Sourcefire VRT Update
Date: 2006-12-15
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack.
The format of the file is:
sid - Message (rule group)
New rules: 9326 <-> SPECIFIC-THREATS netsky.p smtp propagation detection (specific-threats.rules) 9327 <-> SPECIFIC-THREATS netsky.af smtp propagation detection (specific-threats.rules) 9328 <-> SPECIFIC-THREATS zhangpo smtp propagation detection (specific-threats.rules) 9329 <-> SPECIFIC-THREATS yarner.b smtp propagation detection (specific-threats.rules) 9330 <-> SPECIFIC-THREATS mydoom.e smtp propagation detection (specific-threats.rules) 9331 <-> SPECIFIC-THREATS mydoom.m smtp propagation detection (specific-threats.rules) 9332 <-> SPECIFIC-THREATS mimail.a smtp propagation detection (specific-threats.rules) 9333 <-> SPECIFIC-THREATS mimail.e smtp propagation detection (specific-threats.rules) 9334 <-> SPECIFIC-THREATS lovgate.c smtp propagation detection (specific-threats.rules) 9335 <-> SPECIFIC-THREATS netsky.b smtp propagation detection (specific-threats.rules) 9336 <-> SPECIFIC-THREATS netsky.t smtp propagation detection (specific-threats.rules) 9337 <-> SPECIFIC-THREATS netsky.x smtp propagation detection (specific-threats.rules) 9338 <-> SPECIFIC-THREATS mydoom.i smtp propagation detection (specific-threats.rules) 9339 <-> SPECIFIC-THREATS klez.g web propagation detection (specific-threats.rules) 9340 <-> SPECIFIC-THREATS klez.i web propagation detection (specific-threats.rules) 9341 <-> SPECIFIC-THREATS sasser open ftp command shell (specific-threats.rules) 9342 <-> SPECIFIC-THREATS paroc.a smtp propagation detection (specific-threats.rules) 9343 <-> SPECIFIC-THREATS kadra smtp propagation detection (specific-threats.rules) 9344 <-> SPECIFIC-THREATS kindal smtp propagation detection (specific-threats.rules) 9345 <-> SPECIFIC-THREATS kipis.a smtp propagation detection (specific-threats.rules) 9346 <-> SPECIFIC-THREATS klez.b web propagation detection (specific-threats.rules) 9347 <-> SPECIFIC-THREATS klez.b netshare propagation detection (specific-threats.rules) 9348 <-> SPECIFIC-THREATS morbex smtp propagation detection (specific-threats.rules) 9349 <-> SPECIFIC-THREATS plemood smtp propagation detection (specific-threats.rules) 9350 <-> SPECIFIC-THREATS mimail.k smtp propagation detection (specific-threats.rules) 9351 <-> SPECIFIC-THREATS lovgate.a netshare propagation detection (specific-threats.rules) 9352 <-> SPECIFIC-THREATS lovgate.a smtp propagation detection (specific-threats.rules) 9353 <-> SPECIFIC-THREATS deborm.x netshare propagation detection (specific-threats.rules) 9354 <-> SPECIFIC-THREATS deborm.y netshare propagation detection (specific-threats.rules) 9355 <-> SPECIFIC-THREATS deborm.u netshare propagation detection (specific-threats.rules) 9356 <-> SPECIFIC-THREATS deborm.q netshare propagation detection (specific-threats.rules) 9357 <-> SPECIFIC-THREATS deborm.r netshare propagation detection (specific-threats.rules) 9358 <-> SPECIFIC-THREATS fizzer smtp propagation detection (specific-threats.rules) 9359 <-> SPECIFIC-THREATS zafi.b smtp propagation detection (specific-threats.rules) 9360 <-> SPECIFIC-THREATS cult.b smtp propagation detection (specific-threats.rules) 9361 <-> SPECIFIC-THREATS mimail.l smtp propagation detection (specific-threats.rules) 9362 <-> SPECIFIC-THREATS mimail.m smtp propagation detection (specific-threats.rules) 9363 <-> SPECIFIC-THREATS klez.d web propagation detection (specific-threats.rules) 9364 <-> SPECIFIC-THREATS klez.e web propagation detection (specific-threats.rules) 9365 <-> SPECIFIC-THREATS cult.c smtp propagation detection (specific-threats.rules) 9366 <-> SPECIFIC-THREATS mimail.s smtp propagation detection (specific-threats.rules) 9367 <-> SPECIFIC-THREATS anset.b smtp propagation detection (specific-threats.rules) 9368 <-> SPECIFIC-THREATS agist.a smtp propagation detection (specific-threats.rules) 9369 <-> SPECIFIC-THREATS atak.a smtp propagation detection (specific-threats.rules) 9370 <-> SPECIFIC-THREATS bagle.b smtp propagation detection (specific-threats.rules) 9371 <-> SPECIFIC-THREATS bagle.e smtp propagation detection (specific-threats.rules) 9372 <-> SPECIFIC-THREATS blebla.a smtp propagation detection (specific-threats.rules) 9373 <-> SPECIFIC-THREATS clepa smtp propagation detection (specific-threats.rules) 9374 <-> SPECIFIC-THREATS creepy.b smtp propagation detection (specific-threats.rules) 9375 <-> SPECIFIC-THREATS duksten.c smtp propagation detection (specific-threats.rules) 9376 <-> SPECIFIC-THREATS fishlet.a smtp propagation detection (specific-threats.rules) 9377 <-> SPECIFIC-THREATS mydoom.g smtp propagation detection (specific-threats.rules) 9378 <-> SPECIFIC-THREATS netsky.q smtp propagation detection (specific-threats.rules) 9379 <-> SPECIFIC-THREATS netsky.s smtp propagation detection (specific-threats.rules) 9380 <-> SPECIFIC-THREATS jitux msn messenger propagation detection (specific-threats.rules) 9381 <-> SPECIFIC-THREATS lara smtp propagation detection (specific-threats.rules) 9382 <-> SPECIFIC-THREATS fearso.c smtp propagation detection (specific-threats.rules) 9383 <-> SPECIFIC-THREATS netsky.y smtp propagation detection (specific-threats.rules) 9384 <-> SPECIFIC-THREATS beglur.a smtp propagation detection (specific-threats.rules) 9385 <-> SPECIFIC-THREATS collo.a smtp propagation detection (specific-threats.rules) 9386 <-> SPECIFIC-THREATS bagle.f smtp propagation detection (specific-threats.rules) 9387 <-> SPECIFIC-THREATS klez.j web propagation detection (specific-threats.rules) 9388 <-> SPECIFIC-THREATS mimail.g smtp propagation detection (specific-threats.rules) 9389 <-> SPECIFIC-THREATS bagle.i smtp propagation detection (specific-threats.rules) 9390 <-> SPECIFIC-THREATS deborm.d netshare propagation detection (specific-threats.rules) 9391 <-> SPECIFIC-THREATS mimail.i smtp propagation detection (specific-threats.rules) 9392 <-> SPECIFIC-THREATS bagle.j smtp propagation detection (specific-threats.rules) 9393 <-> SPECIFIC-THREATS bagle.k smtp propagation detection (specific-threats.rules) 9394 <-> SPECIFIC-THREATS bagle.n smtp propagation detection (specific-threats.rules) 9395 <-> SPECIFIC-THREATS deborm.j netshare propagation detection (specific-threats.rules) 9396 <-> SPECIFIC-THREATS deborm.t netshare propagation detection (specific-threats.rules) 9397 <-> SPECIFIC-THREATS neysid smtp propagation detection (specific-threats.rules) 9398 <-> SPECIFIC-THREATS totilix.a smtp propagation detection (specific-threats.rules) 9399 <-> SPECIFIC-THREATS hanged smtp propagation detection (specific-threats.rules) 9400 <-> SPECIFIC-THREATS abotus smtp propagation detection (specific-threats.rules) 9401 <-> SPECIFIC-THREATS gokar http propagation detectiot (specific-threats.rules) 9402 <-> SPECIFIC-THREATS welchia tftp propagation detection (specific-threats.rules) 9403 <-> SPECIFIC-THREATS netsky.aa smtp propagation detection (specific-threats.rules) 9404 <-> SPECIFIC-THREATS netsky.ac smtp propagation detection (specific-threats.rules) 9405 <-> SPECIFIC-THREATS netsky.af smtp propagation detection (specific-threats.rules) 9406 <-> SPECIFIC-THREATS lovgate.e smtp propagation detection (specific-threats.rules) 9407 <-> SPECIFIC-THREATS lovgate.b netshare propagation detection (specific-threats.rules) 9408 <-> SPECIFIC-THREATS lacrow smtp propagation detection (specific-threats.rules) 9409 <-> SPECIFIC-THREATS atak.b smtp propagation detection (specific-threats.rules) 9410 <-> SPECIFIC-THREATS netsky.z smtp propagation detection (specific-threats.rules) 9411 <-> SPECIFIC-THREATS mimail.f smtp propagation detection (specific-threats.rules) 9412 <-> SPECIFIC-THREATS sinmsn.b msn propagation detection (specific-threats.rules) 9413 <-> SPECIFIC-THREATS ganda smtp propagation detection (specific-threats.rules) 9414 <-> SPECIFIC-THREATS lovelorn.a smtp propagation detection (specific-threats.rules) 9415 <-> SPECIFIC-THREATS plexus.a smtp propagation detection (specific-threats.rules) 9416 <-> SPECIFIC-THREATS bagle.at smtp propagation detection (specific-threats.rules) 9417 <-> SPECIFIC-THREATS bagle.a smtp propagation detection (specific-threats.rules) 9418 <-> SPECIFIC-THREATS bagle.a http notification detection (specific-threats.rules) 9419 <-> SPECIFIC-THREATS sasser attempt (specific-threats.rules) 9420 <-> SPECIFIC-THREATS korgo attempt (specific-threats.rules) 9421 <-> SPECIFIC-THREATS zotob attempt (specific-threats.rules) 9422 <-> SPECIFIC-THREATS msblast attempt (specific-threats.rules) 9423 <-> SPECIFIC-THREATS lovegate attempt (specific-threats.rules) 9424 <-> SPECIFIC-THREATS /winnt/explorer.exe unicode klez infection attempt attempt (specific-threats.rules) 9425 <-> SPECIFIC-THREATS netsky attachment (specific-threats.rules) 9426 <-> SPECIFIC-THREATS mydoom.ap attachment (specific-threats.rules) 9640 <-> WEB-CLIENT ADODB.Connection ActiveX function call access (web-client.rules) 9641 <-> WEB-CLIENT Windows Media Player ASF simple index object parsing buffer overflow attempt (web-client.rules) 9642 <-> WEB-CLIENT Windows Media Player ASF codec list object parsing buffer overflow attempt (web-client.rules) 9643 <-> WEB-CLIENT Windows Media Player ASF marker object parsing buffer overflow attempt (web-client.rules)
