Sourcefire VRT Update

Date: 2006-12-15

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack.

The format of the file is:

sid - Message (rule group)

New rules:
9326 <-> SPECIFIC-THREATS netsky.p smtp propagation detection (specific-threats.rules)
9327 <-> SPECIFIC-THREATS netsky.af smtp propagation detection (specific-threats.rules)
9328 <-> SPECIFIC-THREATS zhangpo smtp propagation detection (specific-threats.rules)
9329 <-> SPECIFIC-THREATS yarner.b smtp propagation detection (specific-threats.rules)
9330 <-> SPECIFIC-THREATS mydoom.e smtp propagation detection (specific-threats.rules)
9331 <-> SPECIFIC-THREATS mydoom.m smtp propagation detection (specific-threats.rules)
9332 <-> SPECIFIC-THREATS mimail.a smtp propagation detection (specific-threats.rules)
9333 <-> SPECIFIC-THREATS mimail.e smtp propagation detection (specific-threats.rules)
9334 <-> SPECIFIC-THREATS lovgate.c smtp propagation detection (specific-threats.rules)
9335 <-> SPECIFIC-THREATS netsky.b smtp propagation detection (specific-threats.rules)
9336 <-> SPECIFIC-THREATS netsky.t smtp propagation detection (specific-threats.rules)
9337 <-> SPECIFIC-THREATS netsky.x smtp propagation detection (specific-threats.rules)
9338 <-> SPECIFIC-THREATS mydoom.i smtp propagation detection (specific-threats.rules)
9339 <-> SPECIFIC-THREATS klez.g web propagation detection (specific-threats.rules)
9340 <-> SPECIFIC-THREATS klez.i web propagation detection (specific-threats.rules)
9341 <-> SPECIFIC-THREATS sasser open ftp command shell (specific-threats.rules)
9342 <-> SPECIFIC-THREATS paroc.a smtp propagation detection (specific-threats.rules)
9343 <-> SPECIFIC-THREATS kadra smtp propagation detection (specific-threats.rules)
9344 <-> SPECIFIC-THREATS kindal smtp propagation detection (specific-threats.rules)
9345 <-> SPECIFIC-THREATS kipis.a smtp propagation detection (specific-threats.rules)
9346 <-> SPECIFIC-THREATS klez.b web propagation detection (specific-threats.rules)
9347 <-> SPECIFIC-THREATS klez.b netshare propagation detection (specific-threats.rules)
9348 <-> SPECIFIC-THREATS morbex smtp propagation detection (specific-threats.rules)
9349 <-> SPECIFIC-THREATS plemood smtp propagation detection (specific-threats.rules)
9350 <-> SPECIFIC-THREATS mimail.k smtp propagation detection (specific-threats.rules)
9351 <-> SPECIFIC-THREATS lovgate.a netshare propagation detection (specific-threats.rules)
9352 <-> SPECIFIC-THREATS lovgate.a smtp propagation detection (specific-threats.rules)
9353 <-> SPECIFIC-THREATS deborm.x netshare propagation detection (specific-threats.rules)
9354 <-> SPECIFIC-THREATS deborm.y netshare propagation detection (specific-threats.rules)
9355 <-> SPECIFIC-THREATS deborm.u netshare propagation detection (specific-threats.rules)
9356 <-> SPECIFIC-THREATS deborm.q netshare propagation detection (specific-threats.rules)
9357 <-> SPECIFIC-THREATS deborm.r netshare propagation detection (specific-threats.rules)
9358 <-> SPECIFIC-THREATS fizzer smtp propagation detection (specific-threats.rules)
9359 <-> SPECIFIC-THREATS zafi.b smtp propagation detection (specific-threats.rules)
9360 <-> SPECIFIC-THREATS cult.b smtp propagation detection (specific-threats.rules)
9361 <-> SPECIFIC-THREATS mimail.l smtp propagation detection (specific-threats.rules)
9362 <-> SPECIFIC-THREATS mimail.m smtp propagation detection (specific-threats.rules)
9363 <-> SPECIFIC-THREATS klez.d web propagation detection (specific-threats.rules)
9364 <-> SPECIFIC-THREATS klez.e web propagation detection (specific-threats.rules)
9365 <-> SPECIFIC-THREATS cult.c smtp propagation detection (specific-threats.rules)
9366 <-> SPECIFIC-THREATS mimail.s smtp propagation detection (specific-threats.rules)
9367 <-> SPECIFIC-THREATS anset.b smtp propagation detection (specific-threats.rules)
9368 <-> SPECIFIC-THREATS agist.a smtp propagation detection (specific-threats.rules)
9369 <-> SPECIFIC-THREATS atak.a smtp propagation detection (specific-threats.rules)
9370 <-> SPECIFIC-THREATS bagle.b smtp propagation detection (specific-threats.rules)
9371 <-> SPECIFIC-THREATS bagle.e smtp propagation detection (specific-threats.rules)
9372 <-> SPECIFIC-THREATS blebla.a smtp propagation detection (specific-threats.rules)
9373 <-> SPECIFIC-THREATS clepa smtp propagation detection (specific-threats.rules)
9374 <-> SPECIFIC-THREATS creepy.b smtp propagation detection (specific-threats.rules)
9375 <-> SPECIFIC-THREATS duksten.c smtp propagation detection (specific-threats.rules)
9376 <-> SPECIFIC-THREATS fishlet.a smtp propagation detection (specific-threats.rules)
9377 <-> SPECIFIC-THREATS mydoom.g smtp propagation detection (specific-threats.rules)
9378 <-> SPECIFIC-THREATS netsky.q smtp propagation detection (specific-threats.rules)
9379 <-> SPECIFIC-THREATS netsky.s smtp propagation detection (specific-threats.rules)
9380 <-> SPECIFIC-THREATS jitux msn messenger propagation detection (specific-threats.rules)
9381 <-> SPECIFIC-THREATS lara smtp propagation detection (specific-threats.rules)
9382 <-> SPECIFIC-THREATS fearso.c smtp propagation detection (specific-threats.rules)
9383 <-> SPECIFIC-THREATS netsky.y smtp propagation detection (specific-threats.rules)
9384 <-> SPECIFIC-THREATS beglur.a smtp propagation detection (specific-threats.rules)
9385 <-> SPECIFIC-THREATS collo.a smtp propagation detection (specific-threats.rules)
9386 <-> SPECIFIC-THREATS bagle.f smtp propagation detection (specific-threats.rules)
9387 <-> SPECIFIC-THREATS klez.j web propagation detection (specific-threats.rules)
9388 <-> SPECIFIC-THREATS mimail.g smtp propagation detection (specific-threats.rules)
9389 <-> SPECIFIC-THREATS bagle.i smtp propagation detection (specific-threats.rules)
9390 <-> SPECIFIC-THREATS deborm.d netshare propagation detection (specific-threats.rules)
9391 <-> SPECIFIC-THREATS mimail.i smtp propagation detection (specific-threats.rules)
9392 <-> SPECIFIC-THREATS bagle.j smtp propagation detection (specific-threats.rules)
9393 <-> SPECIFIC-THREATS bagle.k smtp propagation detection (specific-threats.rules)
9394 <-> SPECIFIC-THREATS bagle.n smtp propagation detection (specific-threats.rules)
9395 <-> SPECIFIC-THREATS deborm.j netshare propagation detection (specific-threats.rules)
9396 <-> SPECIFIC-THREATS deborm.t netshare propagation detection (specific-threats.rules)
9397 <-> SPECIFIC-THREATS neysid smtp propagation detection (specific-threats.rules)
9398 <-> SPECIFIC-THREATS totilix.a smtp propagation detection (specific-threats.rules)
9399 <-> SPECIFIC-THREATS hanged smtp propagation detection (specific-threats.rules)
9400 <-> SPECIFIC-THREATS abotus smtp propagation detection (specific-threats.rules)
9401 <-> SPECIFIC-THREATS gokar http propagation detectiot (specific-threats.rules)
9402 <-> SPECIFIC-THREATS welchia tftp propagation detection (specific-threats.rules)
9403 <-> SPECIFIC-THREATS netsky.aa smtp propagation detection (specific-threats.rules)
9404 <-> SPECIFIC-THREATS netsky.ac smtp propagation detection (specific-threats.rules)
9405 <-> SPECIFIC-THREATS netsky.af smtp propagation detection (specific-threats.rules)
9406 <-> SPECIFIC-THREATS lovgate.e smtp propagation detection (specific-threats.rules)
9407 <-> SPECIFIC-THREATS lovgate.b netshare propagation detection (specific-threats.rules)
9408 <-> SPECIFIC-THREATS lacrow smtp propagation detection (specific-threats.rules)
9409 <-> SPECIFIC-THREATS atak.b smtp propagation detection (specific-threats.rules)
9410 <-> SPECIFIC-THREATS netsky.z smtp propagation detection (specific-threats.rules)
9411 <-> SPECIFIC-THREATS mimail.f smtp propagation detection (specific-threats.rules)
9412 <-> SPECIFIC-THREATS sinmsn.b msn propagation detection (specific-threats.rules)
9413 <-> SPECIFIC-THREATS ganda smtp propagation detection (specific-threats.rules)
9414 <-> SPECIFIC-THREATS lovelorn.a smtp propagation detection (specific-threats.rules)
9415 <-> SPECIFIC-THREATS plexus.a smtp propagation detection (specific-threats.rules)
9416 <-> SPECIFIC-THREATS bagle.at smtp propagation detection (specific-threats.rules)
9417 <-> SPECIFIC-THREATS bagle.a smtp propagation detection (specific-threats.rules)
9418 <-> SPECIFIC-THREATS bagle.a http notification detection (specific-threats.rules)
9419 <-> SPECIFIC-THREATS sasser attempt (specific-threats.rules)
9420 <-> SPECIFIC-THREATS korgo attempt (specific-threats.rules)
9421 <-> SPECIFIC-THREATS zotob attempt (specific-threats.rules)
9422 <-> SPECIFIC-THREATS msblast attempt (specific-threats.rules)
9423 <-> SPECIFIC-THREATS lovegate attempt (specific-threats.rules)
9424 <-> SPECIFIC-THREATS /winnt/explorer.exe unicode klez infection attempt attempt (specific-threats.rules)
9425 <-> SPECIFIC-THREATS netsky attachment (specific-threats.rules)
9426 <-> SPECIFIC-THREATS mydoom.ap attachment (specific-threats.rules)
9640 <-> WEB-CLIENT ADODB.Connection ActiveX function call access (web-client.rules)
9641 <-> WEB-CLIENT Windows Media Player ASF simple index object parsing buffer overflow attempt (web-client.rules)
9642 <-> WEB-CLIENT Windows Media Player ASF codec list object parsing buffer overflow attempt (web-client.rules)
9643 <-> WEB-CLIENT Windows Media Player ASF marker object parsing buffer overflow attempt (web-client.rules)