerging-policy.rules)
 2001609 - ET SCAN F5 BIG-IP 3DNS TCP Probe 1 (emerging-scan.rules)
 2001610 - ET SCAN F5 BIG-IP 3DNS TCP Probe 2 (emerging-scan.rules)
 2001611 - ET SCAN F5 BIG-IP 3DNS TCP Probe 3 (emerging-scan.rules)
 2001622 - ET WEB_CLIENT ACTIVEX winhlp32 ActiveX control attack, phase 1 (emerging-web_client.rules)
 2001623 - ET WEB_CLIENT ACTIVEX winhlp32 ActiveX control attack, phase 2 (emerging-web_client.rules)
 2001624 - ET WEB_CLIENT ACTIVEX winhlp32 ActiveX control attack, phase 3 (emerging-web_client.rules)
 2001639 - ET USER_AGENTS Wild Tangent Agent Activity (emerging-user_agents.rules)
 2001640 - ET USER_AGENTS Altnet PeerPoints Manager Traffic (emerging-user_agents.rules)
 2001646 - ET MALWARE Toprebates.com Install (1) (emerging-malware.rules)
 2001647 - ET MALWARE Toprebates.com Install (2) (emerging-malware.rules)
 2001648 - ET MALWARE Toprebates.com User Confirming Membership (emerging-malware.rules)
 2001652 - ET USER_AGENTS JoltID Agent New Code Download (emerging-user_agents.rules)
 2001664 - ET P2P Gnutella Connect (emerging-p2p.rules)
 2001669 - ET POLICY Proxy GET Request (emerging-policy.rules)
 2001670 - ET POLICY Proxy HEAD Request (emerging-policy.rules)
 2001674 - ET POLICY Proxy POST Request (emerging-policy.rules)
 2001675 - ET POLICY Proxy CONNECT Request (emerging-policy.rules)
 2001677 - ET MALWARE Webhancer Data Post (emerging-malware.rules)
 2001678 - ET MALWARE Webhancer Agent Activity (emerging-malware.rules)
 2001682 - ET POLICY MSN IM Poll via HTTP (emerging-policy.rules)
 2001686 - ET WEB_SPECIFIC_APPS Awstats Remote Code Execution Attempt (emerging-web_specific_apps.rules)
 2001689 - ET WORM Potential MySQL bot scanning for SQL server (emerging-virus.rules)
 2001698 - ET MALWARE YourSiteBar Data Submision (emerging-malware.rules)
 2001699 - ET USER_AGENTS YourSiteBar Activity (emerging-user_agents.rules)
 2001700 - ET MALWARE Windupdates.com Spyware Install (emerging-malware.rules)
 2001701 - ET MALWARE Windupdates.com Spyware Loggin Data (emerging-malware.rules)
 2001702 - ET USER_AGENTS Shop at Home Select Spyware Activity (Bundle) (emerging-user_agents.rules)
 2001703 - ET USER_AGENTS Context Plus Spyware Activity (1) (emerging-user_agents.rules)
 2001706 - ET USER_AGENTS Context Plus Spyware Activity (2) (emerging-user_agents.rules)
 2001707 - ET USER_AGENTS Shop at Home Select Spyware Activity (SAH) (emerging-user_agents.rules)
 2001712 - ET POLICY MyWebEx Server Traffic (emerging-policy.rules)
 2001713 - ET POLICY MyWebEx Installation (emerging-policy.rules)
 2001714 - ET POLICY MyWebEx Incoming Connection (emerging-policy.rules)
 2001715 - ET WORM Bropia.F Worm Propagation (emerging-virus.rules)
 2001726 - ET VIRUS Trojan-Spy.Win32.Bancos Download (emerging-virus.rules)
 2001729 - ET MALWARE Tibsystems Spyware Install (1) (emerging-malware.rules)
 2001734 - ET MALWARE Tibsystems Spyware Install (2) (emerging-malware.rules)
 2001736 - ET USER_AGENTS UCMore Spyware Activity (emerging-user_agents.rules)
 2001743 - ET TROJAN HackerDefender Root Kit Remote Connection Attempt Detected (emerging-virus.rules)
 2001746 - ET USER_AGENTS Enhance My Search Spyware Activity (emerging-user_agents.rules)
 2001763 - ET VIRUS - W32.Opaserv Worm Infection (emerging-virus.rules)
 2001764 - ET VIRUS Bugbear at MM virus via SMTP (emerging-virus.rules)
 2001765 - ET VIRUS BugBear at MM virus in Network share (emerging-virus.rules)
 2001766 - ET VIRUS BugBear at MM Worm Copied to Startup Folder (emerging-virus.rules)
 2001767 - ET WEB_SERVER ORACLE OLEDB asp error (emerging-web_server.rules)
 2001768 - ET WEB_SERVER MSSQL Server OLEDB asp error (emerging-web_server.rules)
 2001781 - ET WEB_SERVER ORACLE rwcgi60 information leak attempt (emerging-web_server.rules)
 2001796 - ET P2P Kazaa over UDP (emerging-p2p.rules)
 2001801 - ET POLICY ICQ Status Invisible (emerging-policy.rules)
 2001802 - ET POLICY ICQ Status Change (1) (emerging-policy.rules)
 2001803 - ET POLICY ICQ Status Change (2) (emerging-policy.rules)
 2001804 - ET POLICY ICQ Login (emerging-policy.rules)
 2001805 - ET POLICY ICQ Message (emerging-policy.rules)
 2001808 - ET P2P LimeWire P2P Traffic (emerging-p2p.rules)
 2001809 - ET P2P Limewire P2P UDP Traffic (emerging-p2p.rules)
 2001811 - ET WEB_CLIENT Encoded javascriptdocument.write - usually hostile (emerging-web_client.rules)
 2001812 - ET P2P KazaaClient P2P Traffic (emerging-p2p.rules)
 2001841 - ET P2P UDP traffic - Likely Limewire (emerging-p2p.rules)
 2001852 - ET USER_AGENTS 404Search Spyware User Agent (emerging-user_agents.rules)
 2001853 - ET USER_AGENTS Easy Search Bar Spyware User Agent (emerging-user_agents.rules)
 2001854 - ET MALWARE EZULA Spyware User Agent (emerging-user_agents.rules)
 2001865 - ET USER_AGENTS MyWebSearch Spyware User Agent (emerging-user_agents.rules)
 2001867 - ET USER_AGENTS Search Engine 2000 Spyware User Agent (emerging-user_agents.rules)
 2001868 - ET USER_AGENTS SureSeeker Spyware User Agent (emerging-user_agents.rules)
 2001869 - ET USER_AGENTS Sidesearch Spyware User Agent (emerging-user_agents.rules)
 2001870 - ET USER_AGENTS Surfplayer Spyware User Agent (emerging-user_agents.rules)
 2001871 - ET USER_AGENTS Target Saver Spyware User Agent (emerging-user_agents.rules)
 2001872 - ET USER_AGENTS Visicom Spyware User Agent (emerging-user_agents.rules)
 2001890 - ET MALWARE ToolbarPartner Spyware Agent Download (1) (emerging-malware.rules)
 2001891 - ET USER_AGENTS Suspicious User Agent (agent) (emerging-user_agents.rules)
 2001895 - ET MALWARE ToolbarPartner Spyware Spambot Retrieving Target Emails (emerging-malware.rules)
 2001901 - ET TROJAN Possible Bobax trojan infection (emerging-virus.rules)
 2001904 - ET SCAN Behavioral Unusually fast inbound Telnet Connections, Potential Scan or Brute Force (emerging-scan.rules)
 2001910 - ET WORM AIM Bot Outbound Control Channel Open and Login (emerging-virus.rules)
 2001919 - ET VIRUS Greeting card gif.exe email incoming SMTP (emerging-virus.rules)
 2001920 - ET VIRUS Greeting card gif.exe email incoming POP3/IMAP (emerging-virus.rules)
 2001921 - ET VIRUS Greeting card gif.exe email incoming HTTP (emerging-virus.rules)
 2001928 - ET WEB_SPECIFIC_APPS XSS Possible Arbitrary Scripting Code Attack in phpBB (private message) (emerging-web_specific_apps.rules)
 2001929 - ET WEB_SPECIFIC_APPS XSS Possible Arbitrary Scripting Code Attack in phpBB (signature) (emerging-web_specific_apps.rules)
 2001933 - ET VIRUS PWS Banker Trojan Sending Report of Infection (emerging-virus.rules)
 2001947 - ET MALWARE Zenotecnico Adware (emerging-malware.rules)
 2001949 - ET WEB_SPECIFIC_APPS Athena Web Registration Remote Command Execution Attempt (emerging-web_specific_apps.rules)
 2001959 - ET VIRUS Hotword Trojan in Transit (emerging-virus.rules)
 2001960 - ET VIRUS Hotword Trojan inbound via http (emerging-virus.rules)
 2001961 - ET VIRUS Hotword Trojan - Possible File Upload CHJO (emerging-virus.rules)
 2001962 - ET VIRUS Hotword Trojan - Possible File Upload CFXP (emerging-virus.rules)
 2001963 - ET VIRUS Hotword Trojan - Possible FTP File Request pspv.exe (emerging-virus.rules)
 2001964 - ET VIRUS Hotword Trojan - Possible FTP File Request .tea (emerging-virus.rules)
 2001965 - ET VIRUS Hotword Trojan - Possible FTP File Status Upload ___ (emerging-virus.rules)
 2001966 - ET VIRUS Hotword Trojan - Possible FTP File Status Check ___ (emerging-virus.rules)
 2001972 - ET SCAN Behavioral Unusually fast Terminal Server Traffic, Potential Scan or Infection (emerging-scan.rules)
 2001979 - ET POLICY SSH Server Banner Detected on Unusual Port (emerging-policy.rules)
 2001980 - ET POLICY SSH Client Banner Detected on Unusual Port (emerging-policy.rules)
 2001981 - ET POLICY SSHv2 Server KEX Detected on Unusual Port (emerging-policy.rules)
 2001982 - ET POLICY SSHv2 Client KEX Detected on Unusual Port (emerging-policy.rules)
 2001983 - ET POLICY SSHv2 Client New Keys Detected on Unusual Port (emerging-policy.rules)
 2001984 - ET POLICY SSH session in progress on Unusual Port (emerging-policy.rules)
 2001985 - ET VIRUS HTTP RBOT Challenge/Response Authentication (emerging-virus.rules)
 2001989 - ET POLICY Prospero Chat Session in Progress (emerging-policy.rules)
 2001995 - ET MALWARE UCMore Spyware Reporting (emerging-malware.rules)
 2001996 - ET USER_AGENTS UCMore Spyware Activity User Agent String (emerging-user_agents.rules)
 2001998 - ET MALWARE UCMore Spyware Downloading Ads (emerging-malware.rules)
 2002002 - ET USER_AGENTS Better Internet Spyware User Agent Activity (thnall) (emerging-user_agents.rules)
 2002004 - ET MALWARE Topconverting Spyware Install (emerging-malware.rules)
 2002005 - ET USER_AGENTS Better Internet Spyware User Agent Activity (poller) (emerging-user_agents.rules)
 2002008 - ET MALWARE Wild Tangent Install (emerging-malware.rules)
 2002021 - ET USER_AGENTS Grandstreet Interactive Spyware User Agent Activity (1) (emerging-user_agents.rules)
 2002022 - ET POLICY GotoMyPC poll.gotomypc.com Server Response to Polling Client OK (emerging-policy.rules)
 2002023 - ET TROJAN IRC USER command (emerging-virus.rules)
 2002024 - ET TROJAN IRC NICK command (emerging-virus.rules)
 2002025 - ET TROJAN IRC JOIN command (emerging-virus.rules)
 2002026 - ET TROJAN IRC PRIVMSG command (emerging-virus.rules)
 2002027 - ET TROJAN IRC PING command (emerging-virus.rules)
 2002028 - ET TROJAN IRC PONG response (emerging-virus.rules)
 2002033 - ET TROJAN BOT - potential response (emerging-virus.rules)
 2002036 - ET MALWARE Weird on the Web /180 Solutions Checkin (emerging-malware.rules)
 2002038 - ET USER_AGENTS Shopathomeselect.com Spyware User Agent Activity (emerging-user_agents.rules)
 2002040 - ET MALWARE Topconverting Spyware Reporting (emerging-malware.rules)
 2002041 - ET MALWARE Weird on the Web /180 Solutions Update (emerging-malware.rules)
 2002071 - ET USER_AGENTS XupiterToolbar Spyware User Agent Activity (emerging-user_agents.rules)
 2002078 - ET USER_AGENTS SideStep Spyware User Agent Activity (emerging-user_agents.rules)
 2002079 - ET USER_AGENTS MyWaySearch Products Spyware User Agent (emerging-user_agents.rules)
 2002080 - ET USER_AGENTS MySearch Products Spyware User Agent (emerging-user_agents.rules)
 2002087 - ET POLICY Inbound Frequent Emails - Possible Spambot Inbound (emerging-policy.rules)
 2002092 - ET MALWARE yupsearch.com Spyware Install - protector.exe (emerging-malware.rules)
 2002098 - ET MALWARE yupsearch.com Spyware Install - sideb.exe (emerging-malware.rules)
 2002384 - ET TROJAN BOT - potential misc bot commands (emerging-virus.rules)
 2002386 - ET TROJAN BOT - channel topic misc bot commands (emerging-virus.rules)
 2002659 - ET CHAT Yahoo IM Client Install (emerging-policy.rules)
 2002668 - ET WEB_SPECIFIC_APPS CutePHP CuteNews directory traversal vulnerability - show_news (emerging-web_specific_apps.rules)
 2002678 - ET WEB_SPECIFIC_APPS Cyphor show.php SQL injection attempt (emerging-web_specific_apps.rules)
 2002735 - ET MALWARE Zenotecnico Adware 2 (emerging-malware.rules)
 2002736 - ET MALWARE Trafficsector.com Spyware Install (emerging-malware.rules)
 2002737 - ET MALWARE Zenotecnico Spyware Install Report (emerging-malware.rules)
 2002740 - ET MALWARE adservs.com Spyware (emerging-malware.rules)
 2002973 - ET SCAN Behavioral Unusual Port 3127 traffic, Potential Scan or Backdoor (emerging-scan.rules)
 2002992 - ET SCAN Rapid POP3 Connections - Possible Brute Force Attack (emerging-scan.rules)
 2002993 - ET SCAN Rapid POP3S Connections - Possible Brute Force Attack (emerging-scan.rules)
 2002994 - ET SCAN Rapid IMAP Connections - Possible Brute Force Attack (emerging-scan.rules)
 2002995 - ET SCAN Rapid IMAPS Connections - Possible Brute Force Attack (emerging-scan.rules)
 2003045 - ET POLICY Real.com Game Arcade Install (User agent) (emerging-policy.rules)
 2003068 - ET SCAN Potential SSH Scan OUTBOUND (emerging-scan.rules)
 2003070 - ET WORM Korgo.U Reporting (emerging-virus.rules)
 2003132 - ET TROJAN BOT - potential DDoS command (2) (emerging-virus.rules)
 2003152 - ET WEB_SPECIFIC_APPS CutePHP CuteNews directory traversal vulnerability - show_archives (emerging-web_specific_apps.rules)
 2003168 - ET POLICY Winamp Streaming User Agent (emerging-policy.rules)
 2003242 - ET MALWARE Websearch.com Cab Download (emerging-malware.rules)
 2003244 - ET TROJAN HackerDefender.HE Root Kit Control Connection (emerging-virus.rules)
 2003245 - ET TROJAN HackerDefender.HE Root Kit Control Connection Reply (emerging-virus.rules)
 2003389 - ET MALWARE WhenUClick.com Application Version Check (emerging-malware.rules)
 2003404 - ET MALWARE WhenUClick.com WhenUSave Data Retrieval (DataChunksGZ) (emerging-malware.rules)
 2003451 - ET MALWARE K8l.info Spyware Activity (emerging-malware.rules)
 2003471 - ET MALWARE Winsoftware.com Spyware Activity (emerging-malware.rules)
 2003525 - ET MALWARE Supergames.aavalue.com Spyware (emerging-malware.rules)
 2003543 - ET MALWARE Winfixmaster.com Fake Anti-Spyware Install (emerging-malware.rules)
 2003864 - ET POLICY Outbound SMTP on port 587 (emerging-policy.rules)
 2006372 - ET P2P Bittorrent P2P Client User-Agent (Bittorrent/5.x.x) (emerging-p2p.rules)
 2006381 - ET USER_AGENTS Ask.com Toolbar/Spyware User Agent (emerging-user_agents.rules)
 2006386 - ET USER_AGENTS Deepdo.com Toolbar/Spyware User Agent (DeepdoUpdate) (emerging-user_agents.rules)
 2006388 - ET USER_AGENTS Suspicious User Agent (006) (emerging-user_agents.rules)
 2006391 - ET TROJAN Poebot Related User Agent (SPM_ID=) (emerging-virus.rules)
 2007583 - ET USER_AGENTS iebar Spyware User Agent (iebar) (emerging-user_agents.rules)
 2007597 - ET USER_AGENTS NewWeb/Sudui.com Spyware User Agent (B Register) (emerging-user_agents.rules)
 2007598 - ET USER_AGENTS NewWeb/Sudui.com Spyware User Agent (updatesodui) (emerging-user_agents.rules)
 2007599 - ET USER_AGENTS NewWeb/Sudui.com Spyware User Agent (aaaabbb) (emerging-user_agents.rules)
 2007600 - ET USER_AGENTS TryMedia Spyware User Agent (TryMedia_DM_2.0.0) (emerging-user_agents.rules)
 2007615 - ET USER_AGENTS Unidentified Spyware User Agent (0\:0\:+ 128 chars) (emerging-user_agents.rules)
 2007616 - ET USER_AGENTS klm123.com Spyware User Agent (emerging-user_agents.rules)
 2007617 - ET USER_AGENTS VirusProtectPro Spyware User Agent (VirusProtectPro) (emerging-user_agents.rules)
 2007648 - ET USER_AGENTS Suspicious Spyware User Agent (XXX) (emerging-user_agents.rules)
 2007659 - ET USER_AGENTS Suspicious Spyware User Agent (QdrBi Starter) (emerging-user_agents.rules)
 2007660 - ET USER_AGENTS Winxpperformance.com Related Spyware User Agent (Microsoft Internet Browser) (emerging-user_agents.rules)
 2007666 - ET USER_AGENTS Suspicious Spyware Related User Agent (install_s) (emerging-user_agents.rules)
 2007667 - ET USER_AGENTS Suspicious Spyware Related User Agent (count) (emerging-user_agents.rules)
 2007690 - ET USER_AGENTS IEDefender (iedefender.com) Fake Antispyware User Agent (IEDefender 2.1) (emerging-user_agents.rules)
 2007693 - ET USER_AGENTS Zredirector.com Related Spyware User Agent (BndDriveLoader) (emerging-user_agents.rules)
 2007694 - ET USER_AGENTS Popads123.com Related Spyware User Agent (LmaokaazLdr) (emerging-user_agents.rules)
 2007697 - ET USER_AGENTS Antivirgear.com Fake Anti-Spyware User Agent (AntiVirGear) (emerging-user_agents.rules)
 2007759 - ET USER_AGENTS Alfaantivirus.com Fake Anti-Virus User Agent (IM Download) (emerging-user_agents.rules)
 2007800 - ET P2P LimeWire P2P Traffic (emerging-p2p.rules)
 2008192 - ET WORM Korgo.P Reporting (emerging-virus.rules)
 2008230 - ET SCAN Behavioral Unusually fast outbound Telnet Connections, Potential Scan or Brute Force (emerging-scan.rules)
 2008578 - ET SCAN Sipvicious Scan (emerging-scan.rules)
 2009003 - ET TROJAN Win32/Korklic.A (emerging-virus.rules)
 2009295 - ET USER_AGENTS Suspicious Mozilla User-Agent - Likely Fake (Mozilla/5.0) (emerging-user_agents.rules)
 2010267 - ET TROJAN Sinowal/Torpig Checkin (emerging-virus.rules)
 2010337 - ET TROJAN Zeus Reporting - POST often to [resolution|borders].php (emerging-virus.rules)
 2011007 - ET CURRENT_EVENTS Microsoft Internet Explorer Tabular DataURL ActiveX Control Memory Corruption Attempt (emerging-current_events.rules)
 2011086 - ET TROJAN Trojan-Dropper.Win32.Flystud (emerging-virus.rules)
 2011691 - ET USER_AGENTS Hotbar Agent Activity (emerging-user_agents.rules)


[///]    Modified inactive rules:    [///]

 2000035 - ET POLICY Hotmail Inbox Access (emerging-policy.rules)
 2000036 - ET POLICY Hotmail Message Access (emerging-policy.rules)
 2000037 - ET POLICY Hotmail Compose Message Access (emerging-policy.rules)
 2000038 - ET POLICY Hotmail Compose Message Submit (emerging-policy.rules)
 2000039 - ET POLICY Hotmail Compose Message Submit Data (emerging-policy.rules)
 2000041 - ET Yahoo Mail Inbox View (emerging-policy.rules)
 2000042 - ET Yahoo Mail Message View (emerging-policy.rules)
 2000043 - ET Yahoo Mail Message Compose Open (emerging-policy.rules)
 2000044 - ET Yahoo Mail Message Send (emerging-policy.rules)
 2000045 - ET Yahoo Mail Message Send Info Capture (emerging-policy.rules)
 2000341 - ET Yahoo Mail General Page View (emerging-policy.rules)
 2000418 - ET POLICY Executable and linking format (ELF) file download (emerging-policy.rules)
 2000420 - ET POLICY REG files version 4 download (emerging-policy.rules)
 2000421 - ET POLICY REG files version 5 download (emerging-policy.rules)
 2000422 - ET POLICY REG files version 5 Unicode download (emerging-policy.rules)
 2000423 - ET POLICY NE EXE OS2 file download (emerging-policy.rules)
 2000424 - ET POLICY LX EXE OS2 file download (emerging-policy.rules)
 2000425 - ET POLICY NE EXE Windows 3.x file download (emerging-policy.rules)
 2000426 - ET POLICY EXE compressed PKWARE Windows file download (emerging-policy.rules)
 2000427 - ET POLICY PE EXE Install Windows file download (emerging-policy.rules)
 2000428 - ET POLICY ZIP file download (emerging-policy.rules)
 2000429 - ET POLICY Download Windows Help File CHM 2 (emerging-policy.rules)
 2000489 - ET POLICY Download Windows Help File CHM (emerging-policy.rules)
 2000560 - ET POLICY HTTP CONNECT Tunnel Attempt Inbound (emerging-policy.rules)
 2001048 - ET WEB_CLIENT IE process injection iexplore.exe executable download (emerging-web_client.rules)
 2001099 - ET WEB_CLIENT Attempt to execute VBScript code (emerging-web_client.rules)
 2001101 - ET WEB_CLIENT Stealth attempt to execute Javascript code (emerging-web_client.rules)
 2001102 - ET WEB_CLIENT Stealth attempt to execute VBScript code (emerging-web_client.rules)
 2001103 - ET WEB_CLIENT Stealth attempt to access SHELL\: (emerging-web_client.rules)
 2001105 - ET WEB_CLIENT Javascript execution with expression eval (emerging-web_client.rules)
 2001106 - ET WEB_CLIENT Javascript execution with expression eval hex (emerging-web_client.rules)
 2001114 - ET POLICY Mozilla XPI install files download (emerging-policy.rules)
 2001115 - ET POLICY MSI (microsoft installer file) download (emerging-policy.rules)
 2001116 - ET DNS - Standard query response, Format error (emerging-policy.rules)
 2001117 - ET DNS - Standard query response, Name Error (emerging-policy.rules)
 2001118 - ET DNS - Standard query response, Not Implemented (emerging-policy.rules)
 2001119 - ET DNS - Standard query response, Refused (emerging-policy.rules)
 2001255 - ET CHAT Yahoo IM ping (emerging-policy.rules)
 2001260 - ET CHAT Yahoo IM message (emerging-policy.rules)
 2001264 - ET CHAT Yahoo IM conference watch (emerging-policy.rules)
 2001267 - ET MALWARE Weatherbug Capture (emerging-malware.rules)
 2001273 - ET WORM Outbound W32.Novarg.A worm (emerging-virus.rules)
 2001328 - ET POLICY SSN Detected in Clear Text (dashed) (emerging-policy.rules)
 2001384 - ET POLICY SSN Detected in Clear Text (spaced) (emerging-policy.rules)
 2001402 - ET POLICY ZIPPED DOC in transit (emerging-policy.rules)
 2001403 - ET POLICY ZIPPED XLS in transit (emerging-policy.rules)
 2001404 - ET POLICY ZIPPED EXE in transit (emerging-policy.rules)
 2001405 - ET POLICY ZIPPED PPT in transit (emerging-policy.rules)
 2001449 - ET POLICY Proxy Connection detected (emerging-policy.rules)
 2001806 - ET POLICY Administrator Login Detected (emerging-policy.rules)
 2001898 - ET POLICY eBay Bid Placed (emerging-policy.rules)
 2001907 - ET POLICY eBay Placing Item for sale (emerging-policy.rules)
 2001908 - ET POLICY eBay View Item (emerging-policy.rules)
 2001909 - ET POLICY eBay Watch This Item (emerging-policy.rules)
 2001973 - ET POLICY SSH Server Banner Detected on Expected Port (emerging-policy.rules)
 2001974 - ET POLICY SSH Client Banner Detected on Expected Port (emerging-policy.rules)
 2001975 - ET POLICY SSHv2 Server KEX Detected on Expected Port (emerging-policy.rules)
 2001976 - ET POLICY SSHv2 Client KEX Detected on Expected Port (emerging-policy.rules)
 2001977 - ET POLICY SSHv2 Client New Keys detected on Expected Port (emerging-policy.rules)
 2001978 - ET POLICY SSH session in progress on Expected Port (emerging-policy.rules)
 2002364 - ET MALWARE Weatherbug Wxbug Capture (emerging-malware.rules)
 2008330 - ET POLICY HTTP CONNECT Tunnel Attempt Outbound (emerging-policy.rules)


[---]         Removed rules:         [---]

 2008088 - ET TROJAN Lolabel Related User-Agent (ProxyDown) (emerging-virus.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to emerging-current_events.rules (1):
        #by Eoin Miller

     -> Added to emerging-p2p.rules (13):
        #by Philipp Seidel
        #by Philipp Seidel
        #by Philipp Seidel
        #by Philipp Seidel
        #by Philipp Seidel
        #by philipp Seidel
        #by Philipp Seidel
        #by Philipp Seidel
        #by Philipp Seidel
        #by Philipp Seidel
        #by Philipp Seidel
        #by Philipp Seidel
        #by Philipp Seidel

     -> Added to emerging-scan.rules (1):
        # These Detect the Latest Sipvious Scanner Version (0.2.6)

     -> Added to emerging-sid-msg.map (39):
        2008578 || ET SCAN Sipvicious Scan || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Sipvicious || url,doc.emergingthreats.net/2008578 || url,blog.sipvicious.org
        2011007 || ET CURRENT_EVENTS Microsoft Internet Explorer Tabular DataURL ActiveX Control Memory Corruption Attempt || url,doc.emergingthreats.net/2011007 || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_MSIE || cve,2010-0805 || url,www.kb.cert.org/vuls/id/744549 || url,www.vupen.com/english/advisories/2010/0744 || url,www.microsoft.com/technet/security/bulletin/ms10-018.mspx || url,www.metasploit.com/redmine/projects/framework/repository/revisions/9018/entry/modules/exploits/windows/browser/ms10_018_ie_tabular_activex.rb || url,tools.cisco.com/security/center/viewAlert.x?alertId=20202 || url,securitytracker.com/alerts/2010/Mar/1023773.html
        2011695 || ET WEB_CLIENT Possible Microsoft Internet Explorer Dynamic Object Tag/URLMON Sniffing Cross Domain Information Disclosure Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_IE_Vulnerabilities || url,doc.emergingthreats.net/2011695 || cve,2010-0255 || url,www.coresecurity.com/content/internet-explorer-dynamic-object-tag || url,www.microsoft.com/technet/security/bulletin/ms10-035.mspx || url,tools.cisco.com/security/center/viewAlert.x?alertId=20610 || url,tools.cisco.com/security/center/viewAlert.x?alertId=19873
        2011696 || ET WEB_SPECIFIC_APPS Possible JBoss JMX Console Beanshell Deployer WAR Upload and Deployment Exploit Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Jboss || url,doc.emergingthreats.net/2011696 || cve,2010-0738 || url,www.redteam-pentesting.de/en/publications/jboss/-bridging-the-gap-between-the-enterprise-and-you-or-whos-the-jboss-now
        2011697 || ET WEB_SPECIFIC_APPS JBoss JMX Console Beanshell Deployer .WAR File Upload and Deployment Cross Site Request Forgery Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Jboss || url,doc.emergingthreats.net/2011697 || cve,2010-0738 || url,www.redteam-pentesting.de/en/publications/jboss/-bridging-the-gap-between-the-enterprise-and-you-or-whos-the-jboss-now
        2011698 || ET CURRENT_EVENTS Java Web Start Command Injection (.jar) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Java || url,doc.emergingthreats.net/2011698 || url,seclists.org/fulldisclosure/2010/Apr/119
        2011699 || ET P2P Bittorrent P2P Client User-Agent (Transmission/1.x) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/P2P/P2P_Transmission || url,doc.emergingthreats.net/2011699 || url,www.transmissionbt.com
        2011700 || ET P2P Bittorrent P2P Client User-Agent (KTorrent/3.x.x) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/P2P/P2P_Ktorrent || url,doc.emergingthreats.net/2011700 || url,ktorrent.org
        2011701 || ET P2P Bittorrent P2P Client User-Agent (Opera/10.x) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/P2P/P2P_Opera || url,doc.emergingthreats.net/2011701 || url,www.opera.com
        2011702 || ET P2P Bittorrent P2P Client User-Agent (BitTornado) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/P2P/P2P_Bittornado || url,doc.emergingthreats.net/2011702 || url,www.bittornado.com
        2011703 || ET P2P Bittorrent P2P Client User-Agent (Enhanced CTorrent 3.x) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/P2P/P2P_EnhancedCtorrent || url,doc.emergingthreats.net/2011703 || url,www.rahul.net/dholmes/ctorrent
        2011704 || ET P2P Bittorrent P2P Client User-Agent (Deluge 1.x.x) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/P2P/P2P_Deluge || url,doc.emergingthreats.net/2011704 || url,deluge-torrent.org
        2011705 || ET P2P Bittorrent P2P Client User-Agent (rTorrent) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/P2P/P2P_rTorrent || url,doc.emergingthreats.net/2011705 || url,libtorrent.rakshasa.no
        2011706 || ET P2P Bittorrent P2P Client User-Agent (uTorrent) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/P2P/P2P_uTorrent || url,doc.emergingthreats.net/2011706 || url,www.utorrent.com
        2011707 || ET P2P Client User-Agent (Shareaza 2.x) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/P2P/P2P_Sharazaa || url,doc.emergingthreats.net/2011707 || url,shareaza.sourceforge.net
        2011708 || ET P2P Bittorrent P2P Client User-Agent (Blizzard Downloader 2.x) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/P2P/P2P_Blizzard || url,doc.emergingthreats.net/2011708 || url,www.worldofwarcraft.com/info/faq/blizzarddownloader.html
        2011710 || ET P2P Bittorrent P2P Client User-Agent (BitComet) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/P2P/P2P_BitComet || url,doc.emergingthreats.net/2011710 || url,www.bitcomet.com
        2011711 || ET P2P Bittorrent P2P Client User-Agent (KTorrent 2.x) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/P2P/P2P_Ktorrent || url,doc.emergingthreats.net/2011711 || url,ktorrent.org
        2011712 || ET P2P Bittorrent P2P Client User-Agent (FDM 3.x) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/P2P/P2P_FDM || url,doc.emergingthreats.net/2011712 || url,www.freedownloadmanager.org
        2011713 || ET P2P Bittorrent P2P Client User-Agent (BTSP) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/P2P/P2P_BTSP || url,doc.emergingthreats.net/2011713
        2011714 || ET CURRENT_EVENTS Hidden iframe Served by nginx - Likely Hostile Code || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Malvertising || url,doc.emergingthreats.net/2011714
        2011715 || ET CURRENT_EVENTS MALVERTISING Adobe Exploited Check-In || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Malvertising || url,doc.emergingthreats.net/2011715
        2011716 || ET SCAN Sipvicious User-Agent Detected (friendly-scanner) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Sipvicious || url,doc.emergingthreats.net/2011716 || url,blog.sipvicious.org/ || url,code.google.com/p/sipvicious/
        2011717 || ET SCAN Sipvicious Svmap or Svlearnfp Scan Detected || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Sipvicious || url,doc.emergingthreats.net/2011717 || url,blog.sipvicious.org/ || url,code.google.com/p/sipvicious/
        2011718 || ET USER_AGENTS Suspicious User-Agent (RangeCheck/0.1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/USER_AGENTS/USER_AGENTS_Suspicious || url,doc.emergingthreats.net/2011718
        2011719 || ET USER_AGENTS Suspicious User-Agent (SOGOU_UPDATER) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/USER_AGENTS/USER_AGENTS_Suspicious || url,doc.emergingthreats.net/2011719
        2011720 || ET SCAN Possible WafWoof Web Application Firewall Detection Scan || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Wafwoof || url,doc.emergingthreats.net/2011720 || url,code.google.com/p/waffit/
        2011721 || ET SCAN Possible Fast-Track Tool Spidering User-Agent Detected || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Fasttrack_Spider || url,doc.emergingthreats.net/2011721 || url,www.offensive-security.com/metasploit-unleashed/Fast-Track-Modes
        2011722 || ET WEB_SPECIFIC_APPS Axis Media Controller ActiveX SetImage Method Remote Code Execution Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Axis || url,doc.emergingthreats.net/2011722 || bugtraq,41078
        2011723 || ET WEB_SPECIFIC_APPS Webmoney Advisor ActiveX Redirect Method Remote DoS Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_WebMoney || url,doc.emergingthreats.net/2011723 || url,exploit-db.com/exploits/12431
        2011724 || ET WEB_SPECIFIC_APPS Webmoney Advisor ActiveX Control DoS Function Call || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_WebMoney || url,doc.emergingthreats.net/2011724 || url,exploit-db.com/exploits/12431
        2011725 || ET WEB_SPECIFIC_APPS EZPX photoblog tpl_base_dir Parameter Remote File Inclusion Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_EZPX || url,doc.emergingthreats.net/2011725 || bugtraq,40881 || url,vupen.com/english/advisories/2010/1497 || url,exploit-db.com/exploits/13890/
        2011726 || ET WEB_SPECIFIC_APPS SchoolMation studentmain.php session Parameter SELECT FROM SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_SchoolMation || url,doc.emergingthreats.net/2011726 || url,exploit-db.com/exploits/13812/ || bugtraq,40737
        2011727 || ET WEB_SPECIFIC_APPS SchoolMation studentmain.php session Parameter DELETE FROM SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_SchoolMation || url,doc.emergingthreats.net/2011727 || url,exploit-db.com/exploits/13812/ || bugtraq,40737
        2011728 || ET WEB_SPECIFIC_APPS SchoolMation studentmain.php session Parameter UNION SELECT SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_SchoolMation || url,doc.emergingthreats.net/2011728 || url,exploit-db.com/exploits/13812/ || bugtraq,40737
        2011729 || ET WEB_SPECIFIC_APPS SchoolMation studentmain.php session Parameter INSERT INTO SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_SchoolMation || url,doc.emergingthreats.net/2011729 || url,exploit-db.com/exploits/13812/ || bugtraq,40737
        2011730 || ET WEB_SPECIFIC_APPS SchoolMation studentmain.php session Parameter UPDATE SET SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_SchoolMation || url,doc.emergingthreats.net/2011730 || url,exploit-db.com/exploits/13812/ || bugtraq,40737
        2011731 || ET WEB_SPECIFIC_APPS SchoolMation studentmain.php session Parameter Cross Site Scripting Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_SchoolMation || url,doc.emergingthreats.net/2011731 || url,exploit-db.com/exploits/13812/ || bugtraq,40737
        2011732 || ET DOS Possible VNC ClientCutText Message Denial of Service/Memory Corruption Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/DOS/DOS_VNC || url,doc.emergingthreats.net/2011732 || url,www.fortiguard.com/encyclopedia/vulnerability/vnc.server.clientcuttext.message.memory.corruption.html

     -> Added to emerging-sid-msg.map.txt (39):
        2008578 || ET SCAN Sipvicious Scan || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Sipvicious || url,doc.emergingthreats.net/2008578 || url,blog.sipvicious.org
        2011007 || ET CURRENT_EVENTS Microsoft Internet Explorer Tabular DataURL ActiveX Control Memory Corruption Attempt || url,doc.emergingthreats.net/2011007 || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_MSIE || cve,2010-0805 || url,www.kb.cert.org/vuls/id/744549 || url,www.vupen.com/english/advisories/2010/0744 || url,www.microsoft.com/technet/security/bulletin/ms10-018.mspx || url,www.metasploit.com/redmine/projects/framework/repository/revisions/9018/entry/modules/exploits/windows/browser/ms10_018_ie_tabular_activex.rb || url,tools.cisco.com/security/center/viewAlert.x?alertId=20202 || url,securitytracker.com/alerts/2010/Mar/1023773.html
        2011695 || ET WEB_CLIENT Possible Microsoft Internet Explorer Dynamic Object Tag/URLMON Sniffing Cross Domain Information Disclosure Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_IE_Vulnerabilities || url,doc.emergingthreats.net/2011695 || cve,2010-0255 || url,www.coresecurity.com/content/internet-explorer-dynamic-object-tag || url,www.microsoft.com/technet/security/bulletin/ms10-035.mspx || url,tools.cisco.com/security/center/viewAlert.x?alertId=20610 || url,tools.cisco.com/security/center/viewAlert.x?alertId=19873
        2011696 || ET WEB_SPECIFIC_APPS Possible JBoss JMX Console Beanshell Deployer WAR Upload and Deployment Exploit Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Jboss || url,doc.emergingthreats.net/2011696 || cve,2010-0738 || url,www.redteam-pentesting.de/en/publications/jboss/-bridging-the-gap-between-the-enterprise-and-you-or-whos-the-jboss-now
        2011697 || ET WEB_SPECIFIC_APPS JBoss JMX Console Beanshell Deployer .WAR File Upload and Deployment Cross Site Request Forgery Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Jboss || url,doc.emergingthreats.net/2011697 || cve,2010-0738 || url,www.redteam-pentesting.de/en/publications/jboss/-bridging-the-gap-between-the-enterprise-and-you-or-whos-the-jboss-now
        2011698 || ET CURRENT_EVENTS Java Web Start Command Injection (.jar) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Java || url,doc.emergingthreats.net/2011698 || url,seclists.org/fulldisclosure/2010/Apr/119
        2011699 || ET P2P Bittorrent P2P Client User-Agent (Transmission/1.x) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/P2P/P2P_Transmission || url,doc.emergingthreats.net/2011699 || url,www.transmissionbt.com
        2011700 || ET P2P Bittorrent P2P Client User-Agent (KTorrent/3.x.x) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/P2P/P2P_Ktorrent || url,doc.emergingthreats.net/2011700 || url,ktorrent.org
        2011701 || ET P2P Bittorrent P2P Client User-Agent (Opera/10.x) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/P2P/P2P_Opera || url,doc.emergingthreats.net/2011701 || url,www.opera.com
        2011702 || ET P2P Bittorrent P2P Client User-Agent (BitTornado) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/P2P/P2P_Bittornado || url,doc.emergingthreats.net/2011702 || url,www.bittornado.com
        2011703 || ET P2P Bittorrent P2P Client User-Agent (Enhanced CTorrent 3.x) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/P2P/P2P_EnhancedCtorrent || url,doc.emergingthreats.net/2011703 || url,www.rahul.net/dholmes/ctorrent
        2011704 || ET P2P Bittorrent P2P Client User-Agent (Deluge 1.x.x) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/P2P/P2P_Deluge || url,doc.emergingthreats.net/2011704 || url,deluge-torrent.org
        2011705 || ET P2P Bittorrent P2P Client User-Agent (rTorrent) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/P2P/P2P_rTorrent || url,doc.emergingthreats.net/2011705 || url,libtorrent.rakshasa.no
        2011706 || ET P2P Bittorrent P2P Client User-Agent (uTorrent) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/P2P/P2P_uTorrent || url,doc.emergingthreats.net/2011706 || url,www.utorrent.com
        2011707 || ET P2P Client User-Agent (Shareaza 2.x) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/P2P/P2P_Sharazaa || url,doc.emergingthreats.net/2011707 || url,shareaza.sourceforge.net
        2011708 || ET P2P Bittorrent P2P Client User-Agent (Blizzard Downloader 2.x) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/P2P/P2P_Blizzard || url,doc.emergingthreats.net/2011708 || url,www.worldofwarcraft.com/info/faq/blizzarddownloader.html
        2011710 || ET P2P Bittorrent P2P Client User-Agent (BitComet) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/P2P/P2P_BitComet || url,doc.emergingthreats.net/2011710 || url,www.bitcomet.com
        2011711 || ET P2P Bittorrent P2P Client User-Agent (KTorrent 2.x) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/P2P/P2P_Ktorrent || url,doc.emergingthreats.net/2011711 || url,ktorrent.org
        2011712 || ET P2P Bittorrent P2P Client User-Agent (FDM 3.x) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/P2P/P2P_FDM || url,doc.emergingthreats.net/2011712 || url,www.freedownloadmanager.org
        2011713 || ET P2P Bittorrent P2P Client User-Agent (BTSP) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/P2P/P2P_BTSP || url,doc.emergingthreats.net/2011713
        2011714 || ET CURRENT_EVENTS Hidden iframe Served by nginx - Likely Hostile Code || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Malvertising || url,doc.emergingthreats.net/2011714
        2011715 || ET CURRENT_EVENTS MALVERTISING Adobe Exploited Check-In || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Malvertising || url,doc.emergingthreats.net/2011715
        2011716 || ET SCAN Sipvicious User-Agent Detected (friendly-scanner) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Sipvicious || url,doc.emergingthreats.net/2011716 || url,blog.sipvicious.org/ || url,code.google.com/p/sipvicious/
        2011717 || ET SCAN Sipvicious Svmap or Svlearnfp Scan Detected || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Sipvicious || url,doc.emergingthreats.net/2011717 || url,blog.sipvicious.org/ || url,code.google.com/p/sipvicious/
        2011718 || ET USER_AGENTS Suspicious User-Agent (RangeCheck/0.1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/USER_AGENTS/USER_AGENTS_Suspicious || url,doc.emergingthreats.net/2011718
        2011719 || ET USER_AGENTS Suspicious User-Agent (SOGOU_UPDATER) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/USER_AGENTS/USER_AGENTS_Suspicious || url,doc.emergingthreats.net/2011719
        2011720 || ET SCAN Possible WafWoof Web Application Firewall Detection Scan || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Wafwoof || url,doc.emergingthreats.net/2011720 || url,code.google.com/p/waffit/
        2011721 || ET SCAN Possible Fast-Track Tool Spidering User-Agent Detected || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Fasttrack_Spider || url,doc.emergingthreats.net/2011721 || url,www.offensive-security.com/metasploit-unleashed/Fast-Track-Modes
        2011722 || ET WEB_SPECIFIC_APPS Axis Media Controller ActiveX SetImage Method Remote Code Execution Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Axis || url,doc.emergingthreats.net/2011722 || bugtraq,41078
        2011723 || ET WEB_SPECIFIC_APPS Webmoney Advisor ActiveX Redirect Method Remote DoS Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_WebMoney || url,doc.emergingthreats.net/2011723 || url,exploit-db.com/exploits/12431
        2011724 || ET WEB_SPECIFIC_APPS Webmoney Advisor ActiveX Control DoS Function Call || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_WebMoney || url,doc.emergingthreats.net/2011724 || url,exploit-db.com/exploits/12431
        2011725 || ET WEB_SPECIFIC_APPS EZPX photoblog tpl_base_dir Parameter Remote File Inclusion Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_EZPX || url,doc.emergingthreats.net/2011725 || bugtraq,40881 || url,vupen.com/english/advisories/2010/1497 || url,exploit-db.com/exploits/13890/
        2011726 || ET WEB_SPECIFIC_APPS SchoolMation studentmain.php session Parameter SELECT FROM SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_SchoolMation || url,doc.emergingthreats.net/2011726 || url,exploit-db.com/exploits/13812/ || bugtraq,40737
        2011727 || ET WEB_SPECIFIC_APPS SchoolMation studentmain.php session Parameter DELETE FROM SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_SchoolMation || url,doc.emergingthreats.net/2011727 || url,exploit-db.com/exploits/13812/ || bugtraq,40737
        2011728 || ET WEB_SPECIFIC_APPS SchoolMation studentmain.php session Parameter UNION SELECT SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_SchoolMation || url,doc.emergingthreats.net/2011728 || url,exploit-db.com/exploits/13812/ || bugtraq,40737
        2011729 || ET WEB_SPECIFIC_APPS SchoolMation studentmain.php session Parameter INSERT INTO SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_SchoolMation || url,doc.emergingthreats.net/2011729 || url,exploit-db.com/exploits/13812/ || bugtraq,40737
        2011730 || ET WEB_SPECIFIC_APPS SchoolMation studentmain.php session Parameter UPDATE SET SQL Injection Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_SchoolMation || url,doc.emergingthreats.net/2011730 || url,exploit-db.com/exploits/13812/ || bugtraq,40737
        2011731 || ET WEB_SPECIFIC_APPS SchoolMation studentmain.php session Parameter Cross Site Scripting Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_SchoolMation || url,doc.emergingthreats.net/2011731 || url,exploit-db.com/exploits/13812/ || bugtraq,40737
        2011732 || ET DOS Possible VNC ClientCutText Message Denial of Service/Memory Corruption Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/DOS/DOS_VNC || url,doc.emergingthreats.net/2011732 || url,www.fortiguard.com/encyclopedia/vulnerability/vnc.server.clientcuttext.message.memory.corruption.html

     -> Added to emerging-user_agents.rules (1):
        #re 5823f6065f5e2e49cd011e6acdd23bd9

[---]     Removed non-rule lines:    [---]

     -> Removed from emerging-sid-msg.map (3):
        2008088 || ET TROJAN Lolabel Related User-Agent (ProxyDown) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Losabel || url,doc.emergingthreats.net/2008088
        2008578 || ET SCAN Sipvicious Scan || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Sipvicious || url,doc.emergingthreats.net/2008578 || url,sipvicious.org/blog/
        2011007 || ET CURRENT_EVENTS Microsoft Internet Explorer Tabular Data ActiveX Control Memory Corruption Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_MSIE || url,doc.emergingthreats.net/2010974 || cve,2010-0805 || url,www.metasploit.com/redmine/projects/framework/repository/revisions/9018/entry/modules/exploits/windows/browser/ms10_018_ie_tabular_activex.rb || url,tools.cisco.com/security/center/viewAlert.x?alertId=20202 || url,securitytracker.com/alerts/2010/Mar/1023773.html

     -> Removed from emerging-sid-msg.map.txt (3):
        2008088 || ET TROJAN Lolabel Related User-Agent (ProxyDown) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Losabel || url,doc.emergingthreats.net/2008088
        2008578 || ET SCAN Sipvicious Scan || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Sipvicious || url,doc.emergingthreats.net/2008578 || url,sipvicious.org/blog/
        2011007 || ET CURRENT_EVENTS Microsoft Internet Explorer Tabular Data ActiveX Control Memory Corruption Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_MSIE || url,doc.emergingthreats.net/2010974 || cve,2010-0805 || url,www.metasploit.com/redmine/projects/framework/repository/revisions/9018/entry/modules/exploits/windows/browser/ms10_018_ie_tabular_activex.rb || url,tools.cisco.com/security/center/viewAlert.x?alertId=20202 || url,securitytracker.com/alerts/2010/Mar/1023773.html



More information about the Emerging-sigs mailing list