Sourcefire VRT Rules Update

Date: 2007-06-26

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.4.

The format of the file is:

sid - Message (rule group)

New rules:
11966 <-> WEB-CLIENT Microsoft Internet Explorer CSS tag memory corruption attempt (web-client.rules)
11967 <-> WEB-CLIENT Microsoft Office Data Source Control 11.0 ActiveX function call unicode access (web-client.rules)
12009 <-> SQL Firebird SQL Fbserver Buffer Overflow (sql.rules)
12010 <-> WEB-CLIENT RKD Software BarCode ActiveX clsid access (web-client.rules)
12011 <-> WEB-CLIENT RKD Software BarCode ActiveX clsid unicode access (web-client.rules)
12012 <-> WEB-CLIENT RKD Software BarCode ActiveX function call access (web-client.rules)
12013 <-> WEB-CLIENT RKD Software BarCode ActiveX function call unicode access (web-client.rules)
12014 <-> WEB-MISC Internet Explorer navcancl.htm url spoofing attempt (web-misc.rules)

Updated rules:
 228 <-> DDOS TFN client command BE (ddos.rules)
 251 <-> DDOS - TFN client command LE (ddos.rules)
1079 <-> WEB-MISC WebDAV propfind access (web-misc.rules)
1248 <-> WEB-FRONTPAGE rad fp30reg.dll access (web-frontpage.rules)
4754 <-> NETBIOS DCERPC NCACN-IP-TCP locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules)
4755 <-> NETBIOS DCERPC NCACN-IP-TCP locator nsi_binding_lookup_begin overflow attempt (netbios.rules)
4756 <-> NETBIOS DCERPC NCACN-IP-TCP v4 locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules)
4757 <-> NETBIOS DCERPC NCACN-IP-TCP v4 locator nsi_binding_lookup_begin overflow attempt (netbios.rules)
4758 <-> NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX andx overflow attempt (netbios.rules)
4759 <-> NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX little endian andx overflow attempt (netbios.rules)
4760 <-> NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX little endian overflow attempt (netbios.rules)
4761 <-> NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX overflow attempt (netbios.rules)
4762 <-> NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX unicode andx overflow attempt (netbios.rules)
4763 <-> NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX unicode little endian andx overflow attempt (netbios.rules)
4764 <-> NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX unicode little endian overflow attempt (netbios.rules)
4765 <-> NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX unicode overflow attempt (netbios.rules)
4766 <-> NETBIOS SMB locator nsi_binding_lookup_begin andx overflow attempt (netbios.rules)
4767 <-> NETBIOS SMB locator nsi_binding_lookup_begin little endian andx overflow attempt (netbios.rules)
4768 <-> NETBIOS SMB locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules)
4769 <-> NETBIOS SMB locator nsi_binding_lookup_begin overflow attempt (netbios.rules)
4770 <-> NETBIOS SMB locator nsi_binding_lookup_begin unicode andx overflow attempt (netbios.rules)
4771 <-> NETBIOS SMB locator nsi_binding_lookup_begin unicode little endian andx overflow attempt (netbios.rules)
4772 <-> NETBIOS SMB locator nsi_binding_lookup_begin unicode little endian overflow attempt (netbios.rules)
4773 <-> NETBIOS SMB locator nsi_binding_lookup_begin unicode overflow attempt (netbios.rules)
4774 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX andx overflow attempt (netbios.rules)
4775 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX little endian andx overflow attempt (netbios.rules)
4776 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX little endian overflow attempt (netbios.rules)
4777 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX overflow attempt (netbios.rules)
4778 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX unicode andx overflow attempt (netbios.rules)
4779 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX unicode little endian andx overflow attempt (netbios.rules)
4780 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX unicode little endian overflow attempt (netbios.rules)
4781 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX unicode overflow attempt (netbios.rules)
4782 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin andx overflow attempt (netbios.rules)
4783 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin little endian andx overflow attempt (netbios.rules)
4784 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules)
4785 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin overflow attempt (netbios.rules)
4786 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin unicode andx overflow attempt (netbios.rules)
4787 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin unicode little endian andx overflow attempt (netbios.rules)
4788 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin unicode little endian overflow attempt (netbios.rules)
4789 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin unicode overflow attempt (netbios.rules)
4790 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX andx overflow attempt (netbios.rules)
4791 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX little endian andx overflow attempt (netbios.rules)
4792 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX little endian overflow attempt (netbios.rules)
4793 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX overflow attempt (netbios.rules)
4794 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX unicode andx overflow attempt (netbios.rules)
4795 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX unicode little endian andx overflow attempt (netbios.rules)
4796 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX unicode little endian overflow attempt (netbios.rules)
4797 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX unicode overflow attempt (netbios.rules)
4798 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin andx overflow attempt (netbios.rules)
4799 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin little endian andx overflow attempt (netbios.rules)
4800 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules)
4801 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin overflow attempt (netbios.rules)
4802 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin unicode andx overflow attempt (netbios.rules)
4803 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin unicode little endian andx overflow attempt (netbios.rules)
4804 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin unicode little endian overflow attempt (netbios.rules)
4805 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin unicode overflow attempt (netbios.rules)
4806 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX andx overflow attempt (netbios.rules)
4807 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX little endian andx overflow attempt (netbios.rules)
4808 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX little endian overflow attempt (netbios.rules)
4809 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX overflow attempt (netbios.rules)
4810 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX unicode andx overflow attempt (netbios.rules)
4811 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX unicode little endian andx overflow attempt (netbios.rules)
4812 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX unicode little endian overflow attempt (netbios.rules)
4813 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX unicode overflow attempt (netbios.rules)
4814 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin andx overflow attempt (netbios.rules)
4815 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin little endian andx overflow attempt (netbios.rules)
4816 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules)
4817 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin overflow attempt (netbios.rules)
4818 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin unicode andx overflow attempt (netbios.rules)
4819 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin unicode little endian andx overflow attempt (netbios.rules)
4820 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin unicode little endian overflow attempt (netbios.rules)
4821 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin unicode overflow attempt (netbios.rules)
4822 <-> NETBIOS DCERPC NCADG-IP-UDP locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules)
4823 <-> NETBIOS DCERPC NCADG-IP-UDP locator nsi_binding_lookup_begin overflow attempt (netbios.rules)
4824 <-> NETBIOS DCERPC NCADG-IP-UDP v4 locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules)
4825 <-> NETBIOS DCERPC NCADG-IP-UDP v4 locator nsi_binding_lookup_begin overflow attempt (netbios.rules)
4826 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance unicode little endian attempt (netbios.rules)
4827 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance unicode little endian attempt (netbios.rules)
4828 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode little endian attempt (netbios.rules)
4829 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance unicode attempt (netbios.rules)
4830 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode attempt (netbios.rules)
4831 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance little endian attempt (netbios.rules)
4832 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode attempt (netbios.rules)
4833 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance WriteAndX attempt (netbios.rules)
4834 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance attempt (netbios.rules)
4835 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance little endian attempt (netbios.rules)
4836 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance WriteAndX attempt (netbios.rules)
4837 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance unicode attempt (netbios.rules)
4838 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode little endian attempt (netbios.rules)
4839 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance unicode attempt (netbios.rules)
4840 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance WriteAndX little endian attempt (netbios.rules)
4841 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance unicode little endian attempt (netbios.rules)
4842 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode little endian attempt (netbios.rules)
4843 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance WriteAndX little endian attempt (netbios.rules)
4844 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance unicode attempt (netbios.rules)
4845 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance unicode little endian attempt (netbios.rules)
4846 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX attempt (netbios.rules)
4847 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance attempt (netbios.rules)
4848 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX attempt (netbios.rules)
4849 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance attempt (netbios.rules)
4850 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode attempt (netbios.rules)
4851 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX little endian attempt (netbios.rules)
4852 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX little endian attempt (netbios.rules)
4853 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance little endian attempt (netbios.rules)
4854 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance little endian attempt (netbios.rules)
4855 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode little endian attempt (netbios.rules)
4856 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance attempt (netbios.rules)
4857 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode attempt (netbios.rules)
4858 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance unicode little endian andx attempt (netbios.rules)
4859 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance unicode little endian andx attempt (netbios.rules)
4860 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode little endian andx attempt (netbios.rules)
4861 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance unicode andx attempt (netbios.rules)
4862 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode andx attempt (netbios.rules)
4863 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance little endian andx attempt (netbios.rules)
4864 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode andx attempt (netbios.rules)
4865 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance WriteAndX andx attempt (netbios.rules)
4866 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance andx attempt (netbios.rules)
4867 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance little endian andx attempt (netbios.rules)
4868 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance WriteAndX andx attempt (netbios.rules)
4869 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance unicode andx attempt (netbios.rules)
4870 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode little endian andx attempt (netbios.rules)
4871 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance unicode andx attempt (netbios.rules)
4872 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance WriteAndX little endian andx attempt (netbios.rules)
4873 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance unicode little endian andx attempt (netbios.rules)
4874 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode little endian andx attempt (netbios.rules)
4875 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance WriteAndX little endian andx attempt (netbios.rules)
4876 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance unicode andx attempt (netbios.rules)
4877 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance unicode little endian andx attempt (netbios.rules)
4878 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX andx attempt (netbios.rules)
4879 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance andx attempt (netbios.rules)
4880 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX andx attempt (netbios.rules)
4881 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance andx attempt (netbios.rules)
4882 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode andx attempt (netbios.rules)
4883 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX little endian andx attempt (netbios.rules)
4884 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX little endian andx attempt (netbios.rules)
4885 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance little endian andx attempt (netbios.rules)
4886 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance little endian andx attempt (netbios.rules)
4887 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode little endian andx attempt (netbios.rules)
4888 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance andx attempt (netbios.rules)
4889 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode andx attempt (netbios.rules)
4918 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList dos attempt (netbios.rules)
4919 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList dos attempt (netbios.rules)
4920 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList WriteAndX little endian dos attempt (netbios.rules)
4921 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList WriteAndX dos attempt (netbios.rules)
4922 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList unicode dos attempt (netbios.rules)
4923 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList WriteAndX unicode little endian dos attempt (netbios.rules)
4924 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList little endian dos attempt (netbios.rules)
4925 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList WriteAndX little endian dos attempt (netbios.rules)
4926 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList WriteAndX unicode dos attempt (netbios.rules)
4927 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList WriteAndX unicode little endian dos attempt (netbios.rules)
4928 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList unicode dos attempt (netbios.rules)
4929 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList WriteAndX unicode dos attempt (netbios.rules)
4930 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList little endian dos attempt (netbios.rules)
4931 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList WriteAndX dos attempt (netbios.rules)
4932 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList unicode little endian dos attempt (netbios.rules)
4933 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList WriteAndX little endian dos attempt (netbios.rules)
4934 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList WriteAndX unicode dos attempt (netbios.rules)
4935 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList WriteAndX unicode little endian dos attempt (netbios.rules)
4936 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList unicode dos attempt (netbios.rules)
4937 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList unicode little endian dos attempt (netbios.rules)
4938 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList WriteAndX little endian dos attempt (netbios.rules)
4939 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList WriteAndX unicode little endian dos attempt (netbios.rules)
4940 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList unicode dos attempt (netbios.rules)
4941 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList dos attempt (netbios.rules)
4942 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList dos attempt (netbios.rules)
4943 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList WriteAndX dos attempt (netbios.rules)
4944 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList little endian dos attempt (netbios.rules)
4945 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList little endian dos attempt (netbios.rules)
4946 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList unicode little endian dos attempt (netbios.rules)
4947 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList WriteAndX unicode dos attempt (netbios.rules)
4948 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList unicode little endian dos attempt (netbios.rules)
4949 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList WriteAndX dos attempt (netbios.rules)
4950 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList andx dos attempt (netbios.rules)
4951 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList andx dos attempt (netbios.rules)
4952 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList WriteAndX little endian andx dos attempt (netbios.rules)
4953 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList WriteAndX andx dos attempt (netbios.rules)
4954 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList unicode andx dos attempt (netbios.rules)
4955 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList WriteAndX unicode little endian andx dos attempt (netbios.rules)
4956 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList little endian andx dos attempt (netbios.rules)
4957 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList WriteAndX little endian andx dos attempt (netbios.rules)
4958 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList WriteAndX unicode andx dos attempt (netbios.rules)
4959 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList WriteAndX unicode little endian andx dos attempt (netbios.rules)
4960 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList unicode andx dos attempt (netbios.rules)
4961 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList WriteAndX unicode andx dos attempt (netbios.rules)
4962 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList little endian andx dos attempt (netbios.rules)
4963 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList WriteAndX andx dos attempt (netbios.rules)
4964 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList unicode little endian andx dos attempt (netbios.rules)
4965 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList WriteAndX little endian andx dos attempt (netbios.rules)
4966 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList WriteAndX unicode andx dos attempt (netbios.rules)
4967 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList WriteAndX unicode little endian andx dos attempt (netbios.rules)
4968 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList unicode andx dos attempt (netbios.rules)
4969 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList unicode little endian andx dos attempt (netbios.rules)
4970 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList WriteAndX little endian andx dos attempt (netbios.rules)
4971 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList WriteAndX unicode little endian andx dos attempt (netbios.rules)
4972 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList unicode andx dos attempt (netbios.rules)
4973 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList andx dos attempt (netbios.rules)
4974 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList andx dos attempt (netbios.rules)
4975 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList WriteAndX andx dos attempt (netbios.rules)
4976 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList little endian andx dos attempt (netbios.rules)
4977 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList little endian andx dos attempt (netbios.rules)
4978 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList unicode little endian andx dos attempt (netbios.rules)
4979 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList WriteAndX unicode andx dos attempt (netbios.rules)
4980 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList unicode little endian andx dos attempt (netbios.rules)
4981 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList WriteAndX andx dos attempt (netbios.rules)
6410 <-> WEB-FRONTPAGE frontpage server extension long host string overflow attempt (web-frontpage.rules)
6471 <-> EXPLOIT RealVNC password authentication bypass vulnerability attempt (exploit.rules)
7724 <-> BACKDOOR reversable ver1.0 runtime detection - initial connection - flowbit set (backdoor.rules)
7725 <-> DELETED BACKDOOR reversable ver1.0 runtime detection - initial connection (deleted.rules)
8441 <-> WEB-MISC McAfee header buffer overflow attempt (web-misc.rules)
8723 <-> WEB-CLIENT Microsoft Office Data Source Control 11.0 ActiveX clsid access (web-client.rules)
8724 <-> WEB-CLIENT Microsoft Office Data Source Control 11.0 ActiveX clsid unicode access (web-client.rules)
9813 <-> EXPLOIT Symantec NetBackup connect_options buffer overflow attempt (exploit.rules)
9820 <-> WEB-CLIENT Microsoft Office Data Source Control 11.0 ActiveX function call access (web-client.rules)
10130 <-> POLICY VERITAS NetBackup system execution function call access attempt (policy.rules)
10158 <-> DELETED NETBIOS SMB writex possible Snort dcerpc preprocessor overflow attempt (deleted.rules)
10159 <-> DELETED NETBIOS SMB-DS writex possible Snort dcerpc preprocessor overflow attempt (deleted.rules)
10160 <-> DELETED NETBIOS-DG SMB writex possible Snort dcerpc preprocessor overflow attempt (deleted.rules)
10482 <-> RPC portmap CA BrightStor ARCserve tcp request (rpc.rules)
10483 <-> RPC portmap CA BrightStor ARCserve udp request (rpc.rules)
10484 <-> RPC portmap CA BrightStor ARCserve tcp procedure 191 attempt (rpc.rules)
10485 <-> RPC portmap CA BrightStor ARCserve udp procedure 191 attempt (rpc.rules)
11616 <-> WEB-MISC Symantec Sygate Policy Manager SQL injection (web-misc.rules)
11834 <-> WEB-MISC Internet Explorer navcancl.htm url spoofing attempt (web-misc.rules)
11836 <-> MISC Visio version number anomaly (misc.rules)