Sourcefire VRT Rules Update
Date: 2008-09-09
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.7.
The format of the file is:
sid - Message (rule group)
New rules: 14054 <-> SPYWARE-PUT Adware AdwareALERT runtime detection - auto update (spyware-put.rules) 14055 <-> SPYWARE-PUT Hijacker rediff toolbar runtime detection - hijack ie auto search (spyware-put.rules) 14056 <-> SPYWARE-PUT Hijacker rediff toolbar runtime detection - get news info (spyware-put.rules) 14057 <-> SPYWARE-PUT Trackware murzilka2 runtime detection (spyware-put.rules) 14058 <-> SPYWARE-PUT Hijacker cpush 2 runtime detection - pass info to controlling server (spyware-put.rules) 14059 <-> SPYWARE-PUT Hijacker cpush 2 runtime detection - hijack ie home page (spyware-put.rules) 14060 <-> SPYWARE-PUT Hijacker cpush 2 runtime detection - auto update (spyware-put.rules) 14061 <-> SPYWARE-PUT Trickler antimalware guard runtime detection - order/register request (spyware-put.rules) 14062 <-> SPYWARE-PUT Trickler antimalware guard runtime detection - auto update (spyware-put.rules) 14063 <-> SPYWARE-PUT Hijacker cashon runtime detection - hijack ie searches (spyware-put.rules) 14064 <-> SPYWARE-PUT Hijacker cashon runtime detection - auto update (spyware-put.rules) 14065 <-> SPYWARE-PUT Keylogger emptybase j runtime detection (spyware-put.rules) 14066 <-> SPYWARE-PUT Adware winsecuredisc runtime detection (spyware-put.rules) 14067 <-> SPYWARE-PUT Adware swizzor runtime detection (spyware-put.rules) 14068 <-> SPYWARE-PUT Adware rond runtime detection (spyware-put.rules) 14069 <-> SPYWARE-PUT Adware brave sentry runtime detection - order request (spyware-put.rules) 14070 <-> SPYWARE-PUT Adware brave sentry runtime detection - self update (spyware-put.rules) 14071 <-> SPYWARE-PUT Hijacker Adware bho.gen runtime detection - pop-up window traffic #1 (spyware-put.rules) 14072 <-> SPYWARE-PUT Hijacker Adware bho.gen runtime detection - pop-up window traffic #2 (spyware-put.rules) 14073 <-> SPYWARE-PUT Hijacker Adware bho.gen runtime detection - prompt download page (spyware-put.rules) 14074 <-> SPYWARE-PUT Keylogger spybosspro 4.2 runtime detection (spyware-put.rules) 14075 <-> SPYWARE-PUT Keylogger ultimate Keylogger pro runtime detection (spyware-put.rules) 14076 <-> SPYWARE-PUT Hijacker Adware win32 mostofate runtime detection - hijack search (spyware-put.rules) 14077 <-> SPYWARE-PUT Hijacker Adware win32 mostofate runtime detection - redirect search results (spyware-put.rules) 14078 <-> SPYWARE-PUT Adware winspywareprotect runtime detection - download malicous code (spyware-put.rules) 14079 <-> SPYWARE-PUT Adware winspywareprotect runtime detection - connection to malicious sites (spyware-put.rules) 14080 <-> SPYWARE-PUT Adware winspywareprotect runtime detection - connection to malicious server (spyware-put.rules) 14081 <-> BACKDOOR trojan agent.aarm runtime detection - call home (backdoor.rules) 14082 <-> BACKDOOR trojan agent.aarm runtime detection - spread via spam (backdoor.rules) 14083 <-> BACKDOOR trojan agent.aarm runtime detection - download other malware (backdoor.rules) 14084 <-> BACKDOOR infostealer.banker.c runtime detection - download cfg.bin (backdoor.rules) 14085 <-> BACKDOOR infostealer.banker.c runtime detection - collect user info (backdoor.rules) 14086 <-> BACKDOOR Adware.Win32.Agent.BM runtime detection #1 (backdoor.rules) 14087 <-> BACKDOOR Adware.Win32.Agent.BM runtime detection #2 (backdoor.rules) 14088 <-> WEB-CLIENT Aurigma unspecified 1 ActiveX clsid access (web-client.rules) 14089 <-> WEB-CLIENT Aurigma unspecified 1 ActiveX clsid unicode access (web-client.rules) 14090 <-> WEB-CLIENT Aurigma unspecified 2 ActiveX clsid access (web-client.rules) 14091 <-> WEB-CLIENT Aurigma unspecified 2 ActiveX clsid unicode access (web-client.rules) 14092 <-> WEB-CLIENT Aurigma unspecified 3 ActiveX clsid access (web-client.rules) 14093 <-> WEB-CLIENT Aurigma unspecified 3 ActiveX clsid unicode access (web-client.rules) 14094 <-> WEB-CLIENT Aurigma unspecified 4 ActiveX clsid access (web-client.rules) 14095 <-> WEB-CLIENT Aurigma unspecified 4 ActiveX clsid unicode access (web-client.rules) 14096 <-> WEB-CLIENT Aurigma unspecified 5 ActiveX clsid access (web-client.rules) 14097 <-> WEB-CLIENT Aurigma unspecified 5 ActiveX clsid unicode access (web-client.rules) 14098 <-> WEB-CLIENT Aurigma unspecified 6 ActiveX clsid access (web-client.rules) 14099 <-> WEB-CLIENT Aurigma unspecified 6 ActiveX clsid unicode access (web-client.rules) 14100 <-> WEB-CLIENT Aurigma unspecified 7 ActiveX clsid access (web-client.rules) 14101 <-> WEB-CLIENT Aurigma unspecified 7 ActiveX clsid unicode access (web-client.rules) 14102 <-> WEB-CLIENT Aurigma unspecified 8 ActiveX clsid access (web-client.rules) 14103 <-> WEB-CLIENT Aurigma unspecified 8 ActiveX clsid unicode access (web-client.rules) 14104 <-> WEB-CLIENT Aurigma unspecified 9 ActiveX clsid access (web-client.rules) 14105 <-> WEB-CLIENT Aurigma unspecified 9 ActiveX clsid unicode access (web-client.rules) 14106 <-> WEB-CLIENT Aurigma unspecified 10 ActiveX clsid access (web-client.rules) 14107 <-> WEB-CLIENT Aurigma unspecified 10 ActiveX clsid unicode access (web-client.rules) 14108 <-> WEB-CLIENT Aurigma unspecified 11 ActiveX clsid access (web-client.rules) 14109 <-> WEB-CLIENT Aurigma unspecified 11 ActiveX clsid unicode access (web-client.rules) 14110 <-> WEB-CLIENT Aurigma unspecified 12 ActiveX clsid access (web-client.rules) 14111 <-> WEB-CLIENT Aurigma unspecified 12 ActiveX clsid unicode access (web-client.rules) 14112 <-> WEB-CLIENT Aurigma unspecified 13 ActiveX clsid access (web-client.rules) 14113 <-> WEB-CLIENT Aurigma unspecified 13 ActiveX clsid unicode access (web-client.rules) 14114 <-> WEB-CLIENT Aurigma unspecified 14 ActiveX clsid access (web-client.rules) 14115 <-> WEB-CLIENT Aurigma unspecified 14 ActiveX clsid unicode access (web-client.rules) 14116 <-> WEB-CLIENT Aurigma unspecified 15 ActiveX clsid access (web-client.rules) 14117 <-> WEB-CLIENT Aurigma unspecified 15 ActiveX clsid unicode access (web-client.rules) 14118 <-> WEB-CLIENT Aurigma unspecified 16 ActiveX clsid access (web-client.rules) 14119 <-> WEB-CLIENT Aurigma unspecified 16 ActiveX clsid unicode access (web-client.rules) 14120 <-> WEB-CLIENT Aurigma unspecified 17 ActiveX clsid access (web-client.rules) 14121 <-> WEB-CLIENT Aurigma unspecified 17 ActiveX clsid unicode access (web-client.rules) 14122 <-> WEB-CLIENT Aurigma unspecified 18 ActiveX clsid access (web-client.rules) 14123 <-> WEB-CLIENT Aurigma unspecified 18 ActiveX clsid unicode access (web-client.rules) 14124 <-> WEB-CLIENT Aurigma unspecified 19 ActiveX clsid access (web-client.rules) 14125 <-> WEB-CLIENT Aurigma unspecified 19 ActiveX clsid unicode access (web-client.rules) 14126 <-> WEB-CLIENT Aurigma unspecified 20 ActiveX clsid access (web-client.rules) 14127 <-> WEB-CLIENT Aurigma unspecified 20 ActiveX clsid unicode access (web-client.rules) 14128 <-> WEB-CLIENT Aurigma unspecified 21 ActiveX clsid access (web-client.rules) 14129 <-> WEB-CLIENT Aurigma unspecified 21 ActiveX clsid unicode access (web-client.rules) 14130 <-> WEB-CLIENT Aurigma unspecified 22 ActiveX clsid access (web-client.rules) 14131 <-> WEB-CLIENT Aurigma unspecified 22 ActiveX clsid unicode access (web-client.rules) 14132 <-> WEB-CLIENT Aurigma unspecified 23 ActiveX clsid access (web-client.rules) 14133 <-> WEB-CLIENT Aurigma unspecified 23 ActiveX clsid unicode access (web-client.rules) 14134 <-> WEB-CLIENT Aurigma unspecified 24 ActiveX clsid access (web-client.rules) 14135 <-> WEB-CLIENT Aurigma unspecified 24 ActiveX clsid unicode access (web-client.rules) 14136 <-> WEB-CLIENT Aurigma unspecified 25 ActiveX clsid access (web-client.rules) 14137 <-> WEB-CLIENT Aurigma unspecified 25 ActiveX clsid unicode access (web-client.rules) 14138 <-> WEB-CLIENT Aurigma unspecified 26 ActiveX clsid access (web-client.rules) 14139 <-> WEB-CLIENT Aurigma unspecified 26 ActiveX clsid unicode access (web-client.rules) 14140 <-> WEB-CLIENT Aurigma unspecified 27 ActiveX clsid access (web-client.rules) 14141 <-> WEB-CLIENT Aurigma unspecified 27 ActiveX clsid unicode access (web-client.rules) 14142 <-> WEB-CLIENT Aurigma unspecified 28 ActiveX clsid access (web-client.rules) 14143 <-> WEB-CLIENT Aurigma unspecified 28 ActiveX clsid unicode access (web-client.rules) 14144 <-> WEB-CLIENT Aurigma unspecified 29 ActiveX clsid access (web-client.rules) 14145 <-> WEB-CLIENT Aurigma unspecified 29 ActiveX clsid unicode access (web-client.rules) 14146 <-> WEB-CLIENT Aurigma unspecified 30 ActiveX clsid access (web-client.rules) 14147 <-> WEB-CLIENT Aurigma unspecified 30 ActiveX clsid unicode access (web-client.rules) 14148 <-> WEB-CLIENT Aurigma unspecified 31 ActiveX clsid access (web-client.rules) 14149 <-> WEB-CLIENT Aurigma unspecified 31 ActiveX clsid unicode access (web-client.rules) 14150 <-> WEB-CLIENT Aurigma unspecified 32 ActiveX clsid access (web-client.rules) 14151 <-> WEB-CLIENT Aurigma unspecified 32 ActiveX clsid unicode access (web-client.rules) 14152 <-> WEB-CLIENT Aurigma unspecified 33 ActiveX clsid access (web-client.rules) 14153 <-> WEB-CLIENT Aurigma unspecified 33 ActiveX clsid unicode access (web-client.rules) 14154 <-> WEB-CLIENT Aurigma unspecified 34 ActiveX clsid access (web-client.rules) 14155 <-> WEB-CLIENT Aurigma unspecified 34 ActiveX clsid unicode access (web-client.rules) 14156 <-> WEB-CLIENT Aurigma unspecified 35 ActiveX clsid access (web-client.rules) 14157 <-> WEB-CLIENT Aurigma unspecified 35 ActiveX clsid unicode access (web-client.rules) 14158 <-> WEB-CLIENT Aurigma unspecified 36 ActiveX clsid access (web-client.rules) 14159 <-> WEB-CLIENT Aurigma unspecified 36 ActiveX clsid unicode access (web-client.rules) 14160 <-> WEB-CLIENT Aurigma unspecified 37 ActiveX clsid access (web-client.rules) 14161 <-> WEB-CLIENT Aurigma unspecified 37 ActiveX clsid unicode access (web-client.rules) 14162 <-> WEB-CLIENT Aurigma unspecified 38 ActiveX clsid access (web-client.rules) 14163 <-> WEB-CLIENT Aurigma unspecified 38 ActiveX clsid unicode access (web-client.rules) 14164 <-> WEB-CLIENT Aurigma unspecified 39 ActiveX clsid access (web-client.rules) 14165 <-> WEB-CLIENT Aurigma unspecified 39 ActiveX clsid unicode access (web-client.rules) 14166 <-> WEB-CLIENT Aurigma unspecified 40 ActiveX clsid access (web-client.rules) 14167 <-> WEB-CLIENT Aurigma unspecified 40 ActiveX clsid unicode access (web-client.rules) 14168 <-> WEB-CLIENT Aurigma unspecified 41 ActiveX clsid access (web-client.rules) 14169 <-> WEB-CLIENT Aurigma unspecified 41 ActiveX clsid unicode access (web-client.rules) 14170 <-> WEB-CLIENT Aurigma unspecified 42 ActiveX clsid access (web-client.rules) 14171 <-> WEB-CLIENT Aurigma unspecified 42 ActiveX clsid unicode access (web-client.rules) 14172 <-> WEB-CLIENT Aurigma unspecified 43 ActiveX clsid access (web-client.rules) 14173 <-> WEB-CLIENT Aurigma unspecified 43 ActiveX clsid unicode access (web-client.rules) 14174 <-> WEB-CLIENT Aurigma unspecified 44 ActiveX clsid access (web-client.rules) 14175 <-> WEB-CLIENT Aurigma unspecified 44 ActiveX clsid unicode access (web-client.rules) 14176 <-> WEB-CLIENT Aurigma unspecified 45 ActiveX clsid access (web-client.rules) 14177 <-> WEB-CLIENT Aurigma unspecified 45 ActiveX clsid unicode access (web-client.rules) 14178 <-> WEB-CLIENT Aurigma unspecified 46 ActiveX clsid access (web-client.rules) 14179 <-> WEB-CLIENT Aurigma unspecified 46 ActiveX clsid unicode access (web-client.rules) 14180 <-> WEB-CLIENT Aurigma unspecified 47 ActiveX clsid access (web-client.rules) 14181 <-> WEB-CLIENT Aurigma unspecified 47 ActiveX clsid unicode access (web-client.rules) 14182 <-> WEB-CLIENT Aurigma unspecified 48 ActiveX clsid access (web-client.rules) 14183 <-> WEB-CLIENT Aurigma unspecified 48 ActiveX clsid unicode access (web-client.rules) 14184 <-> WEB-CLIENT Aurigma unspecified 49 ActiveX clsid access (web-client.rules) 14185 <-> WEB-CLIENT Aurigma unspecified 49 ActiveX clsid unicode access (web-client.rules) 14186 <-> WEB-CLIENT Aurigma unspecified 50 ActiveX clsid access (web-client.rules) 14187 <-> WEB-CLIENT Aurigma unspecified 50 ActiveX clsid unicode access (web-client.rules) 14188 <-> WEB-CLIENT Aurigma unspecified 51 ActiveX clsid access (web-client.rules) 14189 <-> WEB-CLIENT Aurigma unspecified 51 ActiveX clsid unicode access (web-client.rules) 14190 <-> WEB-CLIENT Aurigma unspecified 52 ActiveX clsid access (web-client.rules) 14191 <-> WEB-CLIENT Aurigma unspecified 52 ActiveX clsid unicode access (web-client.rules) 14192 <-> WEB-CLIENT Aurigma unspecified 53 ActiveX clsid access (web-client.rules) 14193 <-> WEB-CLIENT Aurigma unspecified 53 ActiveX clsid unicode access (web-client.rules) 14194 <-> WEB-CLIENT Aurigma unspecified 54 ActiveX clsid access (web-client.rules) 14195 <-> WEB-CLIENT Aurigma unspecified 54 ActiveX clsid unicode access (web-client.rules) 14196 <-> WEB-CLIENT Aurigma unspecified 55 ActiveX clsid access (web-client.rules) 14197 <-> WEB-CLIENT Aurigma unspecified 55 ActiveX clsid unicode access (web-client.rules) 14198 <-> WEB-CLIENT Aurigma unspecified 56 ActiveX clsid access (web-client.rules) 14199 <-> WEB-CLIENT Aurigma unspecified 56 ActiveX clsid unicode access (web-client.rules) 14200 <-> WEB-CLIENT Aurigma unspecified 57 ActiveX clsid access (web-client.rules) 14201 <-> WEB-CLIENT Aurigma unspecified 57 ActiveX clsid unicode access (web-client.rules) 14202 <-> WEB-CLIENT Aurigma unspecified 58 ActiveX clsid access (web-client.rules) 14203 <-> WEB-CLIENT Aurigma unspecified 58 ActiveX clsid unicode access (web-client.rules) 14204 <-> WEB-CLIENT Aurigma unspecified 59 ActiveX clsid access (web-client.rules) 14205 <-> WEB-CLIENT Aurigma unspecified 59 ActiveX clsid unicode access (web-client.rules) 14206 <-> WEB-CLIENT Aurigma unspecified 60 ActiveX clsid access (web-client.rules) 14207 <-> WEB-CLIENT Aurigma unspecified 60 ActiveX clsid unicode access (web-client.rules) 14208 <-> WEB-CLIENT Aurigma unspecified 61 ActiveX clsid access (web-client.rules) 14209 <-> WEB-CLIENT Aurigma unspecified 61 ActiveX clsid unicode access (web-client.rules) 14210 <-> WEB-CLIENT Aurigma unspecified 62 ActiveX clsid access (web-client.rules) 14211 <-> WEB-CLIENT Aurigma unspecified 62 ActiveX clsid unicode access (web-client.rules) 14212 <-> WEB-CLIENT Aurigma unspecified 63 ActiveX clsid access (web-client.rules) 14213 <-> WEB-CLIENT Aurigma unspecified 63 ActiveX clsid unicode access (web-client.rules) 14214 <-> WEB-CLIENT Aurigma unspecified 64 ActiveX clsid access (web-client.rules) 14215 <-> WEB-CLIENT Aurigma unspecified 64 ActiveX clsid unicode access (web-client.rules) 14216 <-> WEB-CLIENT Aurigma unspecified 65 ActiveX clsid access (web-client.rules) 14217 <-> WEB-CLIENT Aurigma unspecified 65 ActiveX clsid unicode access (web-client.rules) 14218 <-> WEB-CLIENT Aurigma unspecified 66 ActiveX clsid access (web-client.rules) 14219 <-> WEB-CLIENT Aurigma unspecified 66 ActiveX clsid unicode access (web-client.rules) 14220 <-> WEB-CLIENT Aurigma unspecified 67 ActiveX clsid access (web-client.rules) 14221 <-> WEB-CLIENT Aurigma unspecified 67 ActiveX clsid unicode access (web-client.rules) 14222 <-> WEB-CLIENT Aurigma unspecified 68 ActiveX clsid access (web-client.rules) 14223 <-> WEB-CLIENT Aurigma unspecified 68 ActiveX clsid unicode access (web-client.rules) 14224 <-> WEB-CLIENT Aurigma unspecified 69 ActiveX clsid access (web-client.rules) 14225 <-> WEB-CLIENT Aurigma unspecified 69 ActiveX clsid unicode access (web-client.rules) 14226 <-> WEB-CLIENT Aurigma unspecified 70 ActiveX clsid access (web-client.rules) 14227 <-> WEB-CLIENT Aurigma unspecified 70 ActiveX clsid unicode access (web-client.rules) 14228 <-> WEB-CLIENT Aurigma unspecified 71 ActiveX clsid access (web-client.rules) 14229 <-> WEB-CLIENT Aurigma unspecified 71 ActiveX clsid unicode access (web-client.rules) 14230 <-> EXPLOIT SAP DB web server stack overflow attempt (exploit.rules) 14231 <-> WEB-CLIENT SoftArtisans XFile FileManager ActiveX clsid access (web-client.rules) 14232 <-> WEB-CLIENT SoftArtisans XFile FileManager ActiveX clsid unicode access (web-client.rules) 14233 <-> WEB-CLIENT SoftArtisans XFile FileManager ActiveX function call access (web-client.rules) 14234 <-> WEB-CLIENT SoftArtisans XFile FileManager ActiveX function call unicode access (web-client.rules) 14235 <-> WEB-CLIENT Microsoft Windows Media Services ActiveX clsid access (web-client.rules) 14236 <-> WEB-CLIENT Microsoft Windows Media Services ActiveX clsid unicode access (web-client.rules) 14237 <-> WEB-CLIENT Microsoft Windows Media Services ActiveX function call access (web-client.rules) 14238 <-> WEB-CLIENT Microsoft Windows Media Services ActiveX function call unicode access (web-client.rules) 14239 <-> WEB-CLIENT Friendly Technologies fwRemoteConfig ActiveX clsid access (web-client.rules) 14240 <-> WEB-CLIENT Friendly Technologies fwRemoteConfig ActiveX clsid unicode access (web-client.rules) 14241 <-> WEB-CLIENT Friendly Technologies fwRemoteConfig ActiveX function call access (web-client.rules) 14242 <-> WEB-CLIENT Friendly Technologies fwRemoteConfig ActiveX function call unicode access (web-client.rules) 14243 <-> WEB-CLIENT Najdi.si Toolbar ActiveX clsid access (web-client.rules) 14244 <-> WEB-CLIENT Najdi.si Toolbar ActiveX clsid unicode access (web-client.rules) 14245 <-> WEB-CLIENT Najdi.si Toolbar ActiveX function call access (web-client.rules) 14246 <-> WEB-CLIENT Najdi.si Toolbar ActiveX function call unicode access (web-client.rules) 14247 <-> WEB-CLIENT Eyeball MessengerSDK ActiveX clsid access (web-client.rules) 14248 <-> WEB-CLIENT Eyeball MessengerSDK ActiveX clsid unicode access (web-client.rules) 14249 <-> WEB-CLIENT Eyeball MessengerSDK ActiveX function call access (web-client.rules) 14250 <-> WEB-CLIENT Eyeball MessengerSDK ActiveX function call unicode access (web-client.rules) 14264 <-> MULTIMEDIA Windows Media Player playlist download (multimedia.rules) 14265 <-> EXPLOIT CitectSCADA ODBC buffer overflow attempt (exploit.rules) 14266 <-> WEB-CLIENT Microsoft Windows Image Acquisition Logger ActiveX clsid access (web-client.rules) 14267 <-> WEB-CLIENT Microsoft Windows Image Acquisition Logger ActiveX clsid unicode access (web-client.rules) 14268 <-> WEB-CLIENT Microsoft Windows Image Acquisition Logger ActiveX function call access (web-client.rules) 14269 <-> WEB-CLIENT Microsoft Windows Image Acquisition Logger ActiveX function call unicode access (web-client.rules) Updated rules: 3632 <-> WEB-CLIENT Bitmap width integer overflow attempt (web-client.rules) 3633 <-> WEB-CLIENT bitmap transfer (web-client.rules) 3634 <-> WEB-CLIENT Bitmap width integer overflow multipacket attempt (web-client.rules) 5797 <-> POLICY kontiki runtime detection (policy.rules) 7087 <-> BACKDOOR sinique 1.0 runtime detection - initial connection with correct password client-to-server (backdoor.rules) 7088 <-> BACKDOOR sinique 1.0 runtime detection - initial connection with correct password server-to-client (backdoor.rules) 7089 <-> BACKDOOR sinique 1.0 runtime detection - initial connection with wrong password -client-to-server (backdoor.rules) 7090 <-> BACKDOOR sinique 1.0 runtime detection - initial connection with wrong password server-to-client (backdoor.rules) 7693 <-> BACKDOOR exception 1.0 runtime detection - initial connection client-to-server (backdoor.rules) 7694 <-> BACKDOOR exception 1.0 runtime detection - initial connection server-to-client (backdoor.rules) 12780 <-> WEB-CLIENT Aurigma Image Uploader 4 Vulnerable Methods ActiveX clsid access (web-client.rules) 12781 <-> WEB-CLIENT Aurigma Image Uploader 4 Vulnerable Methods ActiveX clsid unicode access (web-client.rules) 12782 <-> WEB-CLIENT Aurigma Image Uploader 4 Vulnerable Methods ActiveX function call access (web-client.rules) 12783 <-> WEB-CLIENT Aurigma Image Uploader 4 Vulnerable Methods ActiveX function call unicode access (web-client.rules) 13228 <-> WEB-CLIENT HP eSupportDiagnostics 1 ActiveX clsid access (web-client.rules) 13229 <-> WEB-CLIENT HP eSupportDiagnostics 1 ActiveX clsid unicode access (web-client.rules) 13230 <-> WEB-CLIENT HP eSupportDiagnostics 2 ActiveX clsid access (web-client.rules) 13231 <-> WEB-CLIENT HP eSupportDiagnostics 2 ActiveX clsid unicode access (web-client.rules) 13279 <-> SPYWARE-PUT Keylogger advanced spy 4.0 runtime detection (spyware-put.rules) 13419 <-> WEB-CLIENT Facebook Photo Uploader ActiveX clsid access (web-client.rules) 13420 <-> WEB-CLIENT Facebook Photo Uploader ActiveX clsid unicode access (web-client.rules) 13421 <-> WEB-CLIENT Facebook Photo Uploader ActiveX function call access (web-client.rules) 13422 <-> WEB-CLIENT Facebook Photo Uploader ActiveX function call unicode access (web-client.rules) 13434 <-> WEB-CLIENT Aurigma Image Uploader 4 Property Overflows ActiveX clsid access (web-client.rules) 13435 <-> WEB-CLIENT Aurigma Image Uploader 4 Property Overflows ActiveX clsid unicode access (web-client.rules) 13436 <-> WEB-CLIENT Aurigma Image Uploader 4 Property Overflows ActiveX function call access (web-client.rules) 13437 <-> WEB-CLIENT Aurigma Image Uploader 4 Property Overflows ActiveX function call unicode access (web-client.rules) 13438 <-> WEB-CLIENT Aurigma Image Uploader 5 Vulnerable Methods ActiveX clsid access (web-client.rules) 13439 <-> WEB-CLIENT Aurigma Image Uploader 5 Vulnerable Methods ActiveX clsid unicode access (web-client.rules) 13440 <-> WEB-CLIENT Aurigma Image Uploader 5 Vulnerable Methods ActiveX function call access (web-client.rules) 13441 <-> WEB-CLIENT Aurigma Image Uploader 5 Vulnerable Methods ActiveX function call unicode access (web-client.rules) 13442 <-> WEB-CLIENT Aurigma Image Uploader 5 Property Overflows ActiveX clsid access (web-client.rules) 13443 <-> WEB-CLIENT Aurigma Image Uploader 5 Property Overflows ActiveX clsid unicode access (web-client.rules) 13444 <-> WEB-CLIENT Aurigma Image Uploader 5 Property Overflows ActiveX function call access (web-client.rules) 13445 <-> WEB-CLIENT Aurigma Image Uploader 5 Property Overflows ActiveX function call unicode access (web-client.rules) 13523 <-> WEB-CLIENT Novell iPrint ActiveX clsid access (web-client.rules) 13524 <-> WEB-CLIENT Novell iPrint ActiveX clsid unicode access (web-client.rules) 13525 <-> WEB-CLIENT Novell iPrint ActiveX function call access (web-client.rules) 13526 <-> WEB-CLIENT Novell iPrint ActiveX function call unicode access (web-client.rules) 13720 <-> WEB-CLIENT HP eSupportDiagnostics 3 ActiveX clsid access (web-client.rules) 13721 <-> WEB-CLIENT HP eSupportDiagnostics 3 ActiveX clsid unicode access (web-client.rules) 13722 <-> WEB-CLIENT HP eSupportDiagnostics 4 ActiveX clsid access (web-client.rules) 13723 <-> WEB-CLIENT HP eSupportDiagnostics 4 ActiveX clsid unicode access (web-client.rules) 13724 <-> WEB-CLIENT HP eSupportDiagnostics 5 ActiveX clsid access (web-client.rules) 13725 <-> WEB-CLIENT HP eSupportDiagnostics 5 ActiveX clsid unicode access (web-client.rules) 13726 <-> WEB-CLIENT HP eSupportDiagnostics 6 ActiveX clsid access (web-client.rules) 13727 <-> WEB-CLIENT HP eSupportDiagnostics 6 ActiveX clsid unicode access (web-client.rules) 13728 <-> WEB-CLIENT HP eSupportDiagnostics 7 ActiveX clsid access (web-client.rules) 13729 <-> WEB-CLIENT HP eSupportDiagnostics 7 ActiveX clsid unicode access (web-client.rules) 13730 <-> WEB-CLIENT HP eSupportDiagnostics 8 ActiveX clsid access (web-client.rules) 13731 <-> WEB-CLIENT HP eSupportDiagnostics 8 ActiveX clsid unicode access (web-client.rules) 13732 <-> WEB-CLIENT HP eSupportDiagnostics 9 ActiveX clsid access (web-client.rules) 13733 <-> WEB-CLIENT HP eSupportDiagnostics 9 ActiveX clsid unicode access (web-client.rules) 13734 <-> WEB-CLIENT HP eSupportDiagnostics 10 ActiveX clsid access (web-client.rules) 13735 <-> WEB-CLIENT HP eSupportDiagnostics 10 ActiveX clsid unicode access (web-client.rules) 13736 <-> WEB-CLIENT HP eSupportDiagnostics 11 ActiveX clsid access (web-client.rules) 13737 <-> WEB-CLIENT HP eSupportDiagnostics 11 ActiveX clsid unicode access (web-client.rules) 13738 <-> WEB-CLIENT HP eSupportDiagnostics 12 ActiveX clsid access (web-client.rules) 13739 <-> WEB-CLIENT HP eSupportDiagnostics 12 ActiveX clsid unicode access (web-client.rules) 13740 <-> WEB-CLIENT HP eSupportDiagnostics 13 ActiveX clsid access (web-client.rules) 13741 <-> WEB-CLIENT HP eSupportDiagnostics 13 ActiveX clsid unicode access (web-client.rules) 13742 <-> WEB-CLIENT HP eSupportDiagnostics 14 ActiveX clsid access (web-client.rules) 13743 <-> WEB-CLIENT HP eSupportDiagnostics 14 ActiveX clsid unicode access (web-client.rules) 13744 <-> WEB-CLIENT HP eSupportDiagnostics 15 ActiveX clsid access (web-client.rules) 13745 <-> WEB-CLIENT HP eSupportDiagnostics 15 ActiveX clsid unicode access (web-client.rules) 13746 <-> WEB-CLIENT HP eSupportDiagnostics 16 ActiveX clsid access (web-client.rules) 13747 <-> WEB-CLIENT HP eSupportDiagnostics 16 ActiveX clsid unicode access (web-client.rules) 13748 <-> WEB-CLIENT HP eSupportDiagnostics 17 ActiveX clsid access (web-client.rules) 13749 <-> WEB-CLIENT HP eSupportDiagnostics 17 ActiveX clsid unicode access (web-client.rules) 13750 <-> WEB-CLIENT HP eSupportDiagnostics 18 ActiveX clsid access (web-client.rules) 13751 <-> WEB-CLIENT HP eSupportDiagnostics 18 ActiveX clsid unicode access (web-client.rules) 13752 <-> WEB-CLIENT HP eSupportDiagnostics 19 ActiveX clsid access (web-client.rules) 13753 <-> WEB-CLIENT HP eSupportDiagnostics 19 ActiveX clsid unicode access (web-client.rules) 13754 <-> WEB-CLIENT HP eSupportDiagnostics 20 ActiveX clsid access (web-client.rules) 13755 <-> WEB-CLIENT HP eSupportDiagnostics 20 ActiveX clsid unicode access (web-client.rules) 13756 <-> WEB-CLIENT HP eSupportDiagnostics 21 ActiveX clsid access (web-client.rules) 13757 <-> WEB-CLIENT HP eSupportDiagnostics 21 ActiveX clsid unicode access (web-client.rules) 13857 <-> WEB-CLIENT HP Instant Support DataManager ActiveX clsid access (web-client.rules) 13858 <-> WEB-CLIENT HP Instant Support DataManager ActiveX clsid unicode access (web-client.rules) 13859 <-> WEB-CLIENT HP Instant Support DataManager ActiveX function call access (web-client.rules) 13860 <-> WEB-CLIENT HP Instant Support DataManager ActiveX function call unicode access (web-client.rules) 13865 <-> WEB-CLIENT Adobe BMP image handler buffer overflow attempt (web-client.rules) 13896 <-> SQL Microsoft SQL server MTF file download (sql.rules)
