Sourcefire VRT Rules Update
Date: 2007-06-26
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.3.
The format of the file is:
sid - Message (rule group)
New rules: 11966 <-> WEB-CLIENT Microsoft Internet Explorer CSS tag memory corruption attempt (web-client.rules) 11967 <-> WEB-CLIENT Microsoft Office Data Source Control 11.0 ActiveX function call unicode access (web-client.rules) 12009 <-> SQL Firebird SQL Fbserver Buffer Overflow (sql.rules) 12010 <-> WEB-CLIENT RKD Software BarCode ActiveX clsid access (web-client.rules) 12011 <-> WEB-CLIENT RKD Software BarCode ActiveX clsid unicode access (web-client.rules) 12012 <-> WEB-CLIENT RKD Software BarCode ActiveX function call access (web-client.rules) 12013 <-> WEB-CLIENT RKD Software BarCode ActiveX function call unicode access (web-client.rules) 12014 <-> WEB-MISC Internet Explorer navcancl.htm url spoofing attempt (web-misc.rules) Updated rules: 228 <-> DDOS TFN client command BE (ddos.rules) 251 <-> DDOS - TFN client command LE (ddos.rules) 1079 <-> WEB-MISC WebDAV propfind access (web-misc.rules) 1248 <-> WEB-FRONTPAGE rad fp30reg.dll access (web-frontpage.rules) 4754 <-> NETBIOS DCERPC NCACN-IP-TCP locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules) 4755 <-> NETBIOS DCERPC NCACN-IP-TCP locator nsi_binding_lookup_begin overflow attempt (netbios.rules) 4756 <-> NETBIOS DCERPC NCACN-IP-TCP v4 locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules) 4757 <-> NETBIOS DCERPC NCACN-IP-TCP v4 locator nsi_binding_lookup_begin overflow attempt (netbios.rules) 4758 <-> NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX andx overflow attempt (netbios.rules) 4759 <-> NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX little endian andx overflow attempt (netbios.rules) 4760 <-> NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX little endian overflow attempt (netbios.rules) 4761 <-> NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX overflow attempt (netbios.rules) 4762 <-> NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX unicode andx overflow attempt (netbios.rules) 4763 <-> NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX unicode little endian andx overflow attempt (netbios.rules) 4764 <-> NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX unicode little endian overflow attempt (netbios.rules) 4765 <-> NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX unicode overflow attempt (netbios.rules) 4766 <-> NETBIOS SMB locator nsi_binding_lookup_begin andx overflow attempt (netbios.rules) 4767 <-> NETBIOS SMB locator nsi_binding_lookup_begin little endian andx overflow attempt (netbios.rules) 4768 <-> NETBIOS SMB locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules) 4769 <-> NETBIOS SMB locator nsi_binding_lookup_begin overflow attempt (netbios.rules) 4770 <-> NETBIOS SMB locator nsi_binding_lookup_begin unicode andx overflow attempt (netbios.rules) 4771 <-> NETBIOS SMB locator nsi_binding_lookup_begin unicode little endian andx overflow attempt (netbios.rules) 4772 <-> NETBIOS SMB locator nsi_binding_lookup_begin unicode little endian overflow attempt (netbios.rules) 4773 <-> NETBIOS SMB locator nsi_binding_lookup_begin unicode overflow attempt (netbios.rules) 4774 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX andx overflow attempt (netbios.rules) 4775 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX little endian andx overflow attempt (netbios.rules) 4776 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX little endian overflow attempt (netbios.rules) 4777 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX overflow attempt (netbios.rules) 4778 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX unicode andx overflow attempt (netbios.rules) 4779 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX unicode little endian andx overflow attempt (netbios.rules) 4780 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX unicode little endian overflow attempt (netbios.rules) 4781 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX unicode overflow attempt (netbios.rules) 4782 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin andx overflow attempt (netbios.rules) 4783 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin little endian andx overflow attempt (netbios.rules) 4784 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules) 4785 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin overflow attempt (netbios.rules) 4786 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin unicode andx overflow attempt (netbios.rules) 4787 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin unicode little endian andx overflow attempt (netbios.rules) 4788 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin unicode little endian overflow attempt (netbios.rules) 4789 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin unicode overflow attempt (netbios.rules) 4790 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX andx overflow attempt (netbios.rules) 4791 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX little endian andx overflow attempt (netbios.rules) 4792 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX little endian overflow attempt (netbios.rules) 4793 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX overflow attempt (netbios.rules) 4794 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX unicode andx overflow attempt (netbios.rules) 4795 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX unicode little endian andx overflow attempt (netbios.rules) 4796 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX unicode little endian overflow attempt (netbios.rules) 4797 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX unicode overflow attempt (netbios.rules) 4798 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin andx overflow attempt (netbios.rules) 4799 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin little endian andx overflow attempt (netbios.rules) 4800 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules) 4801 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin overflow attempt (netbios.rules) 4802 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin unicode andx overflow attempt (netbios.rules) 4803 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin unicode little endian andx overflow attempt (netbios.rules) 4804 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin unicode little endian overflow attempt (netbios.rules) 4805 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin unicode overflow attempt (netbios.rules) 4806 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX andx overflow attempt (netbios.rules) 4807 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX little endian andx overflow attempt (netbios.rules) 4808 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX little endian overflow attempt (netbios.rules) 4809 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX overflow attempt (netbios.rules) 4810 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX unicode andx overflow attempt (netbios.rules) 4811 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX unicode little endian andx overflow attempt (netbios.rules) 4812 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX unicode little endian overflow attempt (netbios.rules) 4813 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX unicode overflow attempt (netbios.rules) 4814 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin andx overflow attempt (netbios.rules) 4815 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin little endian andx overflow attempt (netbios.rules) 4816 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules) 4817 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin overflow attempt (netbios.rules) 4818 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin unicode andx overflow attempt (netbios.rules) 4819 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin unicode little endian andx overflow attempt (netbios.rules) 4820 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin unicode little endian overflow attempt (netbios.rules) 4821 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin unicode overflow attempt (netbios.rules) 4822 <-> NETBIOS DCERPC NCADG-IP-UDP locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules) 4823 <-> NETBIOS DCERPC NCADG-IP-UDP locator nsi_binding_lookup_begin overflow attempt (netbios.rules) 4824 <-> NETBIOS DCERPC NCADG-IP-UDP v4 locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules) 4825 <-> NETBIOS DCERPC NCADG-IP-UDP v4 locator nsi_binding_lookup_begin overflow attempt (netbios.rules) 4826 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance unicode little endian attempt (netbios.rules) 4827 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance unicode little endian attempt (netbios.rules) 4828 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode little endian attempt (netbios.rules) 4829 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance unicode attempt (netbios.rules) 4830 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode attempt (netbios.rules) 4831 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance little endian attempt (netbios.rules) 4832 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode attempt (netbios.rules) 4833 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance WriteAndX attempt (netbios.rules) 4834 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance attempt (netbios.rules) 4835 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance little endian attempt (netbios.rules) 4836 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance WriteAndX attempt (netbios.rules) 4837 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance unicode attempt (netbios.rules) 4838 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode little endian attempt (netbios.rules) 4839 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance unicode attempt (netbios.rules) 4840 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance WriteAndX little endian attempt (netbios.rules) 4841 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance unicode little endian attempt (netbios.rules) 4842 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode little endian attempt (netbios.rules) 4843 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance WriteAndX little endian attempt (netbios.rules) 4844 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance unicode attempt (netbios.rules) 4845 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance unicode little endian attempt (netbios.rules) 4846 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX attempt (netbios.rules) 4847 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance attempt (netbios.rules) 4848 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX attempt (netbios.rules) 4849 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance attempt (netbios.rules) 4850 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode attempt (netbios.rules) 4851 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX little endian attempt (netbios.rules) 4852 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX little endian attempt (netbios.rules) 4853 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance little endian attempt (netbios.rules) 4854 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance little endian attempt (netbios.rules) 4855 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode little endian attempt (netbios.rules) 4856 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance attempt (netbios.rules) 4857 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode attempt (netbios.rules) 4858 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance unicode little endian andx attempt (netbios.rules) 4859 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance unicode little endian andx attempt (netbios.rules) 4860 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode little endian andx attempt (netbios.rules) 4861 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance unicode andx attempt (netbios.rules) 4862 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode andx attempt (netbios.rules) 4863 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance little endian andx attempt (netbios.rules) 4864 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode andx attempt (netbios.rules) 4865 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance WriteAndX andx attempt (netbios.rules) 4866 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance andx attempt (netbios.rules) 4867 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance little endian andx attempt (netbios.rules) 4868 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance WriteAndX andx attempt (netbios.rules) 4869 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance unicode andx attempt (netbios.rules) 4870 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode little endian andx attempt (netbios.rules) 4871 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance unicode andx attempt (netbios.rules) 4872 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance WriteAndX little endian andx attempt (netbios.rules) 4873 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance unicode little endian andx attempt (netbios.rules) 4874 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode little endian andx attempt (netbios.rules) 4875 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance WriteAndX little endian andx attempt (netbios.rules) 4876 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance unicode andx attempt (netbios.rules) 4877 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance unicode little endian andx attempt (netbios.rules) 4878 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX andx attempt (netbios.rules) 4879 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance andx attempt (netbios.rules) 4880 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX andx attempt (netbios.rules) 4881 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance andx attempt (netbios.rules) 4882 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode andx attempt (netbios.rules) 4883 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX little endian andx attempt (netbios.rules) 4884 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX little endian andx attempt (netbios.rules) 4885 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance little endian andx attempt (netbios.rules) 4886 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance little endian andx attempt (netbios.rules) 4887 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode little endian andx attempt (netbios.rules) 4888 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance andx attempt (netbios.rules) 4889 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode andx attempt (netbios.rules) 4918 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList dos attempt (netbios.rules) 4919 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList dos attempt (netbios.rules) 4920 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList WriteAndX little endian dos attempt (netbios.rules) 4921 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList WriteAndX dos attempt (netbios.rules) 4922 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList unicode dos attempt (netbios.rules) 4923 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList WriteAndX unicode little endian dos attempt (netbios.rules) 4924 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList little endian dos attempt (netbios.rules) 4925 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList WriteAndX little endian dos attempt (netbios.rules) 4926 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList WriteAndX unicode dos attempt (netbios.rules) 4927 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList WriteAndX unicode little endian dos attempt (netbios.rules) 4928 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList unicode dos attempt (netbios.rules) 4929 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList WriteAndX unicode dos attempt (netbios.rules) 4930 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList little endian dos attempt (netbios.rules) 4931 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList WriteAndX dos attempt (netbios.rules) 4932 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList unicode little endian dos attempt (netbios.rules) 4933 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList WriteAndX little endian dos attempt (netbios.rules) 4934 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList WriteAndX unicode dos attempt (netbios.rules) 4935 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList WriteAndX unicode little endian dos attempt (netbios.rules) 4936 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList unicode dos attempt (netbios.rules) 4937 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList unicode little endian dos attempt (netbios.rules) 4938 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList WriteAndX little endian dos attempt (netbios.rules) 4939 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList WriteAndX unicode little endian dos attempt (netbios.rules) 4940 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList unicode dos attempt (netbios.rules) 4941 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList dos attempt (netbios.rules) 4942 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList dos attempt (netbios.rules) 4943 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList WriteAndX dos attempt (netbios.rules) 4944 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList little endian dos attempt (netbios.rules) 4945 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList little endian dos attempt (netbios.rules) 4946 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList unicode little endian dos attempt (netbios.rules) 4947 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList WriteAndX unicode dos attempt (netbios.rules) 4948 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList unicode little endian dos attempt (netbios.rules) 4949 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList WriteAndX dos attempt (netbios.rules) 4950 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList andx dos attempt (netbios.rules) 4951 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList andx dos attempt (netbios.rules) 4952 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList WriteAndX little endian andx dos attempt (netbios.rules) 4953 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList WriteAndX andx dos attempt (netbios.rules) 4954 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList unicode andx dos attempt (netbios.rules) 4955 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList WriteAndX unicode little endian andx dos attempt (netbios.rules) 4956 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList little endian andx dos attempt (netbios.rules) 4957 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList WriteAndX little endian andx dos attempt (netbios.rules) 4958 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList WriteAndX unicode andx dos attempt (netbios.rules) 4959 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList WriteAndX unicode little endian andx dos attempt (netbios.rules) 4960 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList unicode andx dos attempt (netbios.rules) 4961 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList WriteAndX unicode andx dos attempt (netbios.rules) 4962 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList little endian andx dos attempt (netbios.rules) 4963 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList WriteAndX andx dos attempt (netbios.rules) 4964 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList unicode little endian andx dos attempt (netbios.rules) 4965 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList WriteAndX little endian andx dos attempt (netbios.rules) 4966 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList WriteAndX unicode andx dos attempt (netbios.rules) 4967 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList WriteAndX unicode little endian andx dos attempt (netbios.rules) 4968 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList unicode andx dos attempt (netbios.rules) 4969 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList unicode little endian andx dos attempt (netbios.rules) 4970 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList WriteAndX little endian andx dos attempt (netbios.rules) 4971 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList WriteAndX unicode little endian andx dos attempt (netbios.rules) 4972 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList unicode andx dos attempt (netbios.rules) 4973 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList andx dos attempt (netbios.rules) 4974 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList andx dos attempt (netbios.rules) 4975 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList WriteAndX andx dos attempt (netbios.rules) 4976 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList little endian andx dos attempt (netbios.rules) 4977 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList little endian andx dos attempt (netbios.rules) 4978 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList unicode little endian andx dos attempt (netbios.rules) 4979 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList WriteAndX unicode andx dos attempt (netbios.rules) 4980 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList unicode little endian andx dos attempt (netbios.rules) 4981 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList WriteAndX andx dos attempt (netbios.rules) 6410 <-> WEB-FRONTPAGE frontpage server extension long host string overflow attempt (web-frontpage.rules) 6471 <-> EXPLOIT RealVNC password authentication bypass vulnerability attempt (exploit.rules) 7724 <-> BACKDOOR reversable ver1.0 runtime detection - initial connection - flowbit set (backdoor.rules) 7725 <-> DELETED BACKDOOR reversable ver1.0 runtime detection - initial connection (deleted.rules) 8441 <-> WEB-MISC McAfee header buffer overflow attempt (web-misc.rules) 8723 <-> WEB-CLIENT Microsoft Office Data Source Control 11.0 ActiveX clsid access (web-client.rules) 8724 <-> WEB-CLIENT Microsoft Office Data Source Control 11.0 ActiveX clsid unicode access (web-client.rules) 9820 <-> WEB-CLIENT Microsoft Office Data Source Control 11.0 ActiveX function call access (web-client.rules) 10130 <-> POLICY VERITAS NetBackup system execution function call access attempt (policy.rules) 10158 <-> DELETED NETBIOS SMB writex possible Snort dcerpc preprocessor overflow attempt (deleted.rules) 10159 <-> DELETED NETBIOS SMB-DS writex possible Snort dcerpc preprocessor overflow attempt (deleted.rules) 10160 <-> DELETED NETBIOS-DG SMB writex possible Snort dcerpc preprocessor overflow attempt (deleted.rules) 10482 <-> RPC portmap CA BrightStor ARCserve tcp request (rpc.rules) 10483 <-> RPC portmap CA BrightStor ARCserve udp request (rpc.rules) 10484 <-> RPC portmap CA BrightStor ARCserve tcp procedure 191 attempt (rpc.rules) 10485 <-> RPC portmap CA BrightStor ARCserve udp procedure 191 attempt (rpc.rules) 11616 <-> WEB-MISC Symantec Sygate Policy Manager SQL injection (web-misc.rules) 11834 <-> WEB-MISC Internet Explorer navcancl.htm url spoofing attempt (web-misc.rules) 11836 <-> MISC Visio version number anomaly (misc.rules)
