Sourcefire VRT Rules Update

Date: 2007-06-11

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.6.

The format of the file is:

sid - Message (rule group)

New rules:
11620 <-> WEB-CLIENT DXImageTransform.Microsoft.Chroma ActiveX function call access (web-client.rules)
11621 <-> WEB-CLIENT DXImageTransform.Microsoft.Chroma ActiveX function call unicode access (web-client.rules)
11622 <-> WEB-CLIENT Microsoft Office 2000 OUACTR ActiveX clsid access (web-client.rules)
11623 <-> WEB-CLIENT Microsoft Office 2000 OUACTR ActiveX clsid unicode access (web-client.rules)
11624 <-> WEB-CLIENT LeadTools ISIS ActiveX clsid access (web-client.rules)
11625 <-> WEB-CLIENT LeadTools ISIS ActiveX clsid unicode access (web-client.rules)
11626 <-> WEB-CLIENT LeadTools ISIS ActiveX function call access (web-client.rules)
11627 <-> WEB-CLIENT LeadTools ISIS ActiveX function call unicode access (web-client.rules)
11628 <-> WEB-CLIENT LeadTools JPEG 2000 COM Object ActiveX function call access (web-client.rules)
11629 <-> WEB-CLIENT LeadTools JPEG 2000 COM Object ActiveX function call unicode access (web-client.rules)
11630 <-> WEB-CLIENT LeadTools Raster Dialog File Object ActiveX clsid access (web-client.rules)
11631 <-> WEB-CLIENT LeadTools Raster Dialog File Object ActiveX clsid unicode access (web-client.rules)
11632 <-> WEB-CLIENT LeadTools Raster Dialog File Object ActiveX function call access (web-client.rules)
11633 <-> WEB-CLIENT LeadTools Raster Dialog File Object ActiveX function call unicode access (web-client.rules)
11634 <-> WEB-CLIENT LeadTools Raster Dialog File_D Object ActiveX clsid access (web-client.rules)
11635 <-> WEB-CLIENT LeadTools Raster Dialog File_D Object ActiveX clsid unicode access (web-client.rules)
11636 <-> WEB-CLIENT LeadTools Raster Dialog File_D Object ActiveX function call access (web-client.rules)
11637 <-> WEB-CLIENT LeadTools Raster Dialog File_D Object ActiveX function call unicode access (web-client.rules)
11638 <-> WEB-CLIENT LeadTools Raster Document Object Library ActiveX clsid access (web-client.rules)
11639 <-> WEB-CLIENT LeadTools Raster Document Object Library ActiveX clsid unicode access (web-client.rules)
11640 <-> WEB-CLIENT LeadTools Raster Document Object Library ActiveX function call access (web-client.rules)
11641 <-> WEB-CLIENT LeadTools Raster Document Object Library ActiveX function call unicode access (web-client.rules)
11642 <-> WEB-CLIENT LeadTools Raster ISIS Object ActiveX clsid access (web-client.rules)
11643 <-> WEB-CLIENT LeadTools Raster ISIS Object ActiveX clsid unicode access (web-client.rules)
11644 <-> WEB-CLIENT LeadTools Raster ISIS Object ActiveX function call access (web-client.rules)
11645 <-> WEB-CLIENT LeadTools Raster ISIS Object ActiveX function call unicode access (web-client.rules)
11646 <-> WEB-CLIENT LeadTools Raster Thumbnail Object Library ActiveX clsid access (web-client.rules)
11647 <-> WEB-CLIENT LeadTools Raster Thumbnail Object Library ActiveX clsid unicode access (web-client.rules)
11648 <-> WEB-CLIENT LeadTools Raster Thumbnail Object Library ActiveX function call access (web-client.rules)
11649 <-> WEB-CLIENT LeadTools Raster Thumbnail Object Library ActiveX function call unicode access (web-client.rules)
11650 <-> WEB-CLIENT LeadTools Raster Variant Object Library ActiveX clsid access (web-client.rules)
11651 <-> WEB-CLIENT LeadTools Raster Variant Object Library ActiveX clsid unicode access (web-client.rules)
11652 <-> WEB-CLIENT LeadTools Raster Variant Object Library ActiveX function call access (web-client.rules)
11653 <-> WEB-CLIENT LeadTools Raster Variant Object Library ActiveX function call unicode access (web-client.rules)
11654 <-> WEB-CLIENT LeadTools Thumbnail Browser Control ActiveX clsid access (web-client.rules)
11655 <-> WEB-CLIENT LeadTools Thumbnail Browser Control ActiveX clsid unicode access (web-client.rules)
11656 <-> WEB-CLIENT LeadTools Thumbnail Browser Control ActiveX function call access (web-client.rules)
11657 <-> WEB-CLIENT LeadTools Thumbnail Browser Control ActiveX function call unicode access (web-client.rules)
11658 <-> WEB-CLIENT Dart ZipLite Compression ActiveX clsid access (web-client.rules)
11659 <-> WEB-CLIENT Dart ZipLite Compression ActiveX clsid unicode access (web-client.rules)
11660 <-> WEB-CLIENT EDraw Office Viewer ActiveX clsid access (web-client.rules)
11661 <-> WEB-CLIENT EDraw Office Viewer ActiveX clsid unicode access (web-client.rules)
11662 <-> WEB-CLIENT EDraw Office Viewer ActiveX function call access (web-client.rules)
11663 <-> WEB-CLIENT EDraw Office Viewer ActiveX function call unicode access (web-client.rules)
11664 <-> WEB-PHP sphpblog password.txt access attempt (web-php.rules)
11665 <-> WEB-PHP sphpblog install03_cgi access attempt (web-php.rules)
11666 <-> WEB-PHP sphpblog upload_img_cgi access attempt (web-php.rules)
11667 <-> WEB-PHP sphpblog arbitrary file delete attempt (web-php.rules)
11668 <-> WEB-PHP vbulletin php code injection (web-php.rules)
11669 <-> SPECIFIC-THREATS Eudora 250 command response buffer overflow (specific-threats.rules)
11670 <-> EXPLOIT Symantec Discovery logging buffer overflow (exploit.rules)
11671 <-> WEB-MISC SSLv2 Server_Hello request from SSLv3 Client_Hello request (web-misc.rules)
11673 <-> WEB-CLIENT Zenturi ProgramChecker ActiveX clsid access (web-client.rules)
11674 <-> WEB-CLIENT Zenturi ProgramChecker ActiveX clsid unicode access (web-client.rules)
11675 <-> WEB-CLIENT Zenturi ProgramChecker ActiveX function call access (web-client.rules)
11676 <-> WEB-CLIENT Zenturi ProgramChecker ActiveX function call unicode access (web-client.rules)
11677 <-> WEB-CLIENT Provideo Camimage Class ISSCamControl ActiveX clsid access (web-client.rules)
11678 <-> WEB-CLIENT Provideo Camimage Class ISSCamControl ActiveX clsid unicode access (web-client.rules)
11679 <-> WEB-MISC Apache mod_rewrite buffer overflow attempt (web-misc.rules)
11680 <-> MISC Sun Java web proxy sockd buffer overflow attempt (misc.rules)
11681 <-> EXPLOIT Openview Omni II command bypass attempt (exploit.rules)
11682 <-> SPECIFIC THREAT Metasploit niprint_lpd module attack (specific-threats.rules)
11683 <-> SPECIFIC-THREATS CA BrightStor Agent for Microsoft SQL Overflow (specific-threats.rules)
11684 <-> EXPLOIT WINS Overflow attempt (exploit.rules)
11685 <-> WEB-MISC Oracle iSQL Plus cross site scripting attempt (web-misc.rules)
11686 <-> SPECIFIC-THREATS WebDAV search overflow (specific-threats.rules)
11687 <-> WEB-MISC Apache SSI error page cross-site scripting (web-misc.rules)
11688 <-> NETBIOS SMB nddeapi bind attempt (netbios.rules)
11689 <-> NETBIOS SMB nddeapi unicode bind attempt (netbios.rules)
11690 <-> NETBIOS SMB nddeapi WriteAndX bind attempt (netbios.rules)
11691 <-> NETBIOS SMB nddeapi WriteAndX unicode bind attempt (netbios.rules)
11692 <-> NETBIOS SMB-DS nddeapi bind attempt (netbios.rules)
11693 <-> NETBIOS SMB-DS nddeapi WriteAndX bind attempt (netbios.rules)
11694 <-> NETBIOS SMB-DS nddeapi unicode bind attempt (netbios.rules)
11695 <-> NETBIOS SMB-DS nddeapi WriteAndX unicode bind attempt (netbios.rules)
11696 <-> NETBIOS SMB nddeapi little endian bind attempt (netbios.rules)
11697 <-> NETBIOS SMB nddeapi WriteAndX little endian bind attempt (netbios.rules)
11698 <-> NETBIOS SMB nddeapi unicode little endian bind attempt (netbios.rules)
11699 <-> NETBIOS SMB nddeapi WriteAndX unicode little endian bind attempt (netbios.rules)
11700 <-> NETBIOS SMB-DS nddeapi little endian bind attempt (netbios.rules)
11701 <-> NETBIOS SMB-DS nddeapi WriteAndX little endian bind attempt (netbios.rules)
11702 <-> NETBIOS SMB-DS nddeapi unicode little endian bind attempt (netbios.rules)
11703 <-> NETBIOS SMB-DS nddeapi WriteAndX unicode little endian bind attempt (netbios.rules)
11704 <-> NETBIOS SMB nddeapi andx alter context attempt (netbios.rules)
11705 <-> NETBIOS SMB nddeapi unicode andx alter context attempt (netbios.rules)
11706 <-> NETBIOS SMB nddeapi WriteAndX andx alter context attempt (netbios.rules)
11707 <-> NETBIOS SMB nddeapi WriteAndX unicode andx alter context attempt (netbios.rules)
11708 <-> NETBIOS SMB-DS nddeapi andx alter context attempt (netbios.rules)
11709 <-> NETBIOS SMB-DS nddeapi WriteAndX andx alter context attempt (netbios.rules)
11710 <-> NETBIOS SMB-DS nddeapi unicode andx alter context attempt (netbios.rules)
11711 <-> NETBIOS SMB-DS nddeapi WriteAndX unicode andx alter context attempt (netbios.rules)
11712 <-> NETBIOS SMB nddeapi little endian andx alter context attempt (netbios.rules)
11713 <-> NETBIOS SMB nddeapi WriteAndX little endian andx alter context attempt (netbios.rules)
11714 <-> NETBIOS SMB nddeapi unicode little endian andx alter context attempt (netbios.rules)
11715 <-> NETBIOS SMB nddeapi WriteAndX unicode little endian andx alter context attempt (netbios.rules)
11716 <-> NETBIOS SMB-DS nddeapi little endian andx alter context attempt (netbios.rules)
11717 <-> NETBIOS SMB-DS nddeapi WriteAndX little endian andx alter context attempt (netbios.rules)
11718 <-> NETBIOS SMB-DS nddeapi unicode little endian andx alter context attempt (netbios.rules)
11719 <-> NETBIOS SMB-DS nddeapi WriteAndX unicode little endian andx alter context attempt (netbios.rules)
11720 <-> NETBIOS SMB nddeapi andx bind attempt (netbios.rules)
11721 <-> NETBIOS SMB nddeapi unicode andx bind attempt (netbios.rules)
11722 <-> NETBIOS SMB nddeapi WriteAndX andx bind attempt (netbios.rules)
11723 <-> NETBIOS SMB nddeapi WriteAndX unicode andx bind attempt (netbios.rules)
11724 <-> NETBIOS SMB-DS nddeapi andx bind attempt (netbios.rules)
11725 <-> NETBIOS SMB-DS nddeapi WriteAndX andx bind attempt (netbios.rules)
11726 <-> NETBIOS SMB-DS nddeapi unicode andx bind attempt (netbios.rules)
11727 <-> NETBIOS SMB-DS nddeapi WriteAndX unicode andx bind attempt (netbios.rules)
11728 <-> NETBIOS SMB nddeapi little endian andx bind attempt (netbios.rules)
11729 <-> NETBIOS SMB nddeapi WriteAndX little endian andx bind attempt (netbios.rules)
11730 <-> NETBIOS SMB nddeapi unicode little endian andx bind attempt (netbios.rules)
11731 <-> NETBIOS SMB nddeapi WriteAndX unicode little endian andx bind attempt (netbios.rules)
11732 <-> NETBIOS SMB-DS nddeapi little endian andx bind attempt (netbios.rules)
11733 <-> NETBIOS SMB-DS nddeapi WriteAndX little endian andx bind attempt (netbios.rules)
11734 <-> NETBIOS SMB-DS nddeapi unicode little endian andx bind attempt (netbios.rules)
11735 <-> NETBIOS SMB-DS nddeapi WriteAndX unicode little endian andx bind attempt (netbios.rules)
11736 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian overflow attempt (netbios.rules)
11737 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW little endian overflow attempt (netbios.rules)
11738 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW unicode overflow attempt (netbios.rules)
11739 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX overflow attempt (netbios.rules)
11740 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian overflow attempt (netbios.rules)
11741 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW unicode overflow attempt (netbios.rules)
11742 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW WriteAndX unicode overflow attempt (netbios.rules)
11743 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX unicode overflow attempt (netbios.rules)
11744 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW overflow attempt (netbios.rules)
11745 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX overflow attempt (netbios.rules)
11746 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW unicode overflow attempt (netbios.rules)
11747 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX unicode overflow attempt (netbios.rules)
11748 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW unicode little endian overflow attempt (netbios.rules)
11749 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian overflow attempt (netbios.rules)
11750 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW little endian overflow attempt (netbios.rules)
11751 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW unicode little endian overflow attempt (netbios.rules)
11752 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX little endian object call overflow attempt (netbios.rules)
11753 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW object call overflow attempt (netbios.rules)
11754 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX little endian object call overflow attempt (netbios.rules)
11755 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW little endian object call overflow attempt (netbios.rules)
11756 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX object call overflow attempt (netbios.rules)
11757 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian object call overflow attempt (netbios.rules)
11758 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW unicode object call overflow attempt (netbios.rules)
11759 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX unicode object call overflow attempt (netbios.rules)
11760 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW object call overflow attempt (netbios.rules)
11761 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX object call overflow attempt (netbios.rules)
11762 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW unicode object call overflow attempt (netbios.rules)
11763 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX unicode object call overflow attempt (netbios.rules)
11764 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW unicode little endian object call overflow attempt (netbios.rules)
11765 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian object call overflow attempt (netbios.rules)
11766 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW little endian object call overflow attempt (netbios.rules)
11767 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW unicode little endian object call overflow attempt (netbios.rules)
11768 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian andx overflow attempt (netbios.rules)
11769 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW WriteAndX little endian andx overflow attempt (netbios.rules)
11770 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW unicode little endian andx overflow attempt (netbios.rules)
11771 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW WriteAndX andx overflow attempt (netbios.rules)
11772 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX little endian andx overflow attempt (netbios.rules)
11773 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW unicode andx overflow attempt (netbios.rules)
11774 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW andx overflow attempt (netbios.rules)
11775 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW WriteAndX unicode andx overflow attempt (netbios.rules)
11776 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW andx overflow attempt (netbios.rules)
11777 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW WriteAndX andx overflow attempt (netbios.rules)
11778 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW andx overflow attempt (netbios.rules)
11779 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW unicode little endian andx overflow attempt (netbios.rules)
11780 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX little endian andx overflow attempt (netbios.rules)
11781 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW little endian andx overflow attempt (netbios.rules)
11782 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW WriteAndX little endian andx overflow attempt (netbios.rules)
11783 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW little endian andx overflow attempt (netbios.rules)
11784 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian andx overflow attempt (netbios.rules)
11785 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW little endian andx overflow attempt (netbios.rules)
11786 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW unicode andx overflow attempt (netbios.rules)
11787 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX andx overflow attempt (netbios.rules)
11788 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian andx overflow attempt (netbios.rules)
11789 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW unicode andx overflow attempt (netbios.rules)
11790 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW WriteAndX unicode andx overflow attempt (netbios.rules)
11791 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX unicode andx overflow attempt (netbios.rules)
11792 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW andx overflow attempt (netbios.rules)
11793 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX andx overflow attempt (netbios.rules)
11794 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW unicode andx overflow attempt (netbios.rules)
11795 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX unicode andx overflow attempt (netbios.rules)
11796 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW unicode little endian andx overflow attempt (netbios.rules)
11797 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian andx overflow attempt (netbios.rules)
11798 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW little endian andx overflow attempt (netbios.rules)
11799 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW unicode little endian andx overflow attempt (netbios.rules)
11800 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX little endian andx object call overflow attempt (netbios.rules)
11801 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW andx object call overflow attempt (netbios.rules)
11802 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX little endian andx object call overflow attempt (netbios.rules)
11803 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW little endian andx object call overflow attempt (netbios.rules)
11804 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX andx object call overflow attempt (netbios.rules)
11805 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian andx object call overflow attempt (netbios.rules)
11806 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW unicode andx object call overflow attempt (netbios.rules)
11807 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX unicode andx object call overflow attempt (netbios.rules)
11808 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW andx object call overflow attempt (netbios.rules)
11809 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX andx object call overflow attempt (netbios.rules)
11810 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW unicode andx object call overflow attempt (netbios.rules)
11811 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX unicode andx object call overflow attempt (netbios.rules)
11812 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW unicode little endian andx object call overflow attempt (netbios.rules)
11813 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian andx object call overflow attempt (netbios.rules)
11814 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW little endian andx object call overflow attempt (netbios.rules)
11815 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW unicode little endian andx object call overflow attempt (netbios.rules)
11816 <-> NETBIOS Session Service NetDDE attack (netbios.rules)
11817 <-> WEB-CGI WhatsUpGold configuration access (web-cgi.rules)
11818 <-> WEB-CLIENT Yahoo Webcam Viewer Wrapper ActiveX clsid access (web-client.rules)
11819 <-> WEB-CLIENT Yahoo Webcam Viewer Wrapper ActiveX clsid unicode access (web-client.rules)
11820 <-> WEB-CLIENT Yahoo Webcam Viewer Wrapper ActiveX function call access (web-client.rules)
11821 <-> WEB-CLIENT Yahoo Webcam Viewer Wrapper ActiveX function call unicode access (web-client.rules)
11822 <-> WEB-CLIENT Yahoo Webcam Upload ActiveX clsid access (web-client.rules)
11823 <-> WEB-CLIENT Yahoo Webcam Upload ActiveX clsid unicode access (web-client.rules)
11824 <-> WEB-CLIENT Yahoo Webcam Upload ActiveX function call access (web-client.rules)
11825 <-> WEB-CLIENT Yahoo Webcam Upload ActiveX function call unicode access (web-client.rules)

Updated rules:
 631 <-> SMTP ehlo cybercop attempt (smtp.rules)
 632 <-> SMTP expn cybercop attempt (smtp.rules)
 654 <-> SMTP RCPT TO overflow (smtp.rules)
 655 <-> SMTP sendmail 8.6.9 exploit (smtp.rules)
 657 <-> SMTP chameleon overflow (smtp.rules)
 658 <-> SMTP exchange mime DOS (smtp.rules)
 659 <-> SMTP expn decode (smtp.rules)
 660 <-> SMTP expn root (smtp.rules)
 661 <-> SMTP majordomo ifs (smtp.rules)
 662 <-> SMTP sendmail 5.5.5 exploit (smtp.rules)
 663 <-> SMTP rcpt to command attempt (smtp.rules)
 664 <-> SMTP RCPT TO decode attempt (smtp.rules)
 665 <-> SMTP sendmail 5.6.5 exploit (smtp.rules)
 667 <-> SMTP sendmail 8.6.10 exploit (smtp.rules)
 668 <-> SMTP sendmail 8.6.10 exploit (smtp.rules)
 669 <-> SMTP sendmail 8.6.9 exploit (smtp.rules)
 670 <-> SMTP sendmail 8.6.9 exploit (smtp.rules)
 671 <-> SMTP sendmail 8.6.9c exploit (smtp.rules)
 672 <-> SMTP vrfy decode (smtp.rules)
1225 <-> X11 MIT Magic Cookie detected (x11.rules)
1226 <-> X11 xopen (x11.rules)
1321 <-> BAD-TRAFFIC 0 ttl (bad-traffic.rules)
1394 <-> SHELLCODE x86 NOOP (shellcode.rules)
1399 <-> WEB-PHP PHP-Nuke remote file include attempt (web-php.rules)
1446 <-> SMTP vrfy root (smtp.rules)
1450 <-> SMTP expn *@ (smtp.rules)
1549 <-> SMTP HELO overflow attempt (smtp.rules)
1550 <-> SMTP ETRN overflow attempt (smtp.rules)
1882 <-> ATTACK-RESPONSES id check returned userid (attack-responses.rules)
2002 <-> WEB-PHP remote include path (web-php.rules)
2087 <-> SMTP From comment overflow attempt (smtp.rules)
2143 <-> WEB-PHP b2 cafelog gm-2-b2.php remote file include attempt (web-php.rules)
2147 <-> WEB-PHP BLNews objects.inc.php4 remote file include attempt (web-php.rules)
2150 <-> WEB-PHP ttCMS header.php remote file include attempt (web-php.rules)
2155 <-> WEB-PHP ttforum remote file include attempt (web-php.rules)
2183 <-> SMTP Content-Transfer-Encoding overflow attempt (smtp.rules)
2226 <-> WEB-PHP pmachine remote file include attempt (web-php.rules)
2253 <-> SMTP XEXCH50 overflow attempt (smtp.rules)
2259 <-> SMTP EXPN overflow attempt (smtp.rules)
2260 <-> SMTP VRFY overflow attempt (smtp.rules)
2261 <-> SMTP SEND FROM sendmail prescan too many addresses overflow (smtp.rules)
2262 <-> SMTP SEND FROM sendmail prescan too long addresses overflow (smtp.rules)
2263 <-> SMTP SAML FROM sendmail prescan too many addresses overflow (smtp.rules)
2264 <-> SMTP SAML FROM sendmail prescan too long addresses overflow (smtp.rules)
2265 <-> SMTP SOML FROM sendmail prescan too many addresses overflow (smtp.rules)
2266 <-> SMTP SOML FROM sendmail prescan too long addresses overflow (smtp.rules)
2267 <-> SMTP MAIL FROM sendmail prescan too many addresses overflow (smtp.rules)
2268 <-> SMTP MAIL FROM sendmail prescan too long addresses overflow (smtp.rules)
2269 <-> SMTP RCPT TO sendmail prescan too many addresses overflow (smtp.rules)
2270 <-> SMTP RCPT TO sendmail prescan too long addresses overflow (smtp.rules)
2275 <-> SMTP AUTH LOGON brute force attempt (smtp.rules)
2306 <-> WEB-PHP gallery remote file include attempt (web-php.rules)
2307 <-> WEB-PHP PayPal Storefront remote file include attempt (web-php.rules)
2487 <-> SMTP WinZip MIME content-type buffer overflow (smtp.rules)
2488 <-> SMTP WinZip MIME content-disposition buffer overflow (smtp.rules)
2504 <-> SMTP SSLv3 invalid data version attempt (smtp.rules)
2527 <-> SMTP STARTTLS attempt (smtp.rules)
2528 <-> SMTP PCT Client_Hello overflow attempt (smtp.rules)
2541 <-> SMTP TLS SSLv3 invalid data version attempt (smtp.rules)
2542 <-> SMTP SSLv3 Client_Hello request (smtp.rules)
2543 <-> SMTP SSLv3 Server_Hello request (smtp.rules)
2544 <-> SMTP SSLv3 invalid Client_Hello attempt (smtp.rules)
2575 <-> WEB-PHP Opt-X header.php remote file include attempt (web-php.rules)
2582 <-> WEB-MISC Crystal Reports crystalImageHandler.aspx directory traversal attempt (web-misc.rules)
2590 <-> SMTP MAIL FROM overflow attempt (smtp.rules)
2597 <-> WEB-MISC Samba SWAT Authorization overflow attempt (web-misc.rules)
2598 <-> WEB-MISC Samba SWAT Authorization port 901 overflow attempt (web-misc.rules)
2928 <-> NETBIOS SMB-DS nddeapi little endian alter context attempt (netbios.rules)
2929 <-> NETBIOS SMB-DS nddeapi WriteAndX little endian alter context attempt (netbios.rules)
2930 <-> NETBIOS SMB-DS nddeapi unicode little endian alter context attempt (netbios.rules)
2931 <-> NETBIOS SMB-DS nddeapi WriteAndX unicode little endian alter context attempt (netbios.rules)
2932 <-> NETBIOS SMB nddeapi alter context attempt (netbios.rules)
2933 <-> NETBIOS SMB nddeapi unicode alter context attempt (netbios.rules)
2934 <-> NETBIOS SMB-DS nddeapi alter context attempt (netbios.rules)
2935 <-> NETBIOS SMB-DS nddeapi WriteAndX alter context attempt (netbios.rules)
2936 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian overflow attempt (netbios.rules)
2937 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW WriteAndX little endian overflow attempt (netbios.rules)
2938 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW WriteAndX overflow attempt (netbios.rules)
2939 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX little endian overflow attempt (netbios.rules)
2946 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW overflow attempt (netbios.rules)
2947 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW unicode little endian overflow attempt (netbios.rules)
2948 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW little endian overflow attempt (netbios.rules)
2949 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW unicode overflow attempt (netbios.rules)
2956 <-> NETBIOS SMB nddeapi little endian alter context attempt (netbios.rules)
2957 <-> NETBIOS SMB nddeapi WriteAndX little endian alter context attempt (netbios.rules)
2958 <-> NETBIOS SMB nddeapi unicode little endian alter context attempt (netbios.rules)
2959 <-> NETBIOS SMB nddeapi WriteAndX unicode little endian alter context attempt (netbios.rules)
2960 <-> NETBIOS SMB nddeapi WriteAndX alter context attempt (netbios.rules)
2961 <-> NETBIOS SMB nddeapi WriteAndX unicode alter context attempt (netbios.rules)
2962 <-> NETBIOS SMB-DS nddeapi unicode alter context attempt (netbios.rules)
2963 <-> NETBIOS SMB-DS nddeapi WriteAndX unicode alter context attempt (netbios.rules)
2964 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW unicode little endian overflow attempt (netbios.rules)
2965 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW WriteAndX unicode overflow attempt (netbios.rules)
2966 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW overflow attempt (netbios.rules)
2967 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX little endian overflow attempt (netbios.rules)
2968 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW little endian overflow attempt (netbios.rules)
2969 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW WriteAndX little endian overflow attempt (netbios.rules)
2970 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW WriteAndX overflow attempt (netbios.rules)
2971 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW overflow attempt (netbios.rules)
3461 <-> SMTP Content-Type overflow attempt (smtp.rules)
3462 <-> SMTP Content-Encoding overflow attempt (smtp.rules)
3493 <-> SMTP SSLv2 Client_Hello request (smtp.rules)
3494 <-> SMTP SSLv2 Client_Hello with pad request (smtp.rules)
3495 <-> SMTP TLSv1 Client_Hello request (smtp.rules)
3496 <-> SMTP TLSv1 Client_Hello via SSLv2 handshake request (smtp.rules)
3497 <-> SMTP SSLv2 Server_Hello request (smtp.rules)
3498 <-> SMTP TLSv1 Server_Hello request (smtp.rules)
3511 <-> SMTP PCT Client_Hello overflow attempt (smtp.rules)
3533 <-> TELNET client LINEMODE SLC overflow attempt (telnet.rules)
3653 <-> SMTP SAML overflow attempt (smtp.rules)
3654 <-> SMTP SOML overflow attempt (smtp.rules)
3655 <-> SMTP SEND overflow attempt (smtp.rules)
3656 <-> SMTP MAIL overflow attempt (smtp.rules)
3682 <-> SMTP spoofed MIME-Type auto-execution attempt (smtp.rules)
3815 <-> SMTP eXchange POP3 mail server overflow attempt (smtp.rules)
3824 <-> SMTP AUTH user overflow attempt (smtp.rules)
4638 <-> EXPLOIT RSVP Protocol zero length object DoS attempt (exploit.rules)
5685 <-> SMTP TLSv1 Client_Hello via SSLv2 handshake request (smtp.rules)
5686 <-> SMTP TLSv1 Server_Hello request (smtp.rules)
5687 <-> SMTP SSLv2 Client_Hello request (smtp.rules)
5688 <-> SMTP SSLv2 Client_Hello with pad request (smtp.rules)
5689 <-> SMTP TLSv1 Client_Hello request (smtp.rules)
5690 <-> SMTP SSLv3 Client_Hello request (smtp.rules)
5691 <-> SMTP SSLv2 Server_Hello request (smtp.rules)
5694 <-> P2P Skype client setup get newest version attempt (p2p.rules)
5714 <-> SMTP x-unix-mode executable mail attachment (smtp.rules)
5739 <-> SMTP headers too long server response (smtp.rules)
6412 <-> SMTP Windows Address Book attachment detected (smtp.rules)
6413 <-> SMTP Base64 encoded Windows Address Book attachment detected (smtp.rules)
7908 <-> WEB-CLIENT DXImageTransform.Microsoft.Chroma ActiveX clsid access (web-client.rules)
7909 <-> WEB-CLIENT DXImageTransform.Microsoft.Chroma ActiveX clsid unicode access (web-client.rules)
8432 <-> SMTP SSLv2 openssl get shared ciphers overflow attempt (smtp.rules)
8433 <-> SMTP SSLv2 openssl get shared ciphers overflow attempt (smtp.rules)
8434 <-> SMTP SSLv3 openssl get shared ciphers overflow attempt (smtp.rules)
8435 <-> SMTP SSLv3 openssl get shared ciphers overflow attempt (smtp.rules)
8436 <-> SMTP SSLv2 openssl get shared ciphers overflow attempt (smtp.rules)
8437 <-> SMTP SSLv2 openssl get shared ciphers overflow attempt (smtp.rules)
8704 <-> SMTP YPOPS Banner (smtp.rules)
8705 <-> SMTP YPOPS buffer overflow attempt (smtp.rules)
9841 <-> SMTP Microsoft Outlook VEVENT overflow attempt (smtp.rules)
10012 <-> SMTP Microsoft Outlook VEVENT non-TZID overflow attempt (smtp.rules)
10106 <-> DELETED BACKDOOR icmp cmd 1.0 runtime detection - download file (deleted.rules)
10186 <-> SMTP ClamAV mime parsing directory traversal (smtp.rules)
10995 <-> SMTP possible BDAT DoS attempt (smtp.rules)
11193 <-> WEB-MISC Oracle iSQL Plus cross site scripting attempt (web-misc.rules)
11194 <-> WEB-MISC Oracle iSQL Plus cross site scripting attempt (web-misc.rules)
11222 <-> SMTP Exchange MODPROPS denial of service attempt (smtp.rules)
11223 <-> WEB-MISC google proxystylesheet arbitrary command execution attempt (web-misc.rules)
11264 <-> MS-SQL Microsoft SQL Server 2000 Server hello buffer overflow attempt (sql.rules)
11273 <-> WEB-MISC Apache header parsing space saturation denial of service attempt (web-misc.rules)
11315 <-> DELETED BACKDOOR ykw v375 runtime detection (deleted.rules)
11616 <-> WEB-MISC Symantec Sygate Policy Manager SQL injection (web-misc.rules)