[prev in list] [next in list] [prev in thread] [next in thread]
List: snort-cvs
Subject: [snort-cvs] CVS: snort - cazz
From: Brian Caswell <cazz () users ! sourceforge ! net>
Date: 2004-03-20 21:58:44
Message-ID: E1B4oUO-0001py-7Q () sc8-pr-cvs1 ! sourceforge ! net
[Download RAW message or body]
CVSROOT: /cvsroot/snort
Module name: snort
Changes by: cazz@sc8-pr-cvs1.sourceforge.net 2004/03/20 13:58:44
Modified files:
doc/signatures : 1229.txt 1444.txt 276.txt 527.txt
etc : sid sid-msg.map snort.conf
rules : attack-responses.rules backdoor.rules
bad-traffic.rules chat.rules ddos.rules
deleted.rules dns.rules dos.rules
experimental.rules exploit.rules finger.rules
ftp.rules icmp-info.rules icmp.rules imap.rules
info.rules local.rules misc.rules
multimedia.rules mysql.rules netbios.rules
nntp.rules oracle.rules other-ids.rules
p2p.rules policy.rules pop2.rules pop3.rules
rpc.rules rservices.rules scan.rules
shellcode.rules smtp.rules snmp.rules sql.rules
telnet.rules tftp.rules virus.rules
web-attacks.rules web-cgi.rules
web-client.rules web-coldfusion.rules
web-frontpage.rules web-iis.rules
web-misc.rules web-php.rules x11.rules
Added files:
doc/signatures : 2381.txt 2400.txt 2409.txt 2411.txt 2412.txt
2413.txt 2414.txt 2415.txt 2416.txt 2417.txt
2418.txt 2419.txt 2420.txt 2421.txt 2422.txt
2423.txt 2424.txt 2425.txt 2426.txt 2427.txt
2428.txt 2429.txt 2430.txt 2431.txt 2432.txt
2433.txt 2434.txt 2435.txt 2436.txt 2438.txt
2439.txt 2440.txt 2441.txt 2442.txt 2443.txt
2444.txt 2445.txt 2446.txt
Log message:
* Added a ton of rules that include vulnerabilities in many high-profile
security products, including Checkpoint & ISS gear (see below)
* provided a single high-powered rule for detecting all of the evil virus emails
* added even more docs. (Go Nigel)
2405 || WEB-PHP phptest.php access || bugtraq,9737
2406 || TELNET APC SmartSlot default admin account attempt || bugtraq,9681
2407 || WEB-MISC util.pl access || bugtraq,9748
2408 || WEB-MISC Invision Power Board search.pl access || bugtraq,9766
2409 || POP3 APOP USER overflow attempt || bugtraq,9794
2410 || WEB-PHP IGeneric Free Shopping Cart page.php access || bugtraq,9773
2411 || WEB-MISC Real Server DESCRIBE buffer overflow attempt || \
url,www.service.real.com/help/faq/security/rootexploit091103.html || bugtraq,8476 \
2412 || ATTACK-RESPONSES successful cross site scripting forced download attempt 2413 \
|| EXPLOIT ISAKMP delete hash with empty hash attempt || bugtraq,9416 || \
bugtraq,CAN-2004-0164 2414 || EXPLOIT ISAKMP initial contact notification without SPI \
attempt || bugtraq,9416 || bugtraq,CAN-2004-0164 2415 || EXPLOIT ISAKMP second \
payload initial contact notification without SPI attempt || bugtraq,9416 || \
bugtraq,CAN-2004-0164 2416 || FTP invalid MDTM command attempt
2417 || FTP format string attempt
2418 || MISC MS Terminal Server no encryption session initiation attmept || \
url,www.microsoft.com/technet/security/bulletin/MS01-052.asp 2419 || MULTIMEDIA \
realplayer .ram playlist download attempt 2420 || MULTIMEDIA realplayer .rmp playlist \
download attempt 2421 || MULTIMEDIA realplayer .smi playlist download attempt
2422 || MULTIMEDIA realplayer .rt playlist download attempt
2423 || MULTIMEDIA realplayer .rp playlist download attempt
2424 || NNTP sendsys overflow attempt || bugtraq,9382 || cve,CAN-2004-00045
2425 || NNTP senduuname overflow attempt || bugtraq,9382 || cve,CAN-2004-00045
2426 || NNTP version overflow attempt || bugtraq,9382 || cve,CAN-2004-00045
2427 || NNTP checkgroups overflow attempt || bugtraq,9382 || cve,CAN-2004-00045
2428 || NNTP ihave overflow attempt || bugtraq,9382 || cve,CAN-2004-00045
2429 || NNTP sendme overflow attempt || bugtraq,9382 || cve,CAN-2004-00045
2430 || NNTP newgroup overflow attempt || bugtraq,9382 || cve,CAN-2004-00045
2431 || NNTP rmgroup overflow attempt || bugtraq,9382 || cve,CAN-2004-00045
2432 || NNTP article post without path attempt
2433 || WEB-CGI MDaemon form2raw.cgi overflow attempt || bugtraq,9317
2434 || WEB-CGI MDaemon form2raw.cgi access || bugtraq,9317
2435 || WEB-CLIENT Microsoft emf metafile access || bugtraq,9707
2436 || WEB-CLIENT Microsoft wmf metafile access || bugtraq,9707
2437 || WEB-CLIENT RealPlayer arbitrary javascript command attempt || bugtraq,8453 || \
bugtraq,9738 || cve,CAN-2003-0726 2438 || WEB-CLIENT RealPlayer playlist file URL \
overflow attempt || bugtraq,9579 2439 || WEB-CLIENT RealPlayer playlist http URL \
overflow attempt || bugtraq,9579 2440 || WEB-CLIENT RealPlayer playlist rtsp URL \
overflow attempt || bugtraq,9579 2441 || WEB-MISC NetObserve authentication bypass \
attempt || bugtraq,9319 2442 || WEB-MISC Quicktime User-Agent buffer overflow attempt \
|| cve,CAN-2004-0169 2443 || EXPLOIT ICQ SRV_MULTI/SRV_META_USER first name overflow \
attempt || url,www.eeye.com/html/Research/Advisories/AD20040318.html 2444 || EXPLOIT \
ICQ SRV_MULTI/SRV_META_USER first name overflow attempt || \
url,www.eeye.com/html/Research/Advisories/AD20040318.html 2445 || EXPLOIT ICQ \
SRV_MULTI/SRV_META_USER last name overflow attempt || \
url,www.eeye.com/html/Research/Advisories/AD20040318.html 2446 || EXPLOIT ICQ \
SRV_MULTI/SRV_META_USER email overflow attempt || \
url,www.eeye.com/html/Research/Advisories/AD20040318.html
-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
Snort-cvsinfo mailing list
Snort-cvsinfo@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-cvsinfo
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic