alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"BLEEDING-EDGE TROJAN Matcash or related downloader User-Agent Detected"; flow:established,to_server; content:"User-Agent\: x"; pcre:"/x\w\wx\w\w\!x\w\wx\w\wx\w\w/"; classtype:trojan-activity; reference:url,doc.bleedingthreats.net/2006352; sid:2006352; rev:1;)
Added 2007-07-09 02:53:33 UTC
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB
ProNews? SQL Injection Attempt -- lire-avis.php aa UNION SELECT"; flow:established,to_server; uricontent:"/lire-avis.php?"; nocase; uricontent:"aa="; nocase; pcre:"/UNION\s+SELECT/Ui"; classtype:web-application-attack; reference:cve,CVE-2006-6519; reference:url,www.securityfocus.com/bid/21516; sid:2006352; rev:1;)
Added 2007-06-18 10:16:18 UTC
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB
ProNews? SQL Injection Attempt -- lire-avis.php aa UNION SELECT"; flow:established,to_server; uricontent:"/lire-avis.php?"; nocase; uricontent:"aa="; nocase; pcre:"/UNION\s+SELECT/Ui"; classtype:web-application-attack; reference:cve,CVE-2006-6519; reference:url,www.securityfocus.com/bid/21516; sid:2006352; rev:1;)
Added 2007-06-18 10:16:17 UTC