Sourcefire VRT Rules Update

Date: 2010-04-06

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.8.

The format of the file is:

sid - Message (rule group, priority)

New rules:
16513 <-> SQL Jive Software Openfire Jabber Server SQL injection attempt (sql.rules, High)
16514 <-> CHAT Trillian AIM XML tag handling heap buffer overflow attempt (chat.rules, High)
16515 <-> SMTP Novell Groupwise Internet Agent RCPT command overflow attempt (smtp.rules, High)
16516 <-> ORACLE Database sys.olapimpl_t package odcitablestart overflow attempt (oracle.rules, High)
16517 <-> WEB-CLIENT Free Download Manager .torrent parsing comment overflow attempt (web-client.rules, High)
16518 <-> WEB-CLIENT Free Download Manager .torrent parsing announce overflow attempt (web-client.rules, High)
16519 <-> WEB-CLIENT Free Download Manager .torrent parsing name overflow attempt (web-client.rules, High)
16520 <-> WEB-CLIENT Free Download Manager .torrent parsing path overflow attempt (web-client.rules, High)
16521 <-> WEB-CLIENT Squid Proxy http version number overflow attempt (web-client.rules, High)

Updated rules:
 221 <-> DDOS TFN Probe (ddos.rules, Medium)
 222 <-> DDOS tfn2k icmp possible communication (ddos.rules, Medium)
 223 <-> DDOS Trin00 Daemon to Master PONG message detected (ddos.rules, Medium)
 224 <-> DDOS Stacheldraht server spoof (ddos.rules, Medium)
 225 <-> DDOS Stacheldraht gag server response (ddos.rules, Medium)
 226 <-> DDOS Stacheldraht server response (ddos.rules, Medium)
 227 <-> DDOS Stacheldraht client spoofworks (ddos.rules, Medium)
 228 <-> DDOS TFN client command BE (ddos.rules, Medium)
 229 <-> DDOS Stacheldraht client check skillz (ddos.rules, Medium)
 230 <-> DDOS shaft client login to handler (ddos.rules, Medium)
 231 <-> DDOS Trin00 Daemon to Master message detected (ddos.rules, Medium)
 232 <-> DDOS Trin00 Daemon to Master *HELLO* message detected (ddos.rules, Medium)
 233 <-> DDOS Trin00 Attacker to Master default startup password (ddos.rules, Medium)
 234 <-> DDOS Trin00 Attacker to Master default password (ddos.rules, Medium)
 235 <-> DDOS Trin00 Attacker to Master default mdie password (ddos.rules, Medium)
 236 <-> DDOS Stacheldraht client check gag (ddos.rules, Medium)
 237 <-> DDOS Trin00 Master to Daemon default password attempt (ddos.rules, Medium)
 238 <-> DDOS TFN server response (ddos.rules, Medium)
 239 <-> DDOS shaft handler to agent (ddos.rules, Medium)
 240 <-> DDOS shaft agent to handler (ddos.rules, Medium)
 243 <-> DDOS mstream agent to handler (ddos.rules, Medium)
 244 <-> DDOS mstream handler to agent (ddos.rules, Medium)
 245 <-> DDOS mstream handler ping to agent (ddos.rules, Medium)
 246 <-> DDOS mstream agent pong to handler (ddos.rules, Medium)
 247 <-> DDOS mstream client to handler (ddos.rules, Medium)
 248 <-> DDOS mstream handler to client (ddos.rules, Medium)
 250 <-> DDOS mstream handler to client (ddos.rules, Medium)
 251 <-> DDOS - TFN client command LE (ddos.rules, Medium)
 256 <-> DNS named authors attempt (dns.rules, Medium)
 257 <-> DNS named version attempt (dns.rules, Medium)
 258 <-> DNS EXPLOIT named 8.2->8.2.1 (dns.rules, High)
 259 <-> DNS EXPLOIT named overflow ADM (dns.rules, High)
 260 <-> DNS EXPLOIT named overflow ADMROCKS (dns.rules, High)
 261 <-> DNS EXPLOIT named overflow attempt (dns.rules, High)
 262 <-> DNS EXPLOIT x86 Linux overflow attempt (dns.rules, High)
 264 <-> DNS EXPLOIT x86 Linux overflow attempt (dns.rules, High)
 265 <-> DNS EXPLOIT x86 Linux overflow attempt ADMv2 (dns.rules, High)
 266 <-> DNS EXPLOIT x86 FreeBSD overflow attempt (dns.rules, High)
 267 <-> DNS EXPLOIT sparc overflow attempt (dns.rules, High)
 271 <-> DOS UDP echo+chargen bomb (dos.rules, Medium)
 272 <-> DOS IGMP dos attack (dos.rules, Medium)
 274 <-> DOS ath (dos.rules, Medium)
 276 <-> DOS Real Audio Server (dos.rules, Medium)
 277 <-> DOS Real Server template.html (dos.rules, Medium)
 278 <-> DOS Real Server template.html (dos.rules, Medium)
 279 <-> DOS Bay/Nortel Nautica Marlin (dos.rules, Medium)
 281 <-> DOS Ascend Route (dos.rules, Medium)
 283 <-> EXPLOIT Netscape 4.7 client overflow (exploit.rules, High)
 286 <-> POP3 EXPLOIT x86 BSD overflow (pop3.rules, High)
 287 <-> POP3 EXPLOIT x86 BSD overflow (pop3.rules, High)
 288 <-> POP3 EXPLOIT x86 Linux overflow (pop3.rules, High)
 289 <-> POP3 EXPLOIT x86 SCO overflow (pop3.rules, High)
 290 <-> POP3 EXPLOIT qpopper overflow (pop3.rules, High)
 292 <-> EXPLOIT x86 Linux samba overflow (exploit.rules, High)
 300 <-> EXPLOIT nlps x86 Solaris overflow (exploit.rules, High)
 301 <-> EXPLOIT LPRng overflow (exploit.rules, High)
 302 <-> EXPLOIT Redhat 7.0 lprd overflow (exploit.rules, High)
 303 <-> DNS EXPLOIT named tsig overflow attempt (dns.rules, High)
 304 <-> EXPLOIT SCO calserver overflow (exploit.rules, High)
 305 <-> EXPLOIT delegate proxy overflow (exploit.rules, High)
 306 <-> EXPLOIT VQServer admin (exploit.rules, High)
 307 <-> EXPLOIT CHAT IRC topic overflow (exploit.rules, High)
 308 <-> EXPLOIT NextFTP client overflow (exploit.rules, High)
 309 <-> EXPLOIT sniffit overflow (exploit.rules, High)
 310 <-> EXPLOIT x86 windows MailMax overflow (exploit.rules, High)
 311 <-> EXPLOIT Netscape 4.7 unsucessful overflow (exploit.rules, High)
 313 <-> EXPLOIT ntalkd x86 Linux overflow (exploit.rules, High)
 314 <-> DNS EXPLOIT named tsig overflow attempt (dns.rules, High)
 315 <-> EXPLOIT x86 Linux mountd overflow (exploit.rules, High)
 316 <-> EXPLOIT x86 Linux mountd overflow (exploit.rules, High)
 317 <-> EXPLOIT x86 Linux mountd overflow (exploit.rules, High)
 509 <-> WEB-MISC PCCS mysql database admin tool access (web-misc.rules, High)
 549 <-> DELETED P2P napster login (deleted.rules, High)
 550 <-> DELETED P2P napster new user login (deleted.rules, High)
 551 <-> DELETED P2P napster download attempt (deleted.rules, High)
 552 <-> DELETED P2P napster upload request (deleted.rules, High)
 561 <-> DELETED P2P Napster Client Data (deleted.rules, High)
 562 <-> DELETED P2P Napster Client Data (deleted.rules, High)
 563 <-> DELETED P2P Napster Client Data (deleted.rules, High)
 564 <-> DELETED P2P Napster Client Data (deleted.rules, High)
 565 <-> DELETED P2P Napster Server Login (deleted.rules, High)
 580 <-> RPC portmap nisd request UDP (rpc.rules, Medium)
 588 <-> RPC portmap ttdbserv request UDP (rpc.rules, Medium)
 590 <-> RPC portmap ypserv request UDP (rpc.rules, Medium)
 593 <-> RPC portmap snmpXdmi request TCP (rpc.rules, Medium)
 709 <-> TELNET 4Dgifts SGI account attempt (telnet.rules, Medium)
 710 <-> TELNET EZsetup account attempt (telnet.rules, Medium)
 711 <-> TELNET SGI telnetd format bug (telnet.rules, High)
 803 <-> WEB-CGI HyperSeek hsx.cgi directory traversal attempt (web-cgi.rules, High)
 804 <-> WEB-CGI SWSoft ASPSeek Overflow attempt (web-cgi.rules, High)
 805 <-> WEB-CGI webspeed access (web-cgi.rules, High)
 806 <-> WEB-CGI yabb directory traversal attempt (web-cgi.rules, Medium)
 807 <-> WEB-CGI /wwwboard/passwd.txt access (web-cgi.rules, Medium)
 808 <-> WEB-CGI webdriver access (web-cgi.rules, Medium)
 810 <-> WEB-CGI whois_raw.cgi access (web-cgi.rules, Medium)
 811 <-> WEB-CGI websitepro path access (web-cgi.rules, Medium)
 812 <-> WEB-CGI webplus version access (web-cgi.rules, Medium)
 813 <-> WEB-CGI webplus directory traversal (web-cgi.rules, High)
 815 <-> WEB-CGI websendmail access (web-cgi.rules, Medium)
 817 <-> WEB-CGI dcboard.cgi invalid user addition attempt (web-cgi.rules, High)
 818 <-> WEB-CGI dcforum.cgi access (web-cgi.rules, Medium)
 819 <-> WEB-CGI mmstdod.cgi access (web-cgi.rules, Medium)
 820 <-> WEB-CGI anaconda directory transversal attempt (web-cgi.rules, High)
 821 <-> WEB-CGI imagemap.exe overflow attempt (web-cgi.rules, High)
 823 <-> WEB-CGI cvsweb.cgi access (web-cgi.rules, Medium)
 824 <-> WEB-CGI php.cgi access (web-cgi.rules, Medium)
 825 <-> WEB-CGI glimpse access (web-cgi.rules, Medium)
 826 <-> WEB-CGI htmlscript access (web-cgi.rules, Medium)
 827 <-> WEB-CGI info2www access (web-cgi.rules, Medium)
 828 <-> WEB-CGI maillist.pl access (web-cgi.rules, Medium)
 829 <-> WEB-CGI nph-test-cgi access (web-cgi.rules, Medium)
 832 <-> WEB-CGI perl.exe access (web-cgi.rules, Medium)
 833 <-> WEB-CGI rguest.exe access (web-cgi.rules, Medium)
 834 <-> WEB-CGI rwwwshell.pl access (web-cgi.rules, Medium)
 835 <-> WEB-CGI test-cgi access (web-cgi.rules, Medium)
 836 <-> WEB-CGI textcounter.pl access (web-cgi.rules, Medium)
 837 <-> WEB-CGI uploader.exe access (web-cgi.rules, Medium)
 838 <-> WEB-CGI webgais access (web-cgi.rules, Medium)
 839 <-> WEB-CGI finger access (web-cgi.rules, Medium)
 840 <-> WEB-CGI perlshop.cgi access (web-cgi.rules, Medium)
 842 <-> WEB-CGI aglimpse access (web-cgi.rules, Medium)
 843 <-> WEB-CGI anform2 access (web-cgi.rules, Medium)
 844 <-> WEB-CGI args.bat access (web-cgi.rules, Medium)
 845 <-> WEB-CGI AT-admin.cgi access (web-cgi.rules, Medium)
 846 <-> WEB-CGI bnbform.cgi access (web-cgi.rules, Medium)
 847 <-> WEB-CGI campas access (web-cgi.rules, Medium)
 848 <-> WEB-CGI view-source directory traversal (web-cgi.rules, High)
 849 <-> WEB-CGI view-source access (web-cgi.rules, Medium)
 850 <-> WEB-CGI wais.pl access (web-cgi.rules, Medium)
 851 <-> WEB-CGI files.pl access (web-cgi.rules, Medium)
 852 <-> WEB-CGI wguest.exe access (web-cgi.rules, Medium)
 853 <-> WEB-CGI wrap access (web-cgi.rules, Medium)
 854 <-> WEB-CGI classifieds.cgi access (web-cgi.rules, Medium)
 856 <-> WEB-CGI environ.cgi access (web-cgi.rules, Medium)
 857 <-> WEB-CGI faxsurvey access (web-cgi.rules, Medium)
 858 <-> WEB-CGI filemail access (web-cgi.rules, Medium)
 859 <-> WEB-CGI man.sh access (web-cgi.rules, Medium)
 860 <-> WEB-CGI snork.bat access (web-cgi.rules, Medium)
 861 <-> WEB-CGI w3-msql access (web-cgi.rules, Medium)
 863 <-> WEB-CGI day5datacopier.cgi access (web-cgi.rules, Medium)
 864 <-> WEB-CGI day5datanotifier.cgi access (web-cgi.rules, Medium)
 866 <-> WEB-CGI post-query access (web-cgi.rules, Medium)
 867 <-> WEB-CGI visadmin.exe access (web-cgi.rules, Medium)
 869 <-> WEB-CGI dumpenv.pl access (web-cgi.rules, Medium)
 870 <-> WEB-CGI snorkerz.cmd access (web-cgi.rules, Medium)
 871 <-> WEB-CGI survey.cgi access (web-cgi.rules, Medium)
 875 <-> WEB-CGI win-c-sample.exe access (web-cgi.rules, Medium)
 878 <-> WEB-CGI w3tvars.pm access (web-cgi.rules, Medium)
 879 <-> WEB-CGI admin.pl access (web-cgi.rules, Medium)
 880 <-> WEB-CGI LWGate access (web-cgi.rules, Medium)
 881 <-> WEB-CGI archie access (web-cgi.rules, Medium)
 882 <-> WEB-CGI calendar access (web-cgi.rules, Medium)
 883 <-> WEB-CGI flexform access (web-cgi.rules, Medium)
 884 <-> WEB-CGI formmail access (web-cgi.rules, Medium)
 886 <-> WEB-CGI phf access (web-cgi.rules, Medium)
 887 <-> WEB-CGI www-sql access (web-cgi.rules, Medium)
 888 <-> WEB-CGI wwwadmin.pl access (web-cgi.rules, Medium)
 889 <-> WEB-CGI ppdscgi.exe access (web-cgi.rules, Medium)
 890 <-> WEB-CGI sendform.cgi access (web-cgi.rules, Medium)
 891 <-> WEB-CGI upload.pl access (web-cgi.rules, Medium)
 892 <-> WEB-CGI AnyForm2 access (web-cgi.rules, Medium)
 894 <-> WEB-CGI bb-hist.sh access (web-cgi.rules, Medium)
 895 <-> WEB-CGI redirect access (web-cgi.rules, Medium)
 896 <-> WEB-CGI way-board access (web-cgi.rules, Medium)
 897 <-> WEB-CGI pals-cgi access (web-cgi.rules, Medium)
 898 <-> WEB-CGI commerce.cgi access (web-cgi.rules, Medium)
 899 <-> WEB-CGI Amaya templates sendtemp.pl directory traversal attempt (web-cgi.rules, High)
 900 <-> WEB-CGI webspirs.cgi directory traversal attempt (web-cgi.rules, High)
 901 <-> WEB-CGI webspirs.cgi access (web-cgi.rules, Medium)
 902 <-> WEB-CGI tstisapi.dll access (web-cgi.rules, Medium)
 903 <-> WEB-COLDFUSION cfcache.map access (web-coldfusion.rules, Medium)
 904 <-> WEB-COLDFUSION exampleapp application.cfm (web-coldfusion.rules, Medium)
 905 <-> WEB-COLDFUSION application.cfm access (web-coldfusion.rules, Medium)
 906 <-> WEB-COLDFUSION getfile.cfm access (web-coldfusion.rules, Medium)
 907 <-> WEB-COLDFUSION addcontent.cfm access (web-coldfusion.rules, Medium)
 908 <-> WEB-COLDFUSION administrator access (web-coldfusion.rules, Medium)
 909 <-> WEB-COLDFUSION datasource username attempt (web-coldfusion.rules, High)
 910 <-> WEB-COLDFUSION fileexists.cfm access (web-coldfusion.rules, Medium)
 911 <-> WEB-COLDFUSION exprcalc access (web-coldfusion.rules, Medium)
 912 <-> WEB-COLDFUSION parks access (web-coldfusion.rules, Medium)
 913 <-> WEB-COLDFUSION cfappman access (web-coldfusion.rules, Medium)
 914 <-> WEB-COLDFUSION beaninfo access (web-coldfusion.rules, Medium)
 915 <-> WEB-COLDFUSION evaluate.cfm access (web-coldfusion.rules, Medium)
 916 <-> WEB-COLDFUSION getodbcdsn access (web-coldfusion.rules, High)
 917 <-> WEB-COLDFUSION db connections flush attempt (web-coldfusion.rules, High)
 918 <-> WEB-COLDFUSION expeval access (web-coldfusion.rules, High)
 919 <-> WEB-COLDFUSION datasource passwordattempt (web-coldfusion.rules, High)
 920 <-> WEB-COLDFUSION datasource attempt (web-coldfusion.rules, High)
 921 <-> WEB-COLDFUSION admin encrypt attempt (web-coldfusion.rules, High)
 922 <-> WEB-COLDFUSION displayfile access (web-coldfusion.rules, High)
 923 <-> WEB-COLDFUSION getodbcin attempt (web-coldfusion.rules, High)
 924 <-> WEB-COLDFUSION admin decrypt attempt (web-coldfusion.rules, High)
 925 <-> WEB-COLDFUSION mainframeset access (web-coldfusion.rules, Medium)
 926 <-> WEB-COLDFUSION set odbc ini attempt (web-coldfusion.rules, High)
 927 <-> WEB-COLDFUSION settings refresh attempt (web-coldfusion.rules, High)
 928 <-> WEB-COLDFUSION exampleapp access (web-coldfusion.rules, Medium)
 929 <-> WEB-COLDFUSION CFUSION_VERIFYMAIL access (web-coldfusion.rules, High)
 930 <-> WEB-COLDFUSION snippets attempt (web-coldfusion.rules, Medium)
 931 <-> WEB-COLDFUSION cfmlsyntaxcheck.cfm access (web-coldfusion.rules, Medium)
 932 <-> WEB-COLDFUSION application.cfm access (web-coldfusion.rules, Medium)
 933 <-> WEB-COLDFUSION onrequestend.cfm access (web-coldfusion.rules, Medium)
 935 <-> WEB-COLDFUSION startstop DOS access (web-coldfusion.rules, High)
 936 <-> WEB-COLDFUSION gettempdirectory.cfm access  (web-coldfusion.rules, Medium)
 937 <-> WEB-FRONTPAGE _vti_rpc access (web-frontpage.rules, Medium)
 939 <-> WEB-FRONTPAGE posting (web-frontpage.rules, Medium)
 940 <-> WEB-FRONTPAGE shtml.dll access (web-frontpage.rules, Medium)
 941 <-> WEB-FRONTPAGE contents.htm access (web-frontpage.rules, Medium)
 942 <-> WEB-FRONTPAGE orders.htm access (web-frontpage.rules, Medium)
 943 <-> WEB-FRONTPAGE fpsrvadm.exe access (web-frontpage.rules, Medium)
 944 <-> WEB-FRONTPAGE fpremadm.exe access (web-frontpage.rules, Medium)
 945 <-> WEB-FRONTPAGE fpadmin.htm access (web-frontpage.rules, Medium)
 946 <-> WEB-FRONTPAGE fpadmcgi.exe access (web-frontpage.rules, Medium)
 947 <-> WEB-FRONTPAGE orders.txt access (web-frontpage.rules, Medium)
 948 <-> WEB-FRONTPAGE form_results access (web-frontpage.rules, Medium)
 949 <-> WEB-FRONTPAGE registrations.htm access (web-frontpage.rules, Medium)
 950 <-> WEB-FRONTPAGE cfgwiz.exe access (web-frontpage.rules, Medium)
 951 <-> WEB-FRONTPAGE authors.pwd access (web-frontpage.rules, Medium)
 952 <-> WEB-FRONTPAGE author.exe access (web-frontpage.rules, Medium)
 953 <-> WEB-FRONTPAGE administrators.pwd access (web-frontpage.rules, Medium)
 954 <-> WEB-FRONTPAGE form_results.htm access (web-frontpage.rules, Medium)
 955 <-> WEB-FRONTPAGE access.cnf access (web-frontpage.rules, Medium)
 956 <-> WEB-FRONTPAGE register.txt access (web-frontpage.rules, Medium)
 957 <-> WEB-FRONTPAGE registrations.txt access (web-frontpage.rules, Medium)
 958 <-> WEB-FRONTPAGE service.cnf access (web-frontpage.rules, Medium)
 959 <-> WEB-FRONTPAGE service.pwd (web-frontpage.rules, Medium)
 960 <-> WEB-FRONTPAGE service.stp access (web-frontpage.rules, Medium)
 961 <-> WEB-FRONTPAGE services.cnf access (web-frontpage.rules, Medium)
 962 <-> WEB-FRONTPAGE shtml.exe access (web-frontpage.rules, Medium)
 963 <-> WEB-FRONTPAGE svcacl.cnf access (web-frontpage.rules, Medium)
 964 <-> WEB-FRONTPAGE users.pwd access (web-frontpage.rules, Medium)
 965 <-> WEB-FRONTPAGE writeto.cnf access (web-frontpage.rules, Medium)
 966 <-> WEB-FRONTPAGE .... request (web-frontpage.rules, High)
 967 <-> WEB-FRONTPAGE dvwssr.dll access (web-frontpage.rules, Medium)
 968 <-> WEB-FRONTPAGE register.htm access (web-frontpage.rules, Medium)
 969 <-> WEB-IIS WebDAV file lock attempt (web-iis.rules, Medium)
 971 <-> WEB-IIS ISAPI .printer access (web-iis.rules, Medium)
 973 <-> WEB-IIS *.idc attempt (web-iis.rules, High)
 975 <-> WEB-IIS Alternate Data streams ASP file access attempt (web-iis.rules, High)
 978 <-> WEB-IIS ASP contents view (web-iis.rules, High)
 979 <-> WEB-IIS ASP contents view (web-iis.rules, High)
 984 <-> WEB-IIS JET VBA access (web-iis.rules, Medium)
 985 <-> WEB-IIS JET VBA access (web-iis.rules, Medium)
 987 <-> WEB-IIS .htr access (web-iis.rules, Medium)
 988 <-> WEB-IIS SAM Attempt (web-iis.rules, High)
 990 <-> WEB-FRONTPAGE _vti_inf.html access (web-frontpage.rules, Medium)
 993 <-> WEB-IIS iisadmin access (web-iis.rules, High)
 995 <-> WEB-IIS ism.dll access (web-iis.rules, High)
 997 <-> WEB-IIS asp-dot attempt (web-iis.rules, High)
 998 <-> WEB-IIS asp-srch attempt (web-iis.rules, High)
1000 <-> WEB-IIS bdir.htr access (web-iis.rules, Medium)
1003 <-> WEB-IIS cmd? access (web-iis.rules, High)
1005 <-> WEB-IIS codebrowser SDK access (web-iis.rules, Medium)
1008 <-> WEB-IIS del attempt (web-iis.rules, High)
1009 <-> WEB-IIS directory listing (web-iis.rules, High)
1011 <-> WEB-IIS exec-src access (web-iis.rules, Medium)
1012 <-> WEB-IIS fpcount attempt (web-iis.rules, High)
1013 <-> WEB-IIS fpcount access (web-iis.rules, Medium)
1015 <-> WEB-IIS getdrvs.exe access (web-iis.rules, Medium)
1016 <-> WEB-IIS global.asa access (web-iis.rules, Medium)
1017 <-> WEB-IIS idc-srch attempt (web-iis.rules, High)
1018 <-> WEB-IIS iisadmpwd attempt (web-iis.rules, High)
1019 <-> WEB-IIS Malformed Hit-Highlighting Argument File Access Attempt (web-iis.rules, High)
1020 <-> WEB-IIS isc$data attempt (web-iis.rules, High)
1021 <-> WEB-IIS ism.dll attempt (web-iis.rules, High)
1022 <-> WEB-IIS jet vba access (web-iis.rules, Medium)
1023 <-> WEB-IIS msadcs.dll access (web-iis.rules, Medium)
1024 <-> WEB-IIS newdsn.exe access (web-iis.rules, Medium)
1025 <-> WEB-IIS perl access (web-iis.rules, Medium)
1026 <-> WEB-IIS perl-browse newline attempt (web-iis.rules, High)
1027 <-> WEB-IIS perl-browse space attempt (web-iis.rules, High)
1030 <-> WEB-IIS search97.vts access (web-iis.rules, Medium)
1037 <-> WEB-IIS showcode.asp access (web-iis.rules, Medium)
1038 <-> WEB-IIS site server config access (web-iis.rules, Medium)
1039 <-> WEB-IIS srch.htm access (web-iis.rules, Medium)
1040 <-> WEB-IIS srchadm access (web-iis.rules, Medium)
1041 <-> WEB-IIS uploadn.asp access (web-iis.rules, Medium)
1042 <-> WEB-IIS view source via translate header (web-iis.rules, Medium)
1043 <-> WEB-IIS viewcode.asp access (web-iis.rules, Medium)
1044 <-> WEB-IIS webhits access (web-iis.rules, Medium)
1046 <-> WEB-IIS site/iisamples access (web-iis.rules, Medium)
1047 <-> WEB-MISC Netscape Enterprise DOS (web-misc.rules, High)
1048 <-> WEB-MISC Netscape Enterprise directory listing attempt (web-misc.rules, High)
1050 <-> WEB-MISC iPlanet GETPROPERTIES attempt (web-misc.rules, High)
1051 <-> WEB-CGI technote main.cgi file directory traversal attempt (web-cgi.rules, High)
1052 <-> WEB-CGI technote print.cgi directory traversal attempt (web-cgi.rules, High)
1053 <-> WEB-CGI ads.cgi command execution attempt (web-cgi.rules, High)
1056 <-> WEB-MISC Tomcat view source attempt (web-misc.rules, High)
1062 <-> WEB-MISC nc.exe attempt (web-misc.rules, Medium)
1064 <-> WEB-MISC wsh attempt (web-misc.rules, Medium)
1065 <-> WEB-MISC rcmd attempt (web-misc.rules, Medium)
1066 <-> WEB-MISC telnet attempt (web-misc.rules, Medium)
1067 <-> WEB-MISC net attempt (web-misc.rules, Medium)
1068 <-> WEB-MISC tftp attempt (web-misc.rules, Medium)
1070 <-> WEB-MISC WebDAV search access (web-misc.rules, Medium)
1071 <-> WEB-MISC .htpasswd access (web-misc.rules, High)
1072 <-> WEB-MISC Lotus Domino directory traversal (web-misc.rules, High)
1079 <-> WEB-MISC WebDAV propfind access (web-misc.rules, Medium)
1080 <-> WEB-MISC unify eWave ServletExec upload (web-misc.rules, High)
1081 <-> WEB-MISC Netscape Servers suite DOS (web-misc.rules, High)
1082 <-> WEB-MISC amazon 1-click cookie theft (web-misc.rules, High)
1083 <-> WEB-MISC unify eWave ServletExec DOS (web-misc.rules, Medium)
1084 <-> WEB-MISC Allaire JRUN DOS attempt (web-misc.rules, High)
1085 <-> WEB-PHP strings overflow (web-php.rules, High)
1086 <-> WEB-PHP strings overflow (web-php.rules, High)
1088 <-> WEB-CGI eXtropia webstore directory traversal (web-cgi.rules, High)
1089 <-> WEB-CGI shopping cart directory traversal (web-cgi.rules, High)
1090 <-> WEB-CGI Allaire Pro Web Shell attempt (web-cgi.rules, High)
1092 <-> WEB-CGI Armada Style Master Index directory traversal (web-cgi.rules, High)
1093 <-> WEB-CGI cached_feed.cgi moreover shopping cart directory traversal (web-cgi.rules, High)
1095 <-> WEB-MISC Talentsoft Web+ Source Code view access (web-misc.rules, High)
1096 <-> WEB-MISC Talentsoft Web+ internal IP Address access (web-misc.rules, Medium)
1097 <-> WEB-CGI Talentsoft Web+ exploit attempt (web-cgi.rules, High)
1098 <-> WEB-MISC SmartWin CyberOffice Shopping Cart access (web-misc.rules, High)
1099 <-> WEB-MISC cybercop scan (web-misc.rules, Medium)
1100 <-> WEB-MISC L3retriever HTTP Probe (web-misc.rules, Medium)
1101 <-> WEB-MISC Webtrends HTTP probe (web-misc.rules, Medium)
1102 <-> WEB-MISC nessus 1.X 404 probe (web-misc.rules, High)
1103 <-> WEB-MISC Netscape admin passwd (web-misc.rules, High)
1105 <-> WEB-MISC BigBrother access (web-misc.rules, Medium)
1106 <-> WEB-CGI Poll-it access (web-cgi.rules, Medium)
1107 <-> WEB-MISC ftp.pl access (web-misc.rules, Medium)
1108 <-> WEB-MISC Tomcat server snoop access (web-misc.rules, Medium)
1109 <-> WEB-MISC ROXEN directory list attempt (web-misc.rules, Medium)
1110 <-> WEB-MISC apache source.asp file access (web-misc.rules, Medium)
1111 <-> WEB-MISC Tomcat server exploit access (web-misc.rules, Medium)
1112 <-> DELETED http directory traversal (deleted.rules, Medium)
1115 <-> WEB-MISC ICQ webserver DOS (web-misc.rules, Medium)
1116 <-> WEB-MISC Lotus DelDoc attempt (web-misc.rules, Medium)
1117 <-> WEB-MISC Lotus EditDoc attempt (web-misc.rules, Medium)
1118 <-> WEB-MISC ls%20-l (web-misc.rules, Medium)
1119 <-> WEB-MISC mlog.phtml access (web-misc.rules, Medium)
1120 <-> WEB-MISC mylog.phtml access (web-misc.rules, Medium)
1122 <-> WEB-MISC /etc/passwd (web-misc.rules, Medium)
1123 <-> WEB-MISC ?PageServices access (web-misc.rules, Medium)
1124 <-> WEB-MISC Ecommerce check.txt access (web-misc.rules, Medium)
1125 <-> WEB-MISC webcart access (web-misc.rules, Medium)
1126 <-> WEB-MISC AuthChangeUrl access (web-misc.rules, Medium)
1127 <-> WEB-MISC convert.bas access (web-misc.rules, Medium)
1128 <-> WEB-MISC cpshost.dll access (web-misc.rules, Medium)
1129 <-> WEB-MISC .htaccess access (web-misc.rules, Medium)
1130 <-> WEB-MISC .wwwacl access (web-misc.rules, Medium)
1131 <-> WEB-MISC .wwwacl access (web-misc.rules, Medium)
1132 <-> WEB-MISC Netscape Unixware overflow (web-misc.rules, Medium)
1134 <-> WEB-PHP Phorum admin access (web-php.rules, Medium)
1136 <-> WEB-MISC cd.. (web-misc.rules, Medium)
1137 <-> WEB-PHP Phorum authentication access (web-php.rules, Medium)
1139 <-> WEB-MISC whisker HEAD/./ (web-misc.rules, Medium)
1140 <-> WEB-MISC guestbook.pl access (web-misc.rules, Medium)
1141 <-> WEB-MISC handler access (web-misc.rules, Medium)
1142 <-> WEB-MISC /.... access (web-misc.rules, Medium)
1145 <-> WEB-MISC /~root access (web-misc.rules, Medium)
1146 <-> WEB-MISC Ecommerce import.txt access (web-misc.rules, Medium)
1148 <-> WEB-MISC Ecommerce import.txt access (web-misc.rules, Medium)
1149 <-> WEB-CGI count.cgi access (web-cgi.rules, Medium)
1150 <-> WEB-MISC Domino catalog.nsf access (web-misc.rules, Medium)
1151 <-> WEB-MISC Domino domcfg.nsf access (web-misc.rules, Medium)
1152 <-> WEB-MISC Domino domlog.nsf access (web-misc.rules, Medium)
1153 <-> WEB-MISC Domino log.nsf access (web-misc.rules, Medium)
1154 <-> WEB-MISC Domino names.nsf access (web-misc.rules, Medium)
1155 <-> WEB-MISC Ecommerce checks.txt access (web-misc.rules, Medium)
1156 <-> WEB-MISC apache directory disclosure attempt (web-misc.rules, Medium)
1157 <-> WEB-MISC Netscape PublishingXpert access (web-misc.rules, Medium)
1158 <-> WEB-MISC windmail.exe access (web-misc.rules, Medium)
1159 <-> WEB-MISC webplus access (web-misc.rules, Medium)
1160 <-> WEB-MISC Netscape dir index wp (web-misc.rules, Medium)
1161 <-> WEB-PHP piranha passwd.php3 access (web-php.rules, Medium)
1162 <-> WEB-MISC cart 32 AdminPwd access (web-misc.rules, Medium)
1163 <-> WEB-CGI webdist.cgi access (web-cgi.rules, Medium)
1164 <-> WEB-MISC shopping cart access (web-misc.rules, Medium)
1165 <-> WEB-MISC Novell Groupwise gwweb.exe access (web-misc.rules, Medium)
1166 <-> WEB-MISC ws_ftp.ini access (web-misc.rules, Medium)
1167 <-> WEB-MISC rpm_query access (web-misc.rules, Medium)
1168 <-> WEB-MISC mall log order access (web-misc.rules, Medium)
1172 <-> WEB-CGI bigconf.cgi access (web-cgi.rules, Medium)
1173 <-> WEB-MISC architext_query.pl access (web-misc.rules, Medium)
1174 <-> WEB-CGI /cgi-bin/jj access (web-cgi.rules, Medium)
1175 <-> WEB-MISC wwwboard.pl access (web-misc.rules, Medium)
1177 <-> WEB-MISC Netscape Enterprise Server directory view (web-misc.rules, Medium)
1178 <-> WEB-PHP Phorum read access (web-php.rules, Medium)
1179 <-> WEB-PHP Phorum violation access (web-php.rules, Medium)
1180 <-> WEB-MISC get32.exe access (web-misc.rules, Medium)
1181 <-> WEB-MISC Annex Terminal DOS attempt (web-misc.rules, Medium)
1183 <-> WEB-MISC Netscape Enterprise Server directory view (web-misc.rules, Medium)
1184 <-> WEB-MISC Netscape Enterprise Server directory view (web-misc.rules, Medium)
1185 <-> WEB-CGI bizdbsearch attempt (web-cgi.rules, High)
1186 <-> WEB-MISC Netscape Enterprise Server directory view (web-misc.rules, Medium)
1187 <-> WEB-MISC SalesLogix Eviewer web command attempt (web-misc.rules, High)
1188 <-> WEB-MISC Netscape Enterprise Server directory view (web-misc.rules, Medium)
1189 <-> WEB-MISC Netscape Enterprise Server directory view (web-misc.rules, Medium)
1190 <-> WEB-MISC Netscape Enterprise Server directory view (web-misc.rules, Medium)
1191 <-> WEB-MISC Netscape Enterprise Server directory view (web-misc.rules, Medium)
1192 <-> WEB-MISC Trend Micro OfficeScan access (web-misc.rules, Medium)
1193 <-> WEB-MISC oracle web arbitrary command execution attempt (web-misc.rules, High)
1194 <-> WEB-CGI sojourn.cgi File attempt (web-cgi.rules, High)
1195 <-> WEB-CGI sojourn.cgi access (web-cgi.rules, Medium)
1196 <-> WEB-CGI SGI InfoSearch fname attempt (web-cgi.rules, High)
1197 <-> WEB-PHP Phorum code access (web-php.rules, Medium)
1198 <-> WEB-MISC Netscape Enterprise Server directory view (web-misc.rules, High)
1199 <-> WEB-MISC Compaq Insight directory traversal (web-misc.rules, High)
1202 <-> WEB-MISC search.vts access (web-misc.rules, Medium)
1204 <-> WEB-CGI ax-admin.cgi access (web-cgi.rules, Medium)
1205 <-> WEB-CGI axs.cgi access (web-cgi.rules, Medium)
1206 <-> WEB-CGI cachemgr.cgi access (web-cgi.rules, Medium)
1207 <-> WEB-MISC htgrep access (web-misc.rules, Medium)
1208 <-> WEB-CGI responder.cgi access (web-cgi.rules, Medium)
1209 <-> WEB-MISC .nsconfig access (web-misc.rules, Medium)
1211 <-> WEB-CGI web-map.cgi access (web-cgi.rules, Medium)
1212 <-> WEB-MISC Admin_files access (web-misc.rules, Medium)
1213 <-> WEB-MISC backup access (web-misc.rules, Medium)
1214 <-> WEB-MISC intranet access (web-misc.rules, Medium)
1215 <-> WEB-CGI ministats admin access (web-cgi.rules, Medium)
1216 <-> WEB-MISC filemail access (web-misc.rules, Medium)
1217 <-> WEB-MISC plusmail access (web-misc.rules, Medium)
1218 <-> WEB-MISC adminlogin access (web-misc.rules, Medium)
1219 <-> WEB-CGI dfire.cgi access (web-cgi.rules, Medium)
1220 <-> WEB-MISC ultraboard access (web-misc.rules, Medium)
1222 <-> WEB-CGI pals-cgi arbitrary file access attempt (web-cgi.rules, High)
1224 <-> WEB-MISC ROADS search.pl attempt (web-misc.rules, Medium)
1230 <-> WEB-MISC VirusWall FtpSave access (web-misc.rules, Medium)
1231 <-> WEB-MISC VirusWall catinfo access (web-misc.rules, Medium)
1232 <-> WEB-MISC VirusWall catinfo access (web-misc.rules, Medium)
1234 <-> WEB-MISC VirusWall FtpSaveCSP access (web-misc.rules, Medium)
1235 <-> WEB-MISC VirusWall FtpSaveCVP access (web-misc.rules, Medium)
1240 <-> EXPLOIT MDBMS overflow (exploit.rules, High)
1241 <-> WEB-MISC SWEditServlet directory traversal attempt (web-misc.rules, High)
1243 <-> WEB-IIS ISAPI .ida attempt (web-iis.rules, High)
1244 <-> WEB-IIS ISAPI .idq attempt (web-iis.rules, High)
1245 <-> WEB-IIS ISAPI .idq access (web-iis.rules, Medium)
1248 <-> WEB-FRONTPAGE rad fp30reg.dll access (web-frontpage.rules, Medium)
1249 <-> WEB-FRONTPAGE frontpage rad fp4areg.dll access (web-frontpage.rules, Medium)
1250 <-> WEB-MISC Cisco IOS HTTP configuration attempt (web-misc.rules, High)
1252 <-> TELNET bsd telnet exploit response (telnet.rules, High)
1253 <-> TELNET bsd exploit client finishing (telnet.rules, High)
1254 <-> WEB-PHP PHPLIB remote command attempt (web-php.rules, High)
1255 <-> WEB-PHP PHPLIB remote command attempt (web-php.rules, High)
1256 <-> WEB-IIS CodeRed v2 root.exe access (web-iis.rules, High)
1257 <-> DOS Winnuke attack (dos.rules, Medium)
1258 <-> WEB-MISC HP OpenView Manager DOS (web-misc.rules, Low)
1259 <-> WEB-MISC SWEditServlet access (web-misc.rules, Medium)
1260 <-> WEB-MISC long basic authorization string (web-misc.rules, Medium)
1261 <-> EXPLOIT AIX pdnsd overflow (exploit.rules, High)
1274 <-> RPC portmap ttdbserv request TCP (rpc.rules, Medium)
1279 <-> RPC portmap snmpXdmi request UDP (rpc.rules, Medium)
1283 <-> WEB-IIS outlook web dos (web-iis.rules, High)
1284 <-> WEB-CLIENT readme.eml download attempt (web-client.rules, High)
1285 <-> WEB-IIS msdac access (web-iis.rules, Medium)
1286 <-> WEB-IIS _mem_bin access (web-iis.rules, Medium)
1288 <-> WEB-FRONTPAGE /_vti_bin/ access (web-frontpage.rules, Medium)
1290 <-> WEB-CLIENT readme.eml autoload attempt (web-client.rules, High)
1291 <-> WEB-MISC sml3com access (web-misc.rules, Medium)
1295 <-> NETBIOS nimda RICHED20.DLL (netbios.rules, Medium)
1300 <-> WEB-PHP admin.php file upload attempt (web-php.rules, High)
1301 <-> WEB-PHP admin.php access (web-php.rules, Medium)
1302 <-> WEB-MISC console.exe access (web-misc.rules, Medium)
1303 <-> WEB-MISC cs.exe access (web-misc.rules, Medium)
1304 <-> WEB-CGI txt2html.cgi access (web-cgi.rules, Medium)
1305 <-> WEB-CGI txt2html.cgi directory traversal attempt (web-cgi.rules, High)
1307 <-> WEB-CGI store.cgi access (web-cgi.rules, Medium)
1308 <-> WEB-CGI sendmessage.cgi access (web-cgi.rules, Medium)
1323 <-> EXPLOIT rwhoisd format string attempt (exploit.rules, Medium)
1324 <-> EXPLOIT ssh CRC32 overflow /bin/sh (exploit.rules, High)
1326 <-> EXPLOIT ssh CRC32 overflow NOOP (exploit.rules, High)
1327 <-> EXPLOIT ssh CRC32 overflow (exploit.rules, High)
1374 <-> WEB-MISC .htgroup access (web-misc.rules, Medium)
1375 <-> WEB-MISC sadmind worm access (web-misc.rules, Medium)
1376 <-> WEB-MISC jrun directory browse attempt (web-misc.rules, High)
1381 <-> WEB-MISC Trend Micro OfficeScan attempt (web-misc.rules, Medium)
1383 <-> DELETED P2P Fastrack kazaa/morpheus GET request (deleted.rules, High)
1385 <-> WEB-MISC mod-plsql administration access (web-misc.rules, Medium)
1391 <-> WEB-MISC Phorecast remote code execution attempt (web-misc.rules, High)
1392 <-> WEB-CGI lastlines.cgi access (web-cgi.rules, Medium)
1395 <-> WEB-CGI zml.cgi attempt (web-cgi.rules, Medium)
1396 <-> WEB-CGI zml.cgi access (web-cgi.rules, Medium)
1397 <-> WEB-CGI wayboard attempt (web-cgi.rules, High)
1398 <-> EXPLOIT CDE dtspcd exploit attempt (exploit.rules, Medium)
1400 <-> WEB-IIS /scripts/samples/ access (web-iis.rules, High)
1401 <-> WEB-IIS /msadc/samples/ access (web-iis.rules, High)
1402 <-> WEB-IIS iissamples access (web-iis.rules, High)
1403 <-> WEB-MISC viewcode access (web-misc.rules, High)
1404 <-> WEB-MISC showcode access (web-misc.rules, High)
1405 <-> WEB-CGI AHG search.cgi access (web-cgi.rules, Medium)
1406 <-> WEB-CGI agora.cgi access (web-cgi.rules, Medium)
1407 <-> WEB-PHP smssend.php access (web-php.rules, Medium)
1408 <-> DOS MSDTC attempt (dos.rules, Medium)
1410 <-> WEB-CGI dcboard.cgi access (web-cgi.rules, Medium)
1423 <-> WEB-PHP content-disposition memchr overflow (web-php.rules, High)
1433 <-> WEB-MISC .history access (web-misc.rules, High)
1434 <-> WEB-MISC .bash_history access (web-misc.rules, High)
1435 <-> DNS named authors attempt (dns.rules, Medium)
1452 <-> WEB-CGI args.cmd access (web-cgi.rules, Medium)
1453 <-> WEB-CGI AT-generated.cgi access (web-cgi.rules, Medium)
1454 <-> WEB-CGI wwwwais access (web-cgi.rules, Medium)
1455 <-> WEB-CGI calendar.pl access (web-cgi.rules, Medium)
1457 <-> WEB-CGI user_update_admin.pl access (web-cgi.rules, Medium)
1458 <-> WEB-CGI user_update_passwd.pl access (web-cgi.rules, Medium)
1459 <-> WEB-CGI bb-histlog.sh access (web-cgi.rules, Medium)
1460 <-> WEB-CGI bb-histsvc.sh access (web-cgi.rules, Medium)
1461 <-> WEB-CGI bb-rep.sh access (web-cgi.rules, Medium)
1462 <-> WEB-CGI bb-replog.sh access (web-cgi.rules, Medium)
1465 <-> WEB-CGI auktion.cgi access (web-cgi.rules, Medium)
1466 <-> WEB-CGI cgiforum.pl access (web-cgi.rules, Medium)
1467 <-> WEB-CGI directorypro.cgi access (web-cgi.rules, Medium)
1468 <-> WEB-CGI Web Shopper shopper.cgi attempt (web-cgi.rules, High)
1469 <-> WEB-CGI Web Shopper shopper.cgi access (web-cgi.rules, Medium)
1470 <-> WEB-CGI listrec.pl access (web-cgi.rules, Medium)
1471 <-> WEB-CGI mailnews.cgi access (web-cgi.rules, Medium)
1472 <-> WEB-CGI book.cgi access (web-cgi.rules, Medium)
1473 <-> WEB-CGI newsdesk.cgi access (web-cgi.rules, Medium)
1474 <-> WEB-CGI cal_make.pl access (web-cgi.rules, Medium)
1475 <-> WEB-CGI mailit.pl access (web-cgi.rules, Medium)
1476 <-> WEB-CGI sdbsearch.cgi access (web-cgi.rules, Medium)
1478 <-> WEB-CGI swc access (web-cgi.rules, Medium)
1479 <-> WEB-CGI ttawebtop.cgi arbitrary file attempt (web-cgi.rules, High)
1480 <-> WEB-CGI ttawebtop.cgi access (web-cgi.rules, Medium)
1481 <-> WEB-CGI upload.cgi access (web-cgi.rules, Medium)
1482 <-> WEB-CGI view_source access (web-cgi.rules, Medium)
1483 <-> WEB-CGI ustorekeeper.pl access (web-cgi.rules, Medium)
1487 <-> WEB-IIS /iisadmpwd/aexp2.htr access (web-iis.rules, Medium)
1488 <-> WEB-CGI store.cgi directory traversal attempt (web-cgi.rules, High)
1489 <-> WEB-MISC /~nobody access (web-misc.rules, High)
1490 <-> WEB-PHP Phorum /support/common.php attempt (web-php.rules, High)
1491 <-> WEB-PHP Phorum /support/common.php access (web-php.rules, High)
1492 <-> WEB-MISC RBS ISP /newuser  directory traversal attempt (web-misc.rules, High)
1493 <-> WEB-MISC RBS ISP /newuser access (web-misc.rules, Medium)
1494 <-> WEB-CGI SIX webboard generate.cgi attempt (web-cgi.rules, High)
1495 <-> WEB-CGI SIX webboard generate.cgi access (web-cgi.rules, Medium)
1496 <-> WEB-CGI spin_client.cgi access (web-cgi.rules, Medium)
1498 <-> WEB-MISC PIX firewall manager directory traversal attempt (web-misc.rules, High)
1499 <-> WEB-MISC SiteScope Service access (web-misc.rules, Medium)
1500 <-> WEB-MISC ExAir access (web-misc.rules, Medium)
1501 <-> WEB-CGI a1stats a1disp3.cgi directory traversal attempt (web-cgi.rules, High)
1502 <-> WEB-CGI a1stats a1disp3.cgi access (web-cgi.rules, Medium)
1503 <-> WEB-CGI admentor admin.asp access (web-cgi.rules, Medium)
1505 <-> WEB-CGI alchemy http server PRN arbitrary command execution attempt (web-cgi.rules, Medium)
1506 <-> WEB-CGI alchemy http server NUL arbitrary command execution attempt (web-cgi.rules, Medium)
1507 <-> WEB-CGI alibaba.pl arbitrary command execution attempt (web-cgi.rules, High)
1508 <-> WEB-CGI alibaba.pl access (web-cgi.rules, Medium)
1509 <-> WEB-CGI AltaVista Intranet Search directory traversal attempt (web-cgi.rules, High)
1510 <-> WEB-CGI test.bat arbitrary command execution attempt (web-cgi.rules, High)
1511 <-> WEB-CGI test.bat access (web-cgi.rules, Medium)
1512 <-> WEB-CGI input.bat arbitrary command execution attempt (web-cgi.rules, High)
1513 <-> WEB-CGI input.bat access (web-cgi.rules, Medium)
1514 <-> WEB-CGI input2.bat arbitrary command execution attempt (web-cgi.rules, High)
1515 <-> WEB-CGI input2.bat access (web-cgi.rules, Medium)
1516 <-> WEB-CGI envout.bat arbitrary command execution attempt (web-cgi.rules, High)
1517 <-> WEB-CGI envout.bat access (web-cgi.rules, Medium)
1518 <-> WEB-MISC nstelemetry.adp access (web-misc.rules, Medium)
1519 <-> WEB-MISC apache ?M=D directory list attempt (web-misc.rules, Medium)
1520 <-> WEB-MISC server-info access (web-misc.rules, Medium)
1521 <-> WEB-MISC server-status access (web-misc.rules, Medium)
1522 <-> WEB-MISC ans.pl attempt (web-misc.rules, High)
1523 <-> WEB-MISC ans.pl access (web-misc.rules, Medium)
1524 <-> WEB-MISC Axis Storpoint CD attempt (web-misc.rules, High)
1525 <-> WEB-MISC Axis Storpoint CD access (web-misc.rules, Medium)
1526 <-> WEB-MISC basilix sendmail.inc access (web-misc.rules, Medium)
1527 <-> WEB-MISC basilix mysql.class access (web-misc.rules, Medium)
1528 <-> WEB-MISC BBoard access (web-misc.rules, Medium)
1531 <-> WEB-CGI bb-hist.sh attempt (web-cgi.rules, High)
1532 <-> WEB-CGI bb-hostscv.sh attempt (web-cgi.rules, High)
1533 <-> WEB-CGI bb-hostscv.sh access (web-cgi.rules, Medium)
1534 <-> WEB-CGI agora.cgi attempt (web-cgi.rules, High)
1535 <-> WEB-CGI bizdbsearch access (web-cgi.rules, Medium)
1536 <-> WEB-CGI calendar_admin.pl arbitrary command execution attempt (web-cgi.rules, High)
1537 <-> WEB-CGI calendar_admin.pl access (web-cgi.rules, Medium)
1539 <-> WEB-CGI /cgi-bin/ls access (web-cgi.rules, Medium)
1540 <-> WEB-COLDFUSION ?Mode=debug attempt (web-coldfusion.rules, Medium)
1542 <-> WEB-CGI cgimail access (web-cgi.rules, Medium)
1543 <-> WEB-CGI cgiwrap access (web-cgi.rules, Medium)
1544 <-> WEB-MISC Cisco Catalyst command execution attempt (web-misc.rules, Medium)
1545 <-> DOS Cisco attempt (dos.rules, High)
1547 <-> WEB-CGI csSearch.cgi arbitrary command execution attempt (web-cgi.rules, High)
1548 <-> WEB-CGI csSearch.cgi access (web-cgi.rules, Medium)
1551 <-> WEB-MISC /CVS/Entries access (web-misc.rules, Medium)
1552 <-> WEB-MISC cvsweb version access (web-misc.rules, Medium)
1554 <-> WEB-CGI dbman db.cgi access (web-cgi.rules, Medium)
1555 <-> WEB-CGI DCShop access (web-cgi.rules, Medium)
1556 <-> WEB-CGI DCShop orders.txt access (web-cgi.rules, Medium)
1557 <-> WEB-CGI DCShop auth_user_file.txt access (web-cgi.rules, Medium)
1558 <-> WEB-MISC Delegate whois overflow attempt (web-misc.rules, Medium)
1559 <-> WEB-MISC /doc/packages access (web-misc.rules, Medium)
1563 <-> WEB-MISC login.htm attempt (web-misc.rules, Medium)
1564 <-> WEB-MISC login.htm access (web-misc.rules, Medium)
1565 <-> WEB-CGI eshop.pl arbitrary command execution attempt (web-cgi.rules, High)
1566 <-> WEB-CGI eshop.pl access (web-cgi.rules, Medium)
1567 <-> WEB-IIS /exchange/root.asp attempt (web-iis.rules, High)
1568 <-> WEB-IIS /exchange/root.asp access (web-iis.rules, Medium)
1569 <-> WEB-CGI loadpage.cgi directory traversal attempt (web-cgi.rules, High)
1570 <-> WEB-CGI loadpage.cgi access (web-cgi.rules, Medium)
1571 <-> WEB-CGI dcforum.cgi directory traversal attempt (web-cgi.rules, High)
1572 <-> WEB-CGI commerce.cgi arbitrary file access attempt (web-cgi.rules, Medium)
1573 <-> WEB-CGI cgiforum.pl attempt (web-cgi.rules, High)
1574 <-> WEB-CGI directorypro.cgi attempt (web-cgi.rules, High)
1575 <-> WEB-MISC Domino mab.nsf access (web-misc.rules, Medium)
1576 <-> WEB-MISC Domino cersvr.nsf access (web-misc.rules, Medium)
1577 <-> WEB-MISC Domino setup.nsf access (web-misc.rules, Medium)
1578 <-> WEB-MISC Domino statrep.nsf access (web-misc.rules, Medium)
1579 <-> WEB-MISC Domino webadmin.nsf access (web-misc.rules, Medium)
1580 <-> WEB-MISC Domino events4.nsf access (web-misc.rules, Medium)
1581 <-> WEB-MISC Domino ntsync4.nsf access (web-misc.rules, Medium)
1582 <-> WEB-MISC Domino collect4.nsf access (web-misc.rules, Medium)
1583 <-> WEB-MISC Domino mailw46.nsf access (web-misc.rules, Medium)
1584 <-> WEB-MISC Domino bookmark.nsf access (web-misc.rules, Medium)
1585 <-> WEB-MISC Domino agentrunner.nsf access (web-misc.rules, Medium)
1586 <-> WEB-MISC Domino mail.box access (web-misc.rules, Medium)
1587 <-> WEB-MISC cgitest.exe access (web-misc.rules, Medium)
1588 <-> WEB-MISC SalesLogix Eviewer access (web-misc.rules, Medium)
1589 <-> WEB-MISC musicat empower attempt (web-misc.rules, High)
1590 <-> WEB-CGI faqmanager.cgi arbitrary file access attempt (web-cgi.rules, High)
1591 <-> WEB-CGI faqmanager.cgi access (web-cgi.rules, Medium)
1592 <-> WEB-CGI /fcgi-bin/echo.exe access (web-cgi.rules, Medium)
1593 <-> WEB-CGI FormHandler.cgi external site redirection attempt (web-cgi.rules, High)
1594 <-> WEB-CGI FormHandler.cgi access (web-cgi.rules, Medium)
1595 <-> WEB-IIS htimage.exe access (web-iis.rules, Medium)
1597 <-> WEB-CGI guestbook.cgi access (web-cgi.rules, Medium)
1598 <-> WEB-CGI Home Free search.cgi directory traversal attempt (web-cgi.rules, High)
1599 <-> WEB-CGI search.cgi access (web-cgi.rules, Medium)
1600 <-> WEB-CGI htsearch arbitrary configuration file attempt (web-cgi.rules, High)
1601 <-> WEB-CGI htsearch arbitrary file read attempt (web-cgi.rules, High)
1602 <-> WEB-CGI htsearch access (web-cgi.rules, Medium)
1603 <-> WEB-MISC DELETE attempt (web-misc.rules, Medium)
1604 <-> WEB-MISC iChat directory traversal attempt (web-misc.rules, Medium)
1605 <-> DOS iParty DOS attempt (dos.rules, Medium)
1606 <-> WEB-CGI icat access (web-cgi.rules, Medium)
1607 <-> WEB-CGI HyperSeek hsx.cgi access (web-cgi.rules, Medium)
1608 <-> WEB-CGI htmlscript attempt (web-cgi.rules, High)
1610 <-> WEB-CGI formmail arbitrary command execution attempt (web-cgi.rules, High)
1611 <-> WEB-CGI eXtropia webstore access (web-cgi.rules, Medium)
1612 <-> WEB-MISC ftp.pl attempt (web-misc.rules, High)
1613 <-> WEB-MISC handler attempt (web-misc.rules, High)
1614 <-> WEB-MISC Novell Groupwise gwweb.exe attempt (web-misc.rules, Medium)
1615 <-> WEB-MISC htgrep attempt (web-misc.rules, High)
1616 <-> DNS named version attempt (dns.rules, Medium)
1617 <-> WEB-CGI Bugzilla doeditvotes.cgi access (web-cgi.rules, Medium)
1618 <-> WEB-IIS .asp chunked Transfer-Encoding (web-iis.rules, High)
1626 <-> WEB-IIS /StoreCSVS/InstantOrder.asmx request (web-iis.rules, Medium)
1627 <-> BAD-TRAFFIC Unassigned/Reserved IP protocol (bad-traffic.rules, Medium)
1628 <-> WEB-CGI FormHandler.cgi directory traversal attempt attempt (web-cgi.rules, High)
1629 <-> DELETED SecureNetPro traffic (deleted.rules, Medium)
1637 <-> WEB-CGI yabb access (web-cgi.rules, Medium)
1641 <-> DOS DB2 dos attempt (dos.rules, Medium)
1642 <-> WEB-CGI document.d2w access (web-cgi.rules, Medium)
1643 <-> WEB-CGI db2www access (web-cgi.rules, Medium)
1644 <-> WEB-CGI test-cgi attempt (web-cgi.rules, High)
1645 <-> WEB-CGI testcgi access (web-cgi.rules, Medium)
1646 <-> WEB-CGI test.cgi access (web-cgi.rules, Medium)
1648 <-> WEB-CGI perl.exe command attempt (web-cgi.rules, Medium)
1649 <-> WEB-CGI perl command attempt (web-cgi.rules, Medium)
1650 <-> WEB-CGI tst.bat access (web-cgi.rules, Medium)
1651 <-> WEB-CGI environ.pl access (web-cgi.rules, Medium)
1652 <-> WEB-CGI campas attempt (web-cgi.rules, High)
1654 <-> WEB-CGI cart32.exe access (web-cgi.rules, Medium)
1655 <-> WEB-CGI pfdispaly.cgi arbitrary command execution attempt (web-cgi.rules, High)
1656 <-> WEB-CGI pfdispaly.cgi access (web-cgi.rules, Medium)
1657 <-> WEB-CGI pagelog.cgi directory traversal attempt (web-cgi.rules, Medium)
1658 <-> WEB-CGI pagelog.cgi access (web-cgi.rules, Medium)
1659 <-> WEB-COLDFUSION sendmail.cfm access (web-coldfusion.rules, Medium)
1662 <-> WEB-MISC /~ftp access (web-misc.rules, Medium)
1663 <-> WEB-MISC *%20.pl access (web-misc.rules, High)
1664 <-> WEB-MISC mkplog.exe access (web-misc.rules, Medium)
1667 <-> WEB-MISC cross site scripting HTML Image tag set to javascript attempt (web-misc.rules, High)
1668 <-> WEB-CGI /cgi-bin/ access (web-cgi.rules, High)
1669 <-> WEB-CGI /cgi-dos/ access (web-cgi.rules, High)
1670 <-> WEB-MISC /home/ftp access (web-misc.rules, Medium)
1671 <-> WEB-MISC /home/www access (web-misc.rules, Medium)
1699 <-> DELETED P2P Fastrack kazaa/morpheus traffic (deleted.rules, High)
1700 <-> WEB-CGI imagemap.exe access (web-cgi.rules, Medium)
1702 <-> WEB-CGI Amaya templates sendtemp.pl access (web-cgi.rules, Medium)
1703 <-> WEB-CGI auktion.cgi directory traversal attempt (web-cgi.rules, High)
1704 <-> WEB-CGI cal_make.pl directory traversal attempt (web-cgi.rules, High)
1705 <-> WEB-CGI echo.bat arbitrary command execution attempt (web-cgi.rules, High)
1706 <-> WEB-CGI echo.bat access (web-cgi.rules, Medium)
1707 <-> WEB-CGI hello.bat arbitrary command execution attempt (web-cgi.rules, High)
1708 <-> WEB-CGI hello.bat access (web-cgi.rules, Medium)
1709 <-> WEB-CGI ad.cgi access (web-cgi.rules, Medium)
1710 <-> WEB-CGI bbs_forum.cgi access (web-cgi.rules, Medium)
1711 <-> WEB-CGI bsguest.cgi access (web-cgi.rules, Medium)
1712 <-> WEB-CGI bslist.cgi access (web-cgi.rules, Medium)
1713 <-> WEB-CGI cgforum.cgi access (web-cgi.rules, Medium)
1714 <-> WEB-CGI newdesk access (web-cgi.rules, Medium)
1715 <-> WEB-CGI register.cgi access (web-cgi.rules, Medium)
1716 <-> WEB-CGI gbook.cgi access (web-cgi.rules, Medium)
1717 <-> WEB-CGI simplestguest.cgi access (web-cgi.rules, Medium)
1718 <-> WEB-CGI statsconfig.pl access (web-cgi.rules, Medium)
1719 <-> WEB-CGI talkback.cgi directory traversal attempt (web-cgi.rules, High)
1720 <-> WEB-CGI talkback.cgi access (web-cgi.rules, Medium)
1721 <-> WEB-CGI adcycle access (web-cgi.rules, Medium)
1722 <-> WEB-CGI MachineInfo access (web-cgi.rules, Medium)
1723 <-> WEB-CGI emumail.cgi NULL attempt (web-cgi.rules, Medium)
1724 <-> WEB-CGI emumail.cgi access (web-cgi.rules, Medium)
1725 <-> WEB-IIS +.htr code fragment attempt (web-iis.rules, High)
1726 <-> WEB-IIS doctodep.btr access (web-iis.rules, Medium)
1727 <-> WEB-CGI SGI InfoSearch fname access (web-cgi.rules, Medium)
1730 <-> WEB-CGI ustorekeeper.pl directory traversal attempt (web-cgi.rules, High)
1731 <-> WEB-CGI a1stats access (web-cgi.rules, Medium)
1735 <-> WEB-CLIENT XMLHttpRequest attempt (web-client.rules, High)
1736 <-> WEB-PHP squirrel mail spell-check arbitrary command attempt (web-php.rules, High)
1737 <-> WEB-PHP squirrel mail theme arbitrary command attempt (web-php.rules, High)
1738 <-> WEB-MISC global.inc access (web-misc.rules, High)
1739 <-> WEB-PHP DNSTools administrator authentication bypass attempt (web-php.rules, High)
1740 <-> WEB-PHP DNSTools authentication bypass attempt (web-php.rules, High)
1741 <-> WEB-PHP DNSTools access (web-php.rules, Medium)
1742 <-> WEB-PHP Blahz-DNS dostuff.php modify user attempt (web-php.rules, High)
1743 <-> WEB-PHP Blahz-DNS dostuff.php access (web-php.rules, Medium)
1744 <-> WEB-MISC SecureSite authentication bypass attempt (web-misc.rules, High)
1745 <-> WEB-PHP Messagerie supp_membre.php access (web-php.rules, Medium)
1751 <-> EXPLOIT cachefsd buffer overflow attempt (exploit.rules, Medium)
1755 <-> IMAP partial body buffer overflow attempt (imap.rules, Medium)
1756 <-> WEB-IIS NewsPro administration authentication attempt (web-iis.rules, Medium)
1757 <-> WEB-MISC b2 arbitrary command execution attempt (web-misc.rules, High)
1760 <-> DELETED ISS RealSecure 6 event collector connection attempt (deleted.rules, Medium)
1761 <-> DELETED ISS RealSecure 6 daemon connection attempt (deleted.rules, Medium)
1762 <-> WEB-CGI phf arbitrary command execution attempt (web-cgi.rules, High)
1763 <-> WEB-CGI Nortel Contivity cgiproc DOS attempt (web-cgi.rules, High)
1764 <-> WEB-CGI Nortel Contivity cgiproc DOS attempt (web-cgi.rules, High)
1765 <-> WEB-CGI Nortel Contivity cgiproc access (web-cgi.rules, Medium)
1766 <-> WEB-MISC search.dll directory listing attempt (web-misc.rules, High)
1767 <-> WEB-MISC search.dll access (web-misc.rules, Medium)
1769 <-> WEB-MISC .DS_Store access (web-misc.rules, Medium)
1770 <-> WEB-MISC .FBCIndex access (web-misc.rules, Medium)
1773 <-> WEB-PHP php.exe access (web-php.rules, Medium)
1774 <-> WEB-PHP bb_smilies.php access (web-php.rules, Medium)
1777 <-> FTP EXPLOIT STAT * dos attempt (ftp.rules, Medium)
1778 <-> FTP EXPLOIT STAT ? dos attempt (ftp.rules, Medium)
1787 <-> WEB-CGI csPassword.cgi access (web-cgi.rules, Medium)
1788 <-> WEB-CGI csPassword password.cgi.tmp access (web-cgi.rules, Medium)
1805 <-> WEB-CGI Oracle reports CGI access (web-cgi.rules, Medium)
1806 <-> WEB-IIS .htr chunked Transfer-Encoding (web-iis.rules, High)
1807 <-> WEB-MISC Chunked-Encoding transfer attempt (web-misc.rules, High)
1808 <-> WEB-MISC apache chunked encoding memory corruption exploit attempt (web-misc.rules, Medium)
1809 <-> WEB-MISC Apache Chunked-Encoding worm attempt (web-misc.rules, High)
1812 <-> EXPLOIT gobbles SSH exploit attempt (exploit.rules, Medium)
1814 <-> WEB-MISC CISCO VoIP DOS ATTEMPT (web-misc.rules, Medium)
1815 <-> WEB-PHP directory.php arbitrary command attempt (web-php.rules, Medium)
1816 <-> WEB-PHP directory.php access (web-php.rules, Medium)
1817 <-> WEB-IIS MS Site Server default login attempt (web-iis.rules, High)
1818 <-> WEB-IIS MS Site Server admin attempt (web-iis.rules, High)
1820 <-> WEB-MISC IBM Net.Commerce orderdspc.d2w access (web-misc.rules, Medium)
1821 <-> EXPLOIT LPD dvips remote command execution attempt (exploit.rules, Medium)
1822 <-> WEB-CGI alienform.cgi directory traversal attempt (web-cgi.rules, High)
1823 <-> WEB-CGI AlienForm af.cgi directory traversal attempt (web-cgi.rules, High)
1824 <-> WEB-CGI alienform.cgi access (web-cgi.rules, Medium)
1825 <-> WEB-CGI AlienForm af.cgi access (web-cgi.rules, Medium)
1826 <-> WEB-MISC WEB-INF access (web-misc.rules, Medium)
1827 <-> WEB-MISC Tomcat servlet mapping cross site scripting attempt (web-misc.rules, High)
1828 <-> WEB-MISC iPlanet Search directory traversal attempt (web-misc.rules, High)
1829 <-> WEB-MISC Tomcat TroubleShooter servlet access (web-misc.rules, Medium)
1830 <-> WEB-MISC Tomcat SnoopServlet servlet access (web-misc.rules, Medium)
1831 <-> WEB-MISC jigsaw dos attempt (web-misc.rules, High)
1832 <-> CHAT ICQ forced user addition (chat.rules, High)
1834 <-> WEB-PHP PHP-Wiki cross site scripting attempt (web-php.rules, High)
1835 <-> WEB-MISC Macromedia SiteSpring cross site scripting attempt (web-misc.rules, High)
1838 <-> EXPLOIT SSH server banner overflow (exploit.rules, Medium)
1840 <-> WEB-CLIENT Javascript document.domain attempt (web-client.rules, High)
1847 <-> WEB-MISC webalizer access (web-misc.rules, Medium)
1848 <-> WEB-MISC webcart-lite access (web-misc.rules, Medium)
1849 <-> WEB-MISC webfind.exe access (web-misc.rules, Medium)
1850 <-> WEB-CGI way-board.cgi access (web-cgi.rules, Medium)
1851 <-> WEB-MISC active.log access (web-misc.rules, Medium)
1852 <-> WEB-MISC robots.txt access (web-misc.rules, Medium)
1854 <-> DDOS Stacheldraht handler->agent niggahbitch (ddos.rules, Medium)
1855 <-> DDOS Stacheldraht agent->handler skillz (ddos.rules, Medium)
1856 <-> DDOS Stacheldraht handler->agent ficken (ddos.rules, Medium)
1857 <-> WEB-MISC robot.txt access (web-misc.rules, Medium)
1858 <-> WEB-MISC CISCO PIX Firewall Manager directory traversal attempt (web-misc.rules, Medium)
1859 <-> WEB-MISC Sun JavaServer default password login attempt (web-misc.rules, Medium)
1860 <-> WEB-MISC Linksys router default password login attempt (web-misc.rules, Medium)
1861 <-> WEB-MISC Linksys router default username and password login attempt (web-misc.rules, Medium)
1862 <-> WEB-CGI mrtg.cgi directory traversal attempt (web-cgi.rules, High)
1865 <-> WEB-CGI webdist.cgi arbitrary command attempt (web-cgi.rules, High)
1868 <-> WEB-CGI story.pl arbitrary file read attempt (web-cgi.rules, Medium)
1869 <-> WEB-CGI story.pl access (web-cgi.rules, Medium)
1870 <-> WEB-CGI siteUserMod.cgi access (web-cgi.rules, Medium)
1871 <-> WEB-MISC Oracle XSQLConfig.xml access (web-misc.rules, Medium)
1872 <-> WEB-MISC Oracle Dynamic Monitoring Services dms access (web-misc.rules, Medium)
1873 <-> WEB-MISC globals.jsa access (web-misc.rules, Medium)
1874 <-> WEB-MISC Oracle Java Process Manager access (web-misc.rules, Medium)
1875 <-> WEB-CGI cgicso access (web-cgi.rules, Medium)
1876 <-> WEB-CGI nph-publish.cgi access (web-cgi.rules, Medium)
1877 <-> WEB-CGI printenv access (web-cgi.rules, Medium)
1878 <-> WEB-CGI sdbsearch.cgi access (web-cgi.rules, Medium)
1879 <-> WEB-CGI book.cgi arbitrary command execution attempt (web-cgi.rules, High)
1880 <-> WEB-MISC oracle web application server access (web-misc.rules, Medium)
1881 <-> WEB-MISC bad HTTP/1.1 request, Potentially worm attack (web-misc.rules, Medium)
1890 <-> RPC status GHBN format string attack (rpc.rules, Medium)
1891 <-> RPC status GHBN format string attack (rpc.rules, Medium)
1894 <-> EXPLOIT kadmind buffer overflow attempt (exploit.rules, High)
1895 <-> EXPLOIT kadmind buffer overflow attempt (exploit.rules, High)
1896 <-> EXPLOIT kadmind buffer overflow attempt (exploit.rules, High)
1897 <-> EXPLOIT kadmind buffer overflow attempt (exploit.rules, High)
1898 <-> EXPLOIT kadmind buffer overflow attempt (exploit.rules, High)
1899 <-> EXPLOIT kadmind buffer overflow attempt (exploit.rules, High)
1911 <-> RPC sadmind UDP NETMGT_PROC_SERVICE CLIENT_DOMAIN overflow attempt (rpc.rules, High)
1912 <-> RPC sadmind TCP NETMGT_PROC_SERVICE CLIENT_DOMAIN overflow attempt (rpc.rules, High)
1913 <-> RPC STATD UDP stat mon_name format string exploit attempt (rpc.rules, High)
1914 <-> RPC STATD TCP stat mon_name format string exploit attempt (rpc.rules, High)
1915 <-> RPC STATD UDP monitor mon_name format string exploit attempt (rpc.rules, High)
1916 <-> RPC STATD TCP monitor mon_name format string exploit attempt (rpc.rules, High)
1931 <-> WEB-CGI rpc-nlog.pl access (web-cgi.rules, Medium)
1932 <-> WEB-CGI rpc-smb.pl access (web-cgi.rules, Medium)
1933 <-> WEB-CGI cart.cgi access (web-cgi.rules, Medium)
1934 <-> DELETED FOLD overflow attempt (deleted.rules, High)
1935 <-> DELETED FOLD arbitrary file attempt (deleted.rules, Medium)
1943 <-> WEB-MISC /Carello/add.exe access (web-misc.rules, Medium)
1944 <-> WEB-MISC /ecscripts/ecware.exe access (web-misc.rules, Medium)
1946 <-> WEB-MISC answerbook2 admin attempt (web-misc.rules, Medium)
1947 <-> WEB-MISC answerbook2 arbitrary command execution attempt (web-misc.rules, High)
1957 <-> RPC sadmind UDP PING (rpc.rules, Low)
1958 <-> RPC sadmind TCP PING (rpc.rules, Low)
1964 <-> RPC tooltalk UDP overflow attempt (rpc.rules, High)
1965 <-> RPC tooltalk TCP overflow attempt (rpc.rules, High)
1967 <-> WEB-PHP phpbb quick-reply.php arbitrary command attempt (web-php.rules, High)
1968 <-> WEB-PHP phpbb quick-reply.php access (web-php.rules, Medium)
1969 <-> WEB-MISC ion-p access (web-misc.rules, Medium)
1970 <-> WEB-IIS MDAC Content-Type overflow attempt (web-iis.rules, High)
1977 <-> WEB-MISC xp_regwrite attempt (web-misc.rules, Medium)
1978 <-> WEB-MISC xp_regdeletekey attempt (web-misc.rules, Medium)
1979 <-> WEB-MISC perl post attempt (web-misc.rules, High)
1994 <-> WEB-CGI vpasswd.cgi access (web-cgi.rules, Medium)
1995 <-> WEB-CGI alya.cgi access (web-cgi.rules, Medium)
1996 <-> WEB-CGI viralator.cgi access (web-cgi.rules, Medium)
1997 <-> WEB-PHP read_body.php access attempt (web-php.rules, Medium)
1998 <-> WEB-PHP calendar.php access (web-php.rules, Medium)
1999 <-> WEB-PHP edit_image.php access (web-php.rules, Medium)
2000 <-> WEB-PHP readmsg.php access (web-php.rules, Medium)
2001 <-> WEB-CGI smartsearch.cgi access (web-cgi.rules, Medium)
2002 <-> WEB-PHP remote include path (web-php.rules, High)
2003 <-> SQL Worm propagation attempt (sql.rules, Medium)
2004 <-> SQL Worm propagation attempt OUTBOUND (sql.rules, Medium)
2006 <-> RPC portmap kcms_server request TCP (rpc.rules, Medium)
2045 <-> RPC snmpXdmi overflow attempt UDP (rpc.rules, High)
2051 <-> WEB-CGI cached_feed.cgi moreover shopping cart access (web-cgi.rules, Medium)
2052 <-> WEB-CGI overflow.cgi access (web-cgi.rules, Medium)
2053 <-> WEB-CGI process_bug.cgi access (web-cgi.rules, Medium)
2054 <-> WEB-CGI enter_bug.cgi arbitrary command attempt (web-cgi.rules, High)
2055 <-> WEB-CGI enter_bug.cgi access (web-cgi.rules, Medium)
2057 <-> WEB-MISC helpout.exe access (web-misc.rules, Medium)
2058 <-> WEB-MISC MsmMask.exe attempt (web-misc.rules, High)
2059 <-> WEB-MISC MsmMask.exe access (web-misc.rules, Medium)
2060 <-> WEB-MISC DB4Web access (web-misc.rules, Medium)
2061 <-> WEB-MISC Tomcat null byte directory listing attempt (web-misc.rules, High)
2062 <-> WEB-MISC iPlanet .perf access (web-misc.rules, Medium)
2063 <-> WEB-MISC Demarc SQL injection attempt (web-misc.rules, Medium)
2068 <-> WEB-MISC BitKeeper arbitrary command attempt (web-misc.rules, High)
2069 <-> WEB-MISC chip.ini access (web-misc.rules, Medium)
2070 <-> WEB-MISC post32.exe arbitrary command attempt (web-misc.rules, High)
2071 <-> WEB-MISC post32.exe access (web-misc.rules, Medium)
2072 <-> WEB-MISC lyris.pl access (web-misc.rules, Medium)
2073 <-> WEB-MISC globals.pl access (web-misc.rules, Medium)
2074 <-> WEB-PHP Mambo uploadimage.php upload php file attempt (web-php.rules, High)
2075 <-> WEB-PHP Mambo upload.php upload php file attempt (web-php.rules, High)
2076 <-> WEB-PHP Mambo uploadimage.php access (web-php.rules, Medium)
2077 <-> WEB-PHP Mambo upload.php access (web-php.rules, Medium)
2078 <-> WEB-PHP phpBB privmsg.php access (web-php.rules, Medium)
2085 <-> WEB-CGI parse_xml.cgi access (web-cgi.rules, Medium)
2086 <-> WEB-CGI streaming server parse_xml.cgi access (web-cgi.rules, Medium)
2090 <-> WEB-IIS WEBDAV exploit attempt (web-iis.rules, High)
2094 <-> RPC CMSD UDP CMSD_CREATE array buffer overflow attempt (rpc.rules, High)
2095 <-> RPC CMSD TCP CMSD_CREATE array buffer overflow attempt (rpc.rules, High)
2115 <-> WEB-CGI album.pl access (web-cgi.rules, Medium)
2116 <-> WEB-CGI chipcfg.cgi access (web-cgi.rules, Medium)
2127 <-> WEB-CGI ikonboard.cgi access (web-cgi.rules, Medium)
2128 <-> WEB-CGI swsrv.cgi access (web-cgi.rules, Medium)
2129 <-> WEB-IIS nsiislog.dll access (web-iis.rules, Medium)
2130 <-> WEB-IIS IISProtect siteadmin.asp access (web-iis.rules, Medium)
2131 <-> WEB-IIS IISProtect access (web-iis.rules, Medium)
2132 <-> WEB-IIS Synchrologic Email Accelerator userid list access attempt (web-iis.rules, Medium)
2135 <-> WEB-MISC philboard.mdb access (web-misc.rules, Medium)
2136 <-> WEB-MISC philboard_admin.asp authentication bypass attempt (web-misc.rules, High)
2137 <-> WEB-MISC philboard_admin.asp access (web-misc.rules, Medium)
2138 <-> WEB-MISC logicworks.ini access (web-misc.rules, Medium)
2139 <-> WEB-MISC /*.shtml access (web-misc.rules, Medium)
2140 <-> WEB-PHP p-news.php access (web-php.rules, Medium)
2141 <-> WEB-PHP shoutbox.php directory traversal attempt (web-php.rules, High)
2142 <-> WEB-PHP shoutbox.php access (web-php.rules, Medium)
2143 <-> WEB-PHP b2 cafelog gm-2-b2.php remote file include attempt (web-php.rules, High)
2144 <-> WEB-PHP b2 cafelog gm-2-b2.php access (web-php.rules, Medium)
2145 <-> WEB-PHP TextPortal admin.php default password admin attempt (web-php.rules, Medium)
2146 <-> WEB-PHP TextPortal admin.php default password 12345 attempt (web-php.rules, Medium)
2147 <-> WEB-PHP BLNews objects.inc.php4 remote file include attempt (web-php.rules, High)
2148 <-> WEB-PHP BLNews objects.inc.php4 access (web-php.rules, Medium)
2149 <-> WEB-PHP Turba status.php access (web-php.rules, Medium)
2150 <-> WEB-PHP ttCMS header.php remote file include attempt (web-php.rules, High)
2151 <-> WEB-PHP ttCMS header.php access (web-php.rules, Medium)
2152 <-> WEB-PHP test.php access (web-php.rules, Medium)
2153 <-> WEB-PHP autohtml.php directory traversal attempt (web-php.rules, High)
2154 <-> WEB-PHP autohtml.php access (web-php.rules, Medium)
2155 <-> WEB-PHP ttforum remote file include attempt (web-php.rules, High)
2156 <-> WEB-MISC mod_gzip_status access (web-misc.rules, Medium)
2157 <-> WEB-IIS IISProtect globaladmin.asp access (web-iis.rules, Medium)
2184 <-> RPC mountd TCP mount path overflow attempt (rpc.rules, Medium)
2185 <-> RPC mountd UDP mount path overflow attempt (rpc.rules, Medium)
2186 <-> BAD-TRAFFIC IP Proto 53 SWIPE (bad-traffic.rules, Medium)
2187 <-> BAD-TRAFFIC IP Proto 55 IP Mobility (bad-traffic.rules, Medium)
2188 <-> BAD-TRAFFIC IP Proto 77 Sun ND (bad-traffic.rules, Medium)
2189 <-> BAD-TRAFFIC IP Proto 103 PIM (bad-traffic.rules, Medium)
2194 <-> WEB-CGI CSMailto.cgi access (web-cgi.rules, Medium)
2195 <-> WEB-CGI alert.cgi access (web-cgi.rules, Medium)
2196 <-> WEB-CGI catgy.cgi access (web-cgi.rules, Medium)
2197 <-> WEB-CGI cvsview2.cgi access (web-cgi.rules, Medium)
2198 <-> WEB-CGI cvslog.cgi access (web-cgi.rules, Medium)
2199 <-> WEB-CGI multidiff.cgi access (web-cgi.rules, Medium)
2200 <-> WEB-CGI dnewsweb.cgi access (web-cgi.rules, Medium)
2201 <-> WEB-CGI download.cgi access (web-cgi.rules, Medium)
2202 <-> WEB-CGI edit_action.cgi access (web-cgi.rules, Medium)
2203 <-> WEB-CGI everythingform.cgi access (web-cgi.rules, Medium)
2204 <-> WEB-CGI ezadmin.cgi access (web-cgi.rules, Medium)
2205 <-> WEB-CGI ezboard.cgi access (web-cgi.rules, Medium)
2206 <-> WEB-CGI ezman.cgi access (web-cgi.rules, Medium)
2207 <-> WEB-CGI fileseek.cgi access (web-cgi.rules, Medium)
2208 <-> WEB-CGI fom.cgi access (web-cgi.rules, Medium)
2209 <-> WEB-CGI getdoc.cgi access (web-cgi.rules, Medium)
2210 <-> WEB-CGI global.cgi access (web-cgi.rules, Medium)
2211 <-> WEB-CGI guestserver.cgi access (web-cgi.rules, Medium)
2212 <-> WEB-CGI imageFolio.cgi access (web-cgi.rules, Medium)
2213 <-> WEB-CGI mailfile.cgi access (web-cgi.rules, Medium)
2214 <-> WEB-CGI mailview.cgi access (web-cgi.rules, Medium)
2215 <-> WEB-CGI nsManager.cgi access (web-cgi.rules, Medium)
2216 <-> WEB-CGI readmail.cgi access (web-cgi.rules, Medium)
2217 <-> WEB-CGI printmail.cgi access (web-cgi.rules, Medium)
2218 <-> WEB-CGI service.cgi access (web-cgi.rules, Medium)
2219 <-> WEB-CGI setpasswd.cgi access (web-cgi.rules, Medium)
2220 <-> WEB-CGI simplestmail.cgi access (web-cgi.rules, Medium)
2221 <-> WEB-CGI ws_mail.cgi access (web-cgi.rules, Medium)
2222 <-> WEB-CGI nph-exploitscanget.cgi access (web-cgi.rules, Medium)
2223 <-> WEB-CGI csNews.cgi access (web-cgi.rules, Medium)
2224 <-> WEB-CGI psunami.cgi access (web-cgi.rules, Medium)
2225 <-> WEB-CGI gozila.cgi access (web-cgi.rules, Medium)
2226 <-> WEB-PHP pmachine remote file include attempt (web-php.rules, High)
2227 <-> WEB-PHP forum_details.php access (web-php.rules, High)
2228 <-> WEB-PHP phpMyAdmin db_details_importdocsql.php access (web-php.rules, High)
2229 <-> WEB-PHP viewtopic.php access (web-php.rules, High)
2230 <-> WEB-MISC NetGear router default password login attempt admin/password (web-misc.rules, Medium)
2231 <-> WEB-MISC register.dll access (web-misc.rules, Medium)
2232 <-> WEB-MISC ContentFilter.dll access (web-misc.rules, Medium)
2233 <-> WEB-MISC SFNofitication.dll access (web-misc.rules, Medium)
2234 <-> WEB-MISC TOP10.dll access (web-misc.rules, Medium)
2235 <-> WEB-MISC SpamExcp.dll access (web-misc.rules, Medium)
2236 <-> WEB-MISC spamrule.dll access (web-misc.rules, Medium)
2237 <-> WEB-MISC cgiWebupdate.exe access (web-misc.rules, Medium)
2238 <-> WEB-MISC WebLogic ConsoleHelp view source attempt (web-misc.rules, High)
2239 <-> WEB-MISC redirect.exe access (web-misc.rules, Medium)
2240 <-> WEB-MISC changepw.exe access (web-misc.rules, Medium)
2241 <-> WEB-MISC cwmail.exe access (web-misc.rules, Medium)
2242 <-> WEB-MISC ddicgi.exe access (web-misc.rules, Medium)
2243 <-> WEB-MISC ndcgi.exe access (web-misc.rules, Medium)
2244 <-> WEB-MISC VsSetCookie.exe access (web-misc.rules, Medium)
2245 <-> WEB-MISC Webnews.exe access (web-misc.rules, Medium)
2246 <-> WEB-MISC webadmin.dll access (web-misc.rules, Medium)
2247 <-> WEB-IIS UploadScript11.asp access (web-iis.rules, Medium)
2248 <-> WEB-IIS DirectoryListing.asp access (web-iis.rules, Medium)
2261 <-> SMTP SEND FROM sendmail prescan too many addresses overflow (smtp.rules, High)
2262 <-> SMTP SEND FROM sendmail prescan too long addresses overflow (smtp.rules, Medium)
2263 <-> SMTP SAML FROM sendmail prescan too many addresses overflow (smtp.rules, High)
2264 <-> SMTP SAML FROM sendmail prescan too long addresses overflow (smtp.rules, Medium)
2265 <-> SMTP SOML FROM sendmail prescan too many addresses overflow (smtp.rules, High)
2266 <-> SMTP SOML FROM sendmail prescan too long addresses overflow (smtp.rules, Medium)
2268 <-> SMTP MAIL FROM sendmail prescan too long addresses overflow (smtp.rules, High)
2270 <-> SMTP RCPT TO sendmail prescan too long addresses overflow (smtp.rules, High)
2276 <-> WEB-MISC oracle portal demo access (web-misc.rules, Medium)
2277 <-> WEB-MISC PeopleSoft PeopleBooks psdoccgi access (web-misc.rules, Medium)
2278 <-> WEB-MISC client negative Content-Length attempt (web-misc.rules, Medium)
2279 <-> WEB-PHP UpdateClasses.php access (web-php.rules, Medium)
2280 <-> WEB-PHP Title.php access (web-php.rules, Medium)
2281 <-> WEB-PHP Setup.php access (web-php.rules, Medium)
2282 <-> WEB-PHP GlobalFunctions.php access (web-php.rules, Medium)
2283 <-> WEB-PHP DatabaseFunctions.php access (web-php.rules, Medium)
2284 <-> WEB-PHP rolis guestbook remote file include attempt (web-php.rules, High)
2285 <-> WEB-PHP rolis guestbook access (web-php.rules, Medium)
2286 <-> WEB-PHP friends.php access (web-php.rules, Medium)
2287 <-> WEB-PHP Advanced Poll admin_comment.php access (web-php.rules, Medium)
2288 <-> WEB-PHP Advanced Poll admin_edit.php access (web-php.rules, Medium)
2289 <-> WEB-PHP Advanced Poll admin_embed.php access (web-php.rules, Medium)
2290 <-> WEB-PHP Advanced Poll admin_help.php access (web-php.rules, Medium)
2291 <-> WEB-PHP Advanced Poll admin_license.php access (web-php.rules, Medium)
2292 <-> WEB-PHP Advanced Poll admin_logout.php access (web-php.rules, Medium)
2293 <-> WEB-PHP Advanced Poll admin_password.php access (web-php.rules, Medium)
2294 <-> WEB-PHP Advanced Poll admin_preview.php access (web-php.rules, Medium)
2295 <-> WEB-PHP Advanced Poll admin_settings.php access (web-php.rules, Medium)
2296 <-> WEB-PHP Advanced Poll admin_stats.php access (web-php.rules, Medium)
2297 <-> WEB-PHP Advanced Poll admin_templates_misc.php access (web-php.rules, Medium)
2298 <-> WEB-PHP Advanced Poll admin_templates.php access (web-php.rules, Medium)
2299 <-> WEB-PHP Advanced Poll admin_tpl_misc_new.php access (web-php.rules, Medium)
2300 <-> WEB-PHP Advanced Poll admin_tpl_new.php access (web-php.rules, Medium)
2301 <-> WEB-PHP Advanced Poll booth.php access (web-php.rules, Medium)
2302 <-> WEB-PHP Advanced Poll poll_ssi.php access (web-php.rules, Medium)
2303 <-> WEB-PHP Advanced Poll popup.php access (web-php.rules, Medium)
2304 <-> WEB-PHP files.inc.php access (web-php.rules, Medium)
2305 <-> WEB-PHP chatbox.php access (web-php.rules, Medium)
2306 <-> WEB-PHP gallery remote file include attempt (web-php.rules, High)
2307 <-> WEB-PHP PayPal Storefront remote file include attempt (web-php.rules, High)
2319 <-> EXPLOIT ebola PASS overflow attempt (exploit.rules, High)
2320 <-> EXPLOIT ebola USER overflow attempt (exploit.rules, High)
2323 <-> WEB-CGI quickstore.cgi access (web-cgi.rules, Medium)
2327 <-> WEB-MISC bsml.pl access (web-misc.rules, Medium)
2328 <-> WEB-PHP authentication_index.php access (web-php.rules, Medium)
2331 <-> WEB-PHP MatrikzGB privilege escalation attempt (web-php.rules, Medium)
2334 <-> FTP Yak! FTP server default account login attempt (ftp.rules, Medium)
2335 <-> FTP RMD / attempt (ftp.rules, Medium)
2341 <-> WEB-PHP DCP-Portal remote file include editor script attempt (web-php.rules, High)
2342 <-> WEB-PHP DCP-Portal remote file include lib script attempt (web-php.rules, High)
2345 <-> WEB-PHP PhpGedView search.php access (web-php.rules, Medium)
2346 <-> WEB-PHP myPHPNuke chatheader.php access (web-php.rules, Medium)
2347 <-> WEB-PHP myPHPNuke partner.php access (web-php.rules, Medium)
2353 <-> WEB-PHP IdeaBox cord.php file include (web-php.rules, Medium)
2354 <-> WEB-PHP IdeaBox notification.php file include (web-php.rules, Medium)
2355 <-> WEB-PHP Invision Board emailer.php file include (web-php.rules, Medium)
2356 <-> WEB-PHP WebChat db_mysql.php file include (web-php.rules, High)
2357 <-> WEB-PHP WebChat english.php file include (web-php.rules, High)
2358 <-> WEB-PHP Typo3 translations.php file include (web-php.rules, High)
2359 <-> WEB-PHP Invision Board ipchat.php file include (web-php.rules, High)
2360 <-> WEB-PHP myphpPagetool pt_config.inc file include (web-php.rules, High)
2361 <-> WEB-PHP news.php file include (web-php.rules, High)
2362 <-> WEB-PHP YaBB SE packages.php file include (web-php.rules, High)
2363 <-> WEB-PHP Cyboards default_header.php access (web-php.rules, Medium)
2364 <-> WEB-PHP Cyboards options_form.php access (web-php.rules, Medium)
2365 <-> WEB-PHP newsPHP Language file include attempt (web-php.rules, Medium)
2366 <-> WEB-PHP PhpGedView PGV authentication_index.php base directory manipulation attempt (web-php.rules, High)
2367 <-> WEB-PHP PhpGedView PGV functions.php base directory manipulation attempt (web-php.rules, High)
2368 <-> WEB-PHP PhpGedView PGV config_gedcom.php base directory manipulation attempt (web-php.rules, High)
2369 <-> WEB-MISC ISAPISkeleton.dll access (web-misc.rules, Medium)
2370 <-> WEB-MISC BugPort config.conf file access (web-misc.rules, Medium)
2371 <-> WEB-MISC Sample_showcode.html access (web-misc.rules, Medium)
2372 <-> WEB-PHP Photopost PHP Pro showphoto.php access (web-php.rules, Medium)
2376 <-> EXPLOIT ISAKMP first payload certificate request length overflow attempt (exploit.rules, High)
2377 <-> EXPLOIT ISAKMP second payload certificate request length overflow attempt (exploit.rules, High)
2378 <-> EXPLOIT ISAKMP third payload certificate request length overflow attempt (exploit.rules, High)
2379 <-> EXPLOIT ISAKMP forth payload certificate request length overflow attempt (exploit.rules, High)
2380 <-> EXPLOIT ISAKMP fifth payload certificate request length overflow attempt (exploit.rules, High)
2386 <-> WEB-IIS NTLM ASN1 vulnerability scan attempt (web-iis.rules, Medium)
2387 <-> WEB-CGI view_broadcast.cgi access (web-cgi.rules, Medium)
2388 <-> WEB-CGI streaming server view_broadcast.cgi access (web-cgi.rules, Medium)
2393 <-> WEB-PHP /_admin access (web-php.rules, Medium)
2394 <-> WEB-MISC Compaq web-based management agent denial of service attempt (web-misc.rules, High)
2395 <-> WEB-MISC InteractiveQuery.jsp access (web-misc.rules, Medium)
2396 <-> WEB-CGI CCBill whereami.cgi arbitrary command execution attempt (web-cgi.rules, High)
2397 <-> WEB-CGI CCBill whereami.cgi access (web-cgi.rules, Medium)
2398 <-> WEB-PHP WAnewsletter newsletter.php file include attempt (web-php.rules, High)
2399 <-> WEB-PHP WAnewsletter db_type.php access (web-php.rules, Medium)
2400 <-> WEB-MISC edittag.pl access (web-misc.rules, Medium)
2405 <-> WEB-PHP phptest.php access (web-php.rules, Medium)
2406 <-> TELNET APC SmartSlot default admin account attempt (telnet.rules, Medium)
2407 <-> WEB-MISC util.pl access (web-misc.rules, Medium)
2408 <-> WEB-MISC Invision Power Board search.pl access (web-misc.rules, Medium)
2409 <-> POP3 APOP USER overflow attempt (pop3.rules, High)
2410 <-> WEB-PHP IGeneric Free Shopping Cart page.php access (web-php.rules, Medium)
2411 <-> WEB-MISC Real Server DESCRIBE buffer overflow attempt (web-misc.rules, High)
2413 <-> EXPLOIT ISAKMP delete hash with empty hash attempt (exploit.rules, Medium)
2414 <-> EXPLOIT ISAKMP initial contact notification without SPI attempt (exploit.rules, Medium)
2415 <-> EXPLOIT ISAKMP second payload initial contact notification without SPI attempt (exploit.rules, Medium)
2422 <-> MULTIMEDIA realplayer .rt playlist download attempt (multimedia.rules, Low)
2423 <-> MULTIMEDIA realplayer .rp playlist download attempt (multimedia.rules, Low)
2434 <-> WEB-CGI MDaemon form2raw.cgi access (web-cgi.rules, Medium)
2438 <-> WEB-CLIENT RealPlayer playlist file URL overflow attempt (web-client.rules, High)
2439 <-> WEB-CLIENT RealPlayer playlist http URL overflow attempt (web-client.rules, High)
2440 <-> WEB-CLIENT RealPlayer playlist rtsp URL overflow attempt (web-client.rules, High)
2441 <-> WEB-MISC NetObserve authentication bypass attempt (web-misc.rules, High)
2442 <-> WEB-MISC Quicktime User-Agent buffer overflow attempt (web-misc.rules, High)
2446 <-> EXPLOIT ICQ SRV_MULTI/SRV_META_USER overflow attempt (exploit.rules, Medium)
2447 <-> WEB-MISC ServletManager access (web-misc.rules, Medium)
2448 <-> WEB-MISC setinfo.hts access (web-misc.rules, Medium)
2484 <-> WEB-MISC source.jsp access (web-misc.rules, Medium)
2485 <-> WEB-CLIENT Norton antivirus sysmspam.dll load attempt (web-client.rules, High)
2486 <-> DOS ISAKMP invalid identification payload attempt (dos.rules, Medium)
2487 <-> SMTP WinZip MIME content-type buffer overflow (smtp.rules, High)
2488 <-> SMTP WinZip MIME content-disposition buffer overflow (smtp.rules, High)
2489 <-> EXPLOIT esignal STREAMQUOTE buffer overflow attempt (exploit.rules, High)
2490 <-> EXPLOIT esignal SNAPQUOTE buffer overflow attempt (exploit.rules, High)
2497 <-> IMAP SSLv3 invalid data version attempt (imap.rules, Medium)
2502 <-> POP3 SSLv3 invalid data version attempt (pop3.rules, Medium)
2504 <-> SMTP SSLv3 invalid data version attempt (smtp.rules, Medium)
2521 <-> WEB-MISC SSLv3 Server_Hello request (web-misc.rules, Low)
2522 <-> WEB-MISC SSLv3 invalid Client_Hello attempt (web-misc.rules, Medium)
2523 <-> DOS BGP spoofed connection reset attempt (dos.rules, Medium)
2529 <-> IMAP SSLv3 Client_Hello request (imap.rules, Low)
2530 <-> IMAP SSLv3 Server_Hello request (imap.rules, Low)
2531 <-> IMAP SSLv3 invalid Client_Hello attempt (imap.rules, Medium)
2535 <-> POP3 SSLv3 Client_Hello request (pop3.rules, Low)
2536 <-> POP3 SSLv3 Server_Hello request (pop3.rules, Low)
2537 <-> POP3 SSLv3 invalid Client_Hello attempt (pop3.rules, Medium)
2541 <-> SMTP TLS SSLv3 invalid data version attempt (smtp.rules, Medium)
2542 <-> SMTP SSLv3 Client_Hello request (smtp.rules, Low)
2543 <-> SMTP SSLv3 Server_Hello request (smtp.rules, Low)
2544 <-> SMTP SSLv3 invalid Client_Hello attempt (smtp.rules, Medium)
2562 <-> WEB-MISC McAfee ePO file upload attempt (web-misc.rules, High)
2565 <-> WEB-PHP modules.php access (web-php.rules, Medium)
2566 <-> WEB-PHP PHPBB viewforum.php access (web-php.rules, Medium)
2567 <-> WEB-CGI Emumail init.emu access (web-cgi.rules, Medium)
2568 <-> WEB-CGI Emumail emumail.fcgi access (web-cgi.rules, Medium)
2569 <-> WEB-MISC cPanel resetpass access (web-misc.rules, Medium)
2572 <-> WEB-IIS SmarterTools SmarterMail login.aspx buffer overflow attempt (web-iis.rules, High)
2575 <-> WEB-PHP Opt-X header.php remote file include attempt (web-php.rules, High)
2576 <-> ORACLE dbms_repcat.generate_replication_support buffer overflow attempt (oracle.rules, High)
2577 <-> WEB-CLIENT local resource redirection attempt (web-client.rules, High)
2581 <-> WEB-MISC Crystal Reports crystalimagehandler.aspx access (web-misc.rules, Medium)
2582 <-> WEB-MISC Crystal Reports crystalImageHandler.aspx directory traversal attempt (web-misc.rules, High)
2584 <-> EXPLOIT eMule buffer overflow attempt (exploit.rules, High)
2588 <-> WEB-PHP TUTOS path disclosure attempt (web-php.rules, Medium)
2589 <-> WEB-CLIENT Content-Disposition CLSID command attempt (web-client.rules, High)
2597 <-> WEB-MISC Samba SWAT Authorization overflow attempt (web-misc.rules, High)
2598 <-> WEB-MISC Samba SWAT Authorization port 901 overflow attempt (web-misc.rules, High)
2599 <-> ORACLE dbms_repcat.add_grouped_column buffer overflow attempt (oracle.rules, High)
2601 <-> ORACLE dbms_repcat.drop_master_repgroup buffer overflow attempt (oracle.rules, High)
2603 <-> ORACLE dbms_repcat.create_mview_repgroup buffer overflow attempt (oracle.rules, High)
2605 <-> ORACLE dbms_repcat.compare_old_values buffer overflow attempt (oracle.rules, High)
2606 <-> ORACLE dbms_repcat.comment_on_repobject buffer overflow attempt (oracle.rules, High)
2608 <-> ORACLE sysdbms_repcat_rgt.check_ddl_text buffer overflow attempt (oracle.rules, High)
2609 <-> ORACLE dbms_repcat.cancel_statistics buffer overflow attempt (oracle.rules, High)
2611 <-> ORACLE LINK metadata buffer overflow attempt (oracle.rules, High)
2612 <-> ORACLE sys.dbms_repcat_auth.revoke_surrogate_repcat buffer overflow attempt (oracle.rules, High)
2614 <-> ORACLE time_zone buffer overflow attempt (oracle.rules, High)
2615 <-> ORACLE sys.dbms_repcat_auth.grant_surrogate_repcat buffer overflow attempt (oracle.rules, High)
2617 <-> ORACLE sys.dbms_repcat.alter_mview_propagation buffer overflow attempt (oracle.rules, High)
2619 <-> ORACLE dbms_repcat.alter_master_repobject buffer overflow attempt (oracle.rules, High)
2621 <-> ORACLE dbms_repcat_sna_utl.register_flavor_change buffer overflow attempt (oracle.rules, High)
2624 <-> ORACLE dbms_repcat_admin.unregister_user_repgroup buffer overflow attempt (oracle.rules, High)
2626 <-> ORACLE dbms_repcat.send_old_values buffer overflow attempt (oracle.rules, High)
2627 <-> ORACLE dbms_repcat.repcat_import_check buffer overflow attempt (oracle.rules, High)
2629 <-> ORACLE dbms_repcat_admin.register_user_repgroup buffer overflow attempt (oracle.rules, High)
2633 <-> ORACLE sys.dbms_rectifier_diff.rectify buffer overflow attempt (oracle.rules, High)
2637 <-> ORACLE dbms_repcat.drop_master_repobject buffer overflow attempt (oracle.rules, High)
2639 <-> ORACLE dbms_repcat.drop_mview_repgroup buffer overflow attempt (oracle.rules, High)
2641 <-> ORACLE dbms_repcat_instantiate.drop_site_instantiation buffer overflow attempt (oracle.rules, High)
2643 <-> ORACLE sys.dbms_repcat_fla.ensure_not_published buffer overflow attempt (oracle.rules, High)
2644 <-> ORACLE from_tz buffer overflow attempt (oracle.rules, High)
2645 <-> ORACLE dbms_repcat_instantiate.instantiate_offline buffer overflow attempt (oracle.rules, High)
2649 <-> ORACLE service_name buffer overflow attempt (oracle.rules, High)
2650 <-> ORACLE user name buffer overflow attempt (oracle.rules, High)
2651 <-> ORACLE NUMTODSINTERVAL/NUMTOYMINTERVAL buffer overflow attempt (oracle.rules, High)
2652 <-> ORACLE dbms_offline_og.begin_load buffer overflow attempt (oracle.rules, High)
2654 <-> WEB-PHP PHPNuke Forum viewtopic SQL insertion attempt (web-php.rules, High)
2656 <-> WEB-MISC SSLv2 Client_Hello Challenge Length overflow attempt (web-misc.rules, High)
2660 <-> WEB-MISC SSLv2 Server_Hello request (web-misc.rules, Low)
2663 <-> WEB-CGI WhatsUpGold instancename overflow attempt (web-cgi.rules, High)
2667 <-> WEB-IIS ping.asp access (web-iis.rules, Medium)
2668 <-> WEB-CGI processit access (web-cgi.rules, Medium)
2669 <-> WEB-CGI ibillpm.pl access (web-cgi.rules, Medium)
2670 <-> WEB-CGI pgpmail.pl access (web-cgi.rules, Medium)
2671 <-> WEB-CLIENT bitmap BitmapOffset integer overflow attempt (web-client.rules, High)
2672 <-> WEB-MISC sresult.exe access (web-misc.rules, Medium)
2673 <-> WEB-CLIENT libpng tRNS overflow attempt (web-client.rules, High)
2674 <-> ORACLE dbms_repcat.add_delete_resolution buffer overflow attempt (oracle.rules, High)
2675 <-> ORACLE dbms_repcat_rgt.instantiate_offline buffer overflow attempt (oracle.rules, High)
2677 <-> ORACLE dbms_repcat_rgt.instantiate_online buffer overflow attempt (oracle.rules, High)
2678 <-> ORACLE ctx_output.start_log buffer overflow attempt (oracle.rules, High)
2679 <-> ORACLE sys.dbms_system.ksdwrt buffer overflow attempt (oracle.rules, High)
2680 <-> ORACLE ctxsys.driddlr.subindexpopulate buffer overflow attempt (oracle.rules, High)
2681 <-> ORACLE mdsys.sdo_admin.sdo_code_size buffer overflow attempt (oracle.rules, High)
2682 <-> ORACLE mdsys.md2.validate_geom buffer overflow attempt (oracle.rules, High)
2683 <-> ORACLE mdsys.md2.sdo_code_size buffer overflow attempt (oracle.rules, High)
2684 <-> ORACLE sys.ltutil.pushdeferredtxns buffer overflow attempt (oracle.rules, High)
2685 <-> ORACLE sys.dbms_repcat_rq.add_column buffer overflow attempt (oracle.rules, High)
2686 <-> ORACLE sys.dbms_rectifier_diff.differences buffer overflow attempt (oracle.rules, High)
2687 <-> ORACLE sys.dbms_internal_repcat.validate buffer overflow attempt (oracle.rules, High)
2688 <-> ORACLE sys.dbms_internal_repcat.enable_receiver_trace buffer overflow attempt (oracle.rules, High)
2689 <-> ORACLE sys.dbms_internal_repcat.disable_receiver_trace buffer overflow attempt (oracle.rules, High)
2690 <-> ORACLE sys.dbms_defer_repcat.enable_propagation_to_dblink buffer overflow attempt (oracle.rules, High)
2691 <-> ORACLE sys.dbms_defer_internal_sys.parallel_push_recovery buffer overflow attempt (oracle.rules, High)
2692 <-> ORACLE sys.dbms_aqadm_sys.verify_queue_types buffer overflow attempt (oracle.rules, High)
2693 <-> ORACLE sys.dbms_aqadm.verify_queue_types_no_queue buffer overflow attempt (oracle.rules, High)
2694 <-> ORACLE sys.dbms_aqadm.verify_queue_types_get_nrp buffer overflow attempt (oracle.rules, High)
2695 <-> ORACLE sys.dbms_aq_import_internal.aq_table_defn_update buffer overflow attempt (oracle.rules, High)
2696 <-> ORACLE sys.dbms_repcat_utl.is_master buffer overflow attempt (oracle.rules, High)
2697 <-> ORACLE alter file buffer overflow attempt (oracle.rules, High)
2698 <-> ORACLE create file buffer overflow attempt (oracle.rules, High)
2699 <-> ORACLE TO_CHAR buffer overflow attempt (oracle.rules, High)
2701 <-> WEB-MISC Oracle iSQLPlus sid overflow attempt (web-misc.rules, High)
2702 <-> WEB-MISC Oracle iSQLPlus username overflow attempt (web-misc.rules, High)
2703 <-> WEB-MISC Oracle iSQLPlus login.uix username overflow attempt (web-misc.rules, High)
2704 <-> WEB-MISC Oracle 10g iSQLPlus login.unix connectID overflow attempt (web-misc.rules, High)
2708 <-> ORACLE dbms_offline_og.begin_flavor_change buffer overflow attempt (oracle.rules, High)
2709 <-> ORACLE dbms_offline_og.begin_instantiation buffer overflow attempt (oracle.rules, High)
2711 <-> ORACLE dbms_offline_og.end_flavor_change buffer overflow attempt (oracle.rules, High)
2712 <-> ORACLE dbms_offline_og.end_instantiation buffer overflow attempt (oracle.rules, High)
2713 <-> ORACLE dbms_offline_og.end_load buffer overflow attempt (oracle.rules, High)
2714 <-> ORACLE dbms_offline_og.resume_subset_of_masters buffer overflow attempt (oracle.rules, High)
2715 <-> ORACLE dbms_offline_snapshot.begin_load buffer overflow attempt (oracle.rules, High)
2716 <-> ORACLE dbms_offline_snapshot.end_load buffer overflow attempt (oracle.rules, High)
2717 <-> ORACLE dbms_rectifier_diff.differences buffer overflow attempt (oracle.rules, High)
2718 <-> ORACLE dbms_rectifier_diff.rectify buffer overflow attempt (oracle.rules, High)
2719 <-> ORACLE dbms_repcat.abort_flavor_definition buffer overflow attempt (oracle.rules, High)
2720 <-> ORACLE dbms_repcat.add_column_group_to_flavor buffer overflow attempt (oracle.rules, High)
2721 <-> ORACLE dbms_repcat.add_columns_to_flavor buffer overflow attempt (oracle.rules, High)
2722 <-> ORACLE dbms_repcat.add_object_to_flavor buffer overflow attempt (oracle.rules, High)
2723 <-> ORACLE dbms_repcat.add_priority_char buffer overflow attempt (oracle.rules, High)
2724 <-> ORACLE dbms_repcat.add_priority_date buffer overflow attempt (oracle.rules, High)
2725 <-> ORACLE dbms_repcat.add_priority_nchar buffer overflow attempt (oracle.rules, High)
2726 <-> ORACLE dbms_repcat.add_priority_number buffer overflow attempt (oracle.rules, High)
2727 <-> ORACLE dbms_repcat.add_priority_nvarchar2 buffer overflow attempt (oracle.rules, High)
2728 <-> ORACLE dbms_repcat.add_priority_raw buffer overflow attempt (oracle.rules, High)
2729 <-> ORACLE dbms_repcat.add_priority_varchar2 buffer overflow attempt (oracle.rules, High)
2730 <-> ORACLE dbms_repcat.add_site_priority_site buffer overflow attempt (oracle.rules, High)
2731 <-> ORACLE dbms_repcat.add_unique_resolution buffer overflow attempt (oracle.rules, High)
2732 <-> ORACLE dbms_repcat.add_update_resolution buffer overflow attempt (oracle.rules, High)
2733 <-> ORACLE dbms_repcat.alter_master_propagation buffer overflow attempt (oracle.rules, High)
2734 <-> ORACLE dbms_repcat.alter_mview_propagation buffer overflow attempt (oracle.rules, High)
2735 <-> ORACLE dbms_repcat.alter_priority_char buffer overflow attempt (oracle.rules, High)
2736 <-> ORACLE dbms_repcat.alter_priority_date buffer overflow attempt (oracle.rules, High)
2737 <-> ORACLE dbms_repcat.alter_priority_nchar buffer overflow attempt (oracle.rules, High)
2738 <-> ORACLE dbms_repcat.alter_priority_number buffer overflow attempt (oracle.rules, High)
2739 <-> ORACLE dbms_repcat.alter_priority_nvarchar2 buffer overflow attempt (oracle.rules, High)
2740 <-> ORACLE dbms_repcat.alter_priority_raw buffer overflow attempt (oracle.rules, High)
2741 <-> ORACLE dbms_repcat.alter_priority buffer overflow attempt (oracle.rules, High)
2742 <-> ORACLE dbms_repcat.alter_priority_varchar2 buffer overflow attempt (oracle.rules, High)
2743 <-> ORACLE dbms_repcat.alter_site_priority_site buffer overflow attempt (oracle.rules, High)
2744 <-> ORACLE dbms_repcat.alter_site_priority buffer overflow attempt (oracle.rules, High)
2745 <-> ORACLE dbms_repcat.alter_snapshot_propagation buffer overflow attempt (oracle.rules, High)
2746 <-> ORACLE dbms_repcat_auth.revoke_surrogate_repcat buffer overflow attempt (oracle.rules, High)
2747 <-> ORACLE dbms_repcat.begin_flavor_definition buffer overflow attempt (oracle.rules, High)
2748 <-> ORACLE dbms_repcat.comment_on_column_group buffer overflow attempt (oracle.rules, High)
2749 <-> ORACLE dbms_repcat.comment_on_delete_resolution buffer overflow attempt (oracle.rules, High)
2750 <-> ORACLE dbms_repcat.comment_on_mview_repsites buffer overflow attempt (oracle.rules, High)
2751 <-> ORACLE dbms_repcat.comment_on_priority_group buffer overflow attempt (oracle.rules, High)
2752 <-> ORACLE dbms_repcat.comment_on_repgroup buffer overflow attempt (oracle.rules, High)
2753 <-> ORACLE dbms_repcat.comment_on_repsites buffer overflow attempt (oracle.rules, High)
2754 <-> ORACLE dbms_repcat.comment_on_site_priority buffer overflow attempt (oracle.rules, High)
2755 <-> ORACLE dbms_repcat.comment_on_unique_resolution buffer overflow attempt (oracle.rules, High)
2756 <-> ORACLE dbms_repcat.comment_on_update_resolution buffer overflow attempt (oracle.rules, High)
2757 <-> ORACLE dbms_repcat.create_master_repgroup buffer overflow attempt (oracle.rules, High)
2758 <-> ORACLE dbms_repcat.create_master_repobject buffer overflow attempt (oracle.rules, High)
2759 <-> ORACLE dbms_repcat.create_snapshot_repgroup buffer overflow attempt (oracle.rules, High)
2760 <-> ORACLE dbms_repcat.define_column_group buffer overflow attempt (oracle.rules, High)
2761 <-> ORACLE dbms_repcat.define_priority_group buffer overflow attempt (oracle.rules, High)
2762 <-> ORACLE dbms_repcat.define_site_priority buffer overflow attempt (oracle.rules, High)
2763 <-> ORACLE dbms_repcat.do_deferred_repcat_admin buffer overflow attempt (oracle.rules, High)
2764 <-> ORACLE dbms_repcat.drop_column_group_from_flavor buffer overflow attempt (oracle.rules, High)
2765 <-> ORACLE dbms_repcat.drop_column_group buffer overflow attempt (oracle.rules, High)
2766 <-> ORACLE dbms_repcat.drop_columns_from_flavor buffer overflow attempt (oracle.rules, High)
2767 <-> ORACLE dbms_repcat.drop_delete_resolution buffer overflow attempt (oracle.rules, High)
2768 <-> ORACLE dbms_repcat.drop_grouped_column buffer overflow attempt (oracle.rules, High)
2769 <-> ORACLE dbms_repcat.drop_mview_repobject buffer overflow attempt (oracle.rules, High)
2770 <-> ORACLE dbms_repcat.drop_object_from_flavor buffer overflow attempt (oracle.rules, High)
2771 <-> ORACLE dbms_repcat.drop_priority_char buffer overflow attempt (oracle.rules, High)
2772 <-> ORACLE dbms_repcat.drop_priority_date buffer overflow attempt (oracle.rules, High)
2773 <-> ORACLE dbms_repcat.drop_priority_nchar buffer overflow attempt (oracle.rules, High)
2774 <-> ORACLE dbms_repcat.drop_priority_number buffer overflow attempt (oracle.rules, High)
2775 <-> ORACLE dbms_repcat.drop_priority_nvarchar2 buffer overflow attempt (oracle.rules, High)
2776 <-> ORACLE dbms_repcat.drop_priority_raw buffer overflow attempt (oracle.rules, High)
2777 <-> ORACLE dbms_repcat.drop_priority buffer overflow attempt (oracle.rules, High)
2778 <-> ORACLE dbms_repcat.drop_priority_varchar2 buffer overflow attempt (oracle.rules, High)
2779 <-> ORACLE dbms_repcat.drop_site_priority_site buffer overflow attempt (oracle.rules, High)
2780 <-> ORACLE dbms_repcat.drop_site_priority buffer overflow attempt (oracle.rules, High)
2781 <-> ORACLE dbms_repcat.drop_snapshot_repgroup buffer overflow attempt (oracle.rules, High)
2782 <-> ORACLE dbms_repcat.drop_snapshot_repobject buffer overflow attempt (oracle.rules, High)
2783 <-> ORACLE dbms_repcat.drop_unique_resolution buffer overflow attempt (oracle.rules, High)
2784 <-> ORACLE dbms_repcat.drop_update_resolution buffer overflow attempt (oracle.rules, High)
2785 <-> ORACLE dbms_repcat.execute_ddl buffer overflow attempt (oracle.rules, High)
2786 <-> ORACLE dbms_repcat.generate_replication_package buffer overflow attempt (oracle.rules, High)
2787 <-> ORACLE dbms_repcat_instantiate.instantiate_online buffer overflow attempt (oracle.rules, High)
2788 <-> ORACLE dbms_repcat.make_column_group buffer overflow attempt (oracle.rules, High)
2789 <-> ORACLE dbms_repcat.obsolete_flavor_definition buffer overflow attempt (oracle.rules, High)
2790 <-> ORACLE dbms_repcat.publish_flavor_definition buffer overflow attempt (oracle.rules, High)
2791 <-> ORACLE dbms_repcat.purge_flavor_definition buffer overflow attempt (oracle.rules, High)
2792 <-> ORACLE dbms_repcat.purge_master_log buffer overflow attempt (oracle.rules, High)
2793 <-> ORACLE dbms_repcat.purge_statistics buffer overflow attempt (oracle.rules, High)
2794 <-> ORACLE dbms_repcat.refresh_mview_repgroup buffer overflow attempt (oracle.rules, High)
2795 <-> ORACLE dbms_repcat.refresh_snapshot_repgroup buffer overflow attempt (oracle.rules, High)
2796 <-> ORACLE dbms_repcat.register_mview_repgroup buffer overflow attempt (oracle.rules, High)
2797 <-> ORACLE dbms_repcat.register_snapshot_repgroup buffer overflow attempt (oracle.rules, High)
2798 <-> ORACLE dbms_repcat.register_statistics buffer overflow attempt (oracle.rules, High)
2799 <-> ORACLE dbms_repcat.relocate_masterdef buffer overflow attempt (oracle.rules, High)
2800 <-> ORACLE dbms_repcat.rename_shadow_column_group buffer overflow attempt (oracle.rules, High)
2801 <-> ORACLE dbms_repcat.resume_master_activity buffer overflow attempt (oracle.rules, High)
2802 <-> ORACLE dbms_repcat_rgt.check_ddl_text buffer overflow attempt (oracle.rules, High)
2803 <-> ORACLE dbms_repcat_rgt.drop_site_instantiation buffer overflow attempt (oracle.rules, High)
2804 <-> ORACLE dbms_repcat.send_and_compare_old_values buffer overflow attempt (oracle.rules, High)
2805 <-> ORACLE dbms_repcat.set_columns buffer overflow attempt (oracle.rules, High)
2806 <-> ORACLE dbms_repcat.set_local_flavor buffer overflow attempt (oracle.rules, High)
2807 <-> ORACLE dbms_repcat.specify_new_masters buffer overflow attempt (oracle.rules, High)
2808 <-> ORACLE dbms_repcat.suspend_master_activity buffer overflow attempt (oracle.rules, High)
2809 <-> ORACLE dbms_repcat.unregister_mview_repgroup buffer overflow attempt (oracle.rules, High)
2810 <-> ORACLE dbms_repcat.unregister_snapshot_repgroup buffer overflow attempt (oracle.rules, High)
2811 <-> ORACLE dbms_repcat.validate_flavor_definition buffer overflow attempt (oracle.rules, High)
2812 <-> ORACLE dbms_repcat.validate_for_local_flavor buffer overflow attempt (oracle.rules, High)
2813 <-> ORACLE sys.dbms_repcat_fla.abort_flavor_definition buffer overflow attempt (oracle.rules, High)
2814 <-> ORACLE sys.dbms_repcat_fla.add_object_to_flavor buffer overflow attempt (oracle.rules, High)
2815 <-> ORACLE sys.dbms_repcat_fla.begin_flavor_definition buffer overflow attempt (oracle.rules, High)
2816 <-> ORACLE sys.dbms_repcat_fla.drop_object_from_flavor buffer overflow attempt (oracle.rules, High)
2817 <-> ORACLE sys.dbms_repcat_fla_mas.add_column_group_to_flavor buffer overflow attempt (oracle.rules, High)
2818 <-> ORACLE sys.dbms_repcat_fla_mas.add_columns_to_flavor buffer overflow attempt (oracle.rules, High)
2819 <-> ORACLE sys.dbms_repcat_fla_mas.drop_column_group_from_flavor buffer overflow attempt (oracle.rules, High)
2820 <-> ORACLE sys.dbms_repcat_fla_mas.drop_columns_from_flavor buffer overflow attempt (oracle.rules, High)
2821 <-> ORACLE sys.dbms_repcat_fla_mas.obsolete_flavor_definition buffer overflow attempt (oracle.rules, High)
2822 <-> ORACLE sys.dbms_repcat_fla_mas.publish_flavor_definition buffer overflow attempt (oracle.rules, High)
2823 <-> ORACLE sys.dbms_repcat_fla_mas.purge_flavor_definition buffer overflow attempt (oracle.rules, High)
2824 <-> ORACLE sys.dbms_repcat_fla.set_local_flavor buffer overflow attempt (oracle.rules, High)
2825 <-> ORACLE sys.dbms_repcat_fla.validate_flavor_definition buffer overflow attempt (oracle.rules, High)
2826 <-> ORACLE sys.dbms_repcat_fla.validate_for_local_flavor buffer overflow attempt (oracle.rules, High)
2827 <-> ORACLE sys.dbms_repcat_mas.alter_master_repobject buffer overflow attempt (oracle.rules, High)
2828 <-> ORACLE sys.dbms_repcat_mas.comment_on_repgroup buffer overflow attempt (oracle.rules, High)
2829 <-> ORACLE sys.dbms_repcat_mas.comment_on_repobject buffer overflow attempt (oracle.rules, High)
2830 <-> ORACLE sys.dbms_repcat_mas.create_master_repgroup buffer overflow attempt (oracle.rules, High)
2831 <-> ORACLE sys.dbms_repcat_mas.create_master_repobject buffer overflow attempt (oracle.rules, High)
2832 <-> ORACLE sys.dbms_repcat_mas.do_deferred_repcat_admin buffer overflow attempt (oracle.rules, High)
2833 <-> ORACLE sys.dbms_repcat_mas.drop_master_repgroup buffer overflow attempt (oracle.rules, High)
2834 <-> ORACLE sys.dbms_repcat_mas.generate_replication_package buffer overflow attempt (oracle.rules, High)
2835 <-> ORACLE sys.dbms_repcat_mas.purge_master_log buffer overflow attempt (oracle.rules, High)
2836 <-> ORACLE sys.dbms_repcat_mas.relocate_masterdef buffer overflow attempt (oracle.rules, High)
2837 <-> ORACLE sys.dbms_repcat_mas.rename_shadow_column_group buffer overflow attempt (oracle.rules, High)
2838 <-> ORACLE sys.dbms_repcat_mas.resume_master_activity buffer overflow attempt (oracle.rules, High)
2839 <-> ORACLE sys.dbms_repcat_mas.suspend_master_activity buffer overflow attempt (oracle.rules, High)
2840 <-> ORACLE sys.dbms_repcat_sna_utl.alter_snapshot_propagation buffer overflow attempt (oracle.rules, High)
2841 <-> ORACLE sys.dbms_repcat_sna_utl.create_snapshot_repgroup buffer overflow attempt (oracle.rules, High)
2842 <-> ORACLE sys.dbms_repcat_sna_utl.drop_snapshot_repgroup buffer overflow attempt (oracle.rules, High)
2843 <-> ORACLE sys.dbms_repcat_sna_utl.drop_snapshot_repobject buffer overflow attempt (oracle.rules, High)
2844 <-> ORACLE sys.dbms_repcat_sna_utl.refresh_snapshot_repgroup buffer overflow attempt (oracle.rules, High)
2845 <-> ORACLE sys.dbms_repcat_sna_utl.register_snapshot_repgroup buffer overflow attempt (oracle.rules, High)
2846 <-> ORACLE sys.dbms_repcat_sna_utl.repcat_import_check buffer overflow attempt (oracle.rules, High)
2847 <-> ORACLE sys.dbms_repcat_sna_utl.unregister_snapshot_repgroup buffer overflow attempt (oracle.rules, High)
2848 <-> ORACLE sys.dbms_repcat_utl4.drop_master_repobject buffer overflow attempt (oracle.rules, High)
2849 <-> ORACLE sys.dbms_repcat_utl.drop_an_object buffer overflow attempt (oracle.rules, High)
2850 <-> ORACLE dbms_repcat.create_mview_repobject buffer overflow attempt (oracle.rules, High)
2851 <-> ORACLE dbms_repcat.create_snapshot_repobject buffer overflow attempt (oracle.rules, High)
2852 <-> ORACLE dbms_repcat.generate_mview_support buffer overflow attempt (oracle.rules, High)
2853 <-> ORACLE dbms_repcat.generate_replication_trigger buffer overflow attempt (oracle.rules, High)
2854 <-> ORACLE dbms_repcat.generate_snapshot_support buffer overflow attempt (oracle.rules, High)
2855 <-> ORACLE dbms_repcat.remove_master_databases buffer overflow attempt (oracle.rules, High)
2856 <-> ORACLE dbms_repcat.switch_mview_master buffer overflow attempt (oracle.rules, High)
2857 <-> ORACLE dbms_repcat.switch_snapshot_master buffer overflow attempt (oracle.rules, High)
2858 <-> ORACLE sys.dbms_repcat_conf.add_delete_resolution buffer overflow attempt (oracle.rules, High)
2859 <-> ORACLE sys.dbms_repcat_conf.add_priority_char buffer overflow attempt (oracle.rules, High)
2860 <-> ORACLE sys.dbms_repcat_conf.add_priority_date buffer overflow attempt (oracle.rules, High)
2861 <-> ORACLE sys.dbms_repcat_conf.add_priority_nchar buffer overflow attempt (oracle.rules, High)
2862 <-> ORACLE sys.dbms_repcat_conf.add_priority_number buffer overflow attempt (oracle.rules, High)
2863 <-> ORACLE sys.dbms_repcat_conf.add_priority_nvarchar2 buffer overflow attempt (oracle.rules, High)
2864 <-> ORACLE sys.dbms_repcat_conf.add_priority_raw buffer overflow attempt (oracle.rules, High)
2865 <-> ORACLE sys.dbms_repcat_conf.add_priority_varchar2 buffer overflow attempt (oracle.rules, High)
2866 <-> ORACLE sys.dbms_repcat_conf.add_site_priority_site buffer overflow attempt (oracle.rules, High)
2867 <-> ORACLE sys.dbms_repcat_conf.add_unique_resolution buffer overflow attempt (oracle.rules, High)
2868 <-> ORACLE sys.dbms_repcat_conf.add_update_resolution buffer overflow attempt (oracle.rules, High)
2869 <-> ORACLE sys.dbms_repcat_conf.alter_priority_char buffer overflow attempt (oracle.rules, High)
2870 <-> ORACLE sys.dbms_repcat_conf.alter_priority_date buffer overflow attempt (oracle.rules, High)
2871 <-> ORACLE sys.dbms_repcat_conf.alter_priority_nchar buffer overflow attempt (oracle.rules, High)
2872 <-> ORACLE sys.dbms_repcat_conf.alter_priority_number buffer overflow attempt (oracle.rules, High)
2873 <-> ORACLE sys.dbms_repcat_conf.alter_priority_nvarchar2 buffer overflow attempt (oracle.rules, High)
2874 <-> ORACLE sys.dbms_repcat_conf.alter_priority_raw buffer overflow attempt (oracle.rules, High)
2875 <-> ORACLE sys.dbms_repcat_conf.alter_priority buffer overflow attempt (oracle.rules, High)
2876 <-> ORACLE sys.dbms_repcat_conf.alter_priority_varchar2 buffer overflow attempt (oracle.rules, High)
2877 <-> ORACLE sys.dbms_repcat_conf.alter_site_priority_site buffer overflow attempt (oracle.rules, High)
2878 <-> ORACLE sys.dbms_repcat_conf.alter_site_priority buffer overflow attempt (oracle.rules, High)
2879 <-> ORACLE sys.dbms_repcat_conf.cancel_statistics buffer overflow attempt (oracle.rules, High)
2880 <-> ORACLE sys.dbms_repcat_conf.comment_on_delete_resolution buffer overflow attempt (oracle.rules, High)
2881 <-> ORACLE sys.dbms_repcat_conf.comment_on_priority_group buffer overflow attempt (oracle.rules, High)
2882 <-> ORACLE sys.dbms_repcat_conf.comment_on_site_priority buffer overflow attempt (oracle.rules, High)
2883 <-> ORACLE sys.dbms_repcat_conf.comment_on_unique_resolution buffer overflow attempt (oracle.rules, High)
2884 <-> ORACLE sys.dbms_repcat_conf.comment_on_update_resolution buffer overflow attempt (oracle.rules, High)
2885 <-> ORACLE sys.dbms_repcat_conf.define_priority_group buffer overflow attempt (oracle.rules, High)
2886 <-> ORACLE sys.dbms_repcat_conf.define_site_priority buffer overflow attempt (oracle.rules, High)
2887 <-> ORACLE sys.dbms_repcat_conf.drop_delete_resolution buffer overflow attempt (oracle.rules, High)
2888 <-> ORACLE sys.dbms_repcat_conf.drop_priority_char buffer overflow attempt (oracle.rules, High)
2889 <-> ORACLE sys.dbms_repcat_conf.drop_priority_date buffer overflow attempt (oracle.rules, High)
2890 <-> ORACLE sys.dbms_repcat_conf.drop_priority_nchar buffer overflow attempt (oracle.rules, High)
2891 <-> ORACLE sys.dbms_repcat_conf.drop_priority_number buffer overflow attempt (oracle.rules, High)
2892 <-> ORACLE sys.dbms_repcat_conf.drop_priority_nvarchar2 buffer overflow attempt (oracle.rules, High)
2893 <-> ORACLE sys.dbms_repcat_conf.drop_priority_raw buffer overflow attempt (oracle.rules, High)
2894 <-> ORACLE sys.dbms_repcat_conf.drop_priority buffer overflow attempt (oracle.rules, High)
2895 <-> ORACLE sys.dbms_repcat_conf.drop_priority_varchar2 buffer overflow attempt (oracle.rules, High)
2896 <-> ORACLE sys.dbms_repcat_conf.drop_site_priority_site buffer overflow attempt (oracle.rules, High)
2897 <-> ORACLE sys.dbms_repcat_conf.drop_site_priority buffer overflow attempt (oracle.rules, High)
2898 <-> ORACLE sys.dbms_repcat_conf.drop_unique_resolution buffer overflow attempt (oracle.rules, High)
2899 <-> ORACLE sys.dbms_repcat_conf.drop_update_resolution buffer overflow attempt (oracle.rules, High)
2900 <-> ORACLE sys.dbms_repcat_conf.purge_statistics buffer overflow attempt (oracle.rules, High)
2901 <-> ORACLE sys.dbms_repcat_conf.register_statistics buffer overflow attempt (oracle.rules, High)
2902 <-> ORACLE sys.dbms_repcat_sna.alter_snapshot_propagation buffer overflow attempt (oracle.rules, High)
2903 <-> ORACLE sys.dbms_repcat_sna.create_snapshot_repgroup buffer overflow attempt (oracle.rules, High)
2904 <-> ORACLE sys.dbms_repcat_sna.create_snapshot_repobject buffer overflow attempt (oracle.rules, High)
2905 <-> ORACLE sys.dbms_repcat_sna.create_snapshot_repschema buffer overflow attempt (oracle.rules, High)
2906 <-> ORACLE sys.dbms_repcat_sna.drop_snapshot_repgroup buffer overflow attempt (oracle.rules, High)
2907 <-> ORACLE sys.dbms_repcat_sna.drop_snapshot_repobject buffer overflow attempt (oracle.rules, High)
2908 <-> ORACLE sys.dbms_repcat_sna.drop_snapshot_repschema buffer overflow attempt (oracle.rules, High)
2909 <-> ORACLE sys.dbms_repcat_sna.generate_snapshot_support buffer overflow attempt (oracle.rules, High)
2910 <-> ORACLE sys.dbms_repcat_sna.refresh_snapshot_repgroup buffer overflow attempt (oracle.rules, High)
2911 <-> ORACLE sys.dbms_repcat_sna.refresh_snapshot_repschema buffer overflow attempt (oracle.rules, High)
2912 <-> ORACLE sys.dbms_repcat_sna.register_snapshot_repgroup buffer overflow attempt (oracle.rules, High)
2913 <-> ORACLE sys.dbms_repcat_sna.repcat_import_check buffer overflow attempt (oracle.rules, High)
2914 <-> ORACLE sys.dbms_repcat_sna.set_local_flavor buffer overflow attempt (oracle.rules, High)
2915 <-> ORACLE sys.dbms_repcat_sna.switch_snapshot_master buffer overflow attempt (oracle.rules, High)
2916 <-> ORACLE sys.dbms_repcat_sna.unregister_snapshot_repgroup buffer overflow attempt (oracle.rules, High)
2917 <-> ORACLE sys.dbms_repcat_sna_utl.switch_snapshot_master buffer overflow attempt (oracle.rules, High)
2918 <-> ORACLE sys.dbms_repcat_sna.validate_for_local_flavor buffer overflow attempt (oracle.rules, High)
2919 <-> ORACLE sys.dbms_repcat_untrusted.register_snapshot_repgroup buffer overflow attempt (oracle.rules, High)
2926 <-> WEB-PHP PhpGedView PGV base directory manipulation (web-php.rules, High)
3017 <-> EXPLOIT WINS overflow attempt (exploit.rules, Medium)
3059 <-> WEB-MISC TLSv1 Client_Hello via SSLv2 handshake request (web-misc.rules, Low)
3062 <-> WEB-CGI NetScreen SA 5000 delhomepage.cgi access (web-cgi.rules, Medium)
3079 <-> WEB-CLIENT Microsoft ANI file parsing overflow (web-client.rules, High)
3084 <-> EXPLOIT Veritas backup overflow attempt (exploit.rules, Medium)
3085 <-> EXPLOIT AIM goaway message buffer overflow attempt (exploit.rules, Medium)
3086 <-> WEB-MISC 3Com 3CRADSL72 ADSL 11g Wireless Router app_sta.stm access attempt (web-misc.rules, Medium)
3087 <-> WEB-IIS w3who.dll buffer overflow attempt (web-iis.rules, High)
3088 <-> WEB-CLIENT winamp .cda file name overflow attempt (web-client.rules, High)
3089 <-> DOS squid WCCP I_SEE_YOU message overflow attempt (dos.rules, High)
3131 <-> WEB-CGI mailman directory traversal attempt (web-cgi.rules, High)
3134 <-> WEB-CLIENT PNG large colour depth download attempt (web-client.rules, High)
3147 <-> TELNET login buffer overflow attempt (telnet.rules, High)
3149 <-> WEB-CLIENT object type overflow attempt (web-client.rules, High)
3150 <-> WEB-IIS SQLXML content type overflow (web-iis.rules, High)
3153 <-> DNS TCP inverse query overflow (dns.rules, High)
3154 <-> DNS UDP inverse query overflow (dns.rules, High)
3192 <-> WEB-CLIENT Windows Media Player directory traversal via Content-Disposition attempt (web-client.rules, High)
3193 <-> WEB-IIS .cmd executable file parsing attack (web-iis.rules, High)
3194 <-> WEB-IIS .bat executable file parsing attack (web-iis.rules, High)
3199 <-> EXPLOIT WINS name query overflow attempt TCP (exploit.rules, High)
3200 <-> EXPLOIT WINS name query overflow attempt UDP (exploit.rules, High)
3201 <-> WEB-IIS httpodbc.dll access - nimda (web-iis.rules, Medium)
3274 <-> TELNET login buffer non-evasive overflow attempt (telnet.rules, High)
3442 <-> DOS WIN32 TCP print service overflow attempt (dos.rules, Medium)
3463 <-> WEB-CGI awstats access (web-cgi.rules, Medium)
3464 <-> WEB-CGI awstats.pl command execution attempt (web-cgi.rules, High)
3465 <-> WEB-CGI RiSearch show.pl proxy attempt (web-cgi.rules, Medium)
3466 <-> WEB-MISC Authorization Basic overflow attempt (web-misc.rules, High)
3467 <-> WEB-MISC CISCO VoIP Portinformation access (web-misc.rules, Medium)
3468 <-> WEB-CGI math_sum.mscgi access (web-cgi.rules, Medium)
3470 <-> WEB-CLIENT RealPlayer VIDORV30 header length buffer overflow (web-client.rules, High)
3471 <-> WEB-CLIENT iTunes playlist URL overflow attempt (web-client.rules, High)
3486 <-> WEB-MISC SSLv3 invalid data version attempt (web-misc.rules, Medium)
3487 <-> IMAP SSLv2 Client_Hello request (imap.rules, Low)
3488 <-> IMAP SSLv2 Client_Hello with pad request (imap.rules, Low)
3489 <-> IMAP TLSv1 Client_Hello request (imap.rules, Low)
3490 <-> IMAP TLSv1 Client_Hello via SSLv2 handshake request (imap.rules, Low)
3491 <-> IMAP SSLv2 Server_Hello request (imap.rules, Low)
3492 <-> IMAP TLSv1 Server_Hello request (imap.rules, Low)
3493 <-> SMTP SSLv2 Client_Hello request (smtp.rules, Low)
3494 <-> SMTP SSLv2 Client_Hello with pad request (smtp.rules, Low)
3495 <-> SMTP TLSv1 Client_Hello request (smtp.rules, Low)
3496 <-> SMTP TLSv1 Client_Hello via SSLv2 handshake request (smtp.rules, Low)
3497 <-> SMTP SSLv2 Server_Hello request (smtp.rules, Low)
3498 <-> SMTP TLSv1 Server_Hello request (smtp.rules, Low)
3499 <-> POP3 SSLv2 Client_Hello request (pop3.rules, Low)
3500 <-> POP3 SSLv2 Client_Hello with pad request (pop3.rules, Low)
3501 <-> POP3 TLSv1 Client_Hello request (pop3.rules, Low)
3502 <-> POP3 TLSv1 Client_Hello via SSLv2 handshake request (pop3.rules, Low)
3503 <-> POP3 SSLv2 Server_Hello request (pop3.rules, Low)
3504 <-> POP3 TLSv1 Server_Hello request (pop3.rules, Low)
3512 <-> ORACLE utl_file.fcopy directory traversal attempt (oracle.rules, High)
3513 <-> ORACLE utl_file.fopen_nchar directory traversal attempt (oracle.rules, High)
3514 <-> ORACLE utl_file.fopen directory traversal attempt (oracle.rules, High)
3515 <-> ORACLE utl_file.fremove directory traversal attempt (oracle.rules, High)
3516 <-> ORACLE utl_file.frename directory traversal attempt (oracle.rules, High)
3517 <-> EXPLOIT Computer Associates license PUTOLF overflow attempt (exploit.rules, High)
3518 <-> WEB-MISC MySQL MaxDB WebSQL wppassword buffer overflow (web-misc.rules, High)
3519 <-> WEB-MISC MySQL MaxDB WebSQL wppassword buffer overflow default port (web-misc.rules, High)
3520 <-> EXPLOIT Computer Associates license GCR NETWORK overflow attempt (exploit.rules, High)
3521 <-> EXPLOIT Computer Associates license GCR CHECKSUMS overflow attempt (exploit.rules, High)
3522 <-> EXPLOIT Computer Associates license GETCONFIG server overflow attempt (exploit.rules, High)
3523 <-> FTP SITE INDEX format string attempt (ftp.rules, Medium)
3524 <-> EXPLOIT Computer Associates license invalid GCR CHECKSUMS attempt (exploit.rules, Medium)
3525 <-> EXPLOIT Computer Associates license invalid GCR NETWORK attempt (exploit.rules, Medium)
3526 <-> ORACLE XDB FTP UNLOCK overflow attempt (oracle.rules, High)
3527 <-> EXPLOIT Solaris LPD overflow attempt (exploit.rules, High)
3529 <-> EXPLOIT Computer Associates license GETCONFIG client overflow attempt (exploit.rules, High)
3532 <-> ORACLE ftp password buffer overflow attempt (oracle.rules, High)
3533 <-> TELNET client LINEMODE SLC overflow attempt (telnet.rules, High)
3534 <-> WEB-CLIENT Mozilla GIF single packet heap overflow - NETSCAPE2.0 (web-client.rules, High)
3536 <-> WEB-CLIENT Mozilla GIF multipacket heap overflow - NETSCAPE2.0 (web-client.rules, High)
3544 <-> WEB-MISC TrackerCam ComGetLogFile.php3 directory traversal attempt (web-misc.rules, High)
3545 <-> WEB-MISC TrackerCam ComGetLogFile.php3 log information disclosure (web-misc.rules, Medium)
3546 <-> WEB-MISC TrackerCam User-Agent buffer overflow attempt (web-misc.rules, High)
3547 <-> WEB-MISC TrackerCam overly long php parameter overflow attempt (web-misc.rules, High)
3548 <-> WEB-MISC TrackerCam negative Content-Length attempt (web-misc.rules, High)
3549 <-> DELETED WEB-CLIENT HTML DOM invalid DHTML element creation attempt (deleted.rules, High)
3553 <-> WEB-CLIENT HTML DOM null DHTML element insertion attempt (web-client.rules, High)
3629 <-> WEB-MISC sambar /search/results.stm access (web-misc.rules, Medium)
3630 <-> ORACLE ftp TEST command buffer overflow attempt (oracle.rules, Medium)
3631 <-> ORACLE ftp user name buffer overflow attempt (oracle.rules, High)
3637 <-> EXPLOIT Computer Associates license PUTOLF directory traversal attempt (exploit.rules, High)
3638 <-> WEB-CGI SoftCart.exe CGI buffer overflow attempt (web-cgi.rules, High)
3664 <-> EXPLOIT PPTP echo request buffer overflow attempt (exploit.rules, High)
3667 <-> MYSQL protocol 41 client authentication bypass attempt (mysql.rules, Medium)
3668 <-> MYSQL client authentication bypass attempt (mysql.rules, Medium)
3669 <-> MYSQL protocol 41 secure client overflow attempt (mysql.rules, Medium)
3670 <-> MYSQL secure client overflow attempt (mysql.rules, Medium)
3671 <-> MYSQL protocol 41 client overflow attempt (mysql.rules, Medium)
3672 <-> MYSQL client overflow attempt (mysql.rules, Medium)
3676 <-> WEB-MISC newsscript.pl admin attempt (web-misc.rules, High)
3679 <-> WEB-CLIENT Firefox IFRAME src javascript code execution (web-client.rules, High)
3685 <-> WEB-CLIENT bitmap BitmapOffset multipacket integer overflow attempt (web-client.rules, High)
3686 <-> WEB-CLIENT Microsoft Internet Explorer Content Advisor attempted overflow (web-client.rules, High)
3689 <-> WEB-CLIENT Internet Explorer tRNS overflow attempt (web-client.rules, High)
3693 <-> WEB-MISC IBM WebSphere j_security_check overflow attempt (web-misc.rules, High)
3695 <-> EXPLOIT Veritas Backup Agent password overflow attempt (exploit.rules, High)
3816 <-> WEB-MISC BadBlue ext.dll buffer overflow attempt (web-misc.rules, High)
3820 <-> WEB-CLIENT multipacket CHM file transfer attempt (web-client.rules, High)
3822 <-> WEB-MISC Real Player realtext long URI request (web-misc.rules, Low)
3823 <-> WEB-MISC Real Player realtext file bad version buffer overflow attempt (web-misc.rules, High)
3827 <-> WEB-PHP xmlrpc.php post attempt (web-php.rules, High)
4126 <-> EXPLOIT Veritas Backup Exec root connection attempt using default password hash (exploit.rules, Medium)
4129 <-> EXPLOIT Novell ZenWorks Remote Management Agent large login packet DoS attempt (exploit.rules, Medium)
4130 <-> EXPLOIT Novell ZenWorks Remote Management Agent buffer overflow Attempt (exploit.rules, Medium)
4131 <-> EXPLOIT SHOUTcast URI format string attempt (exploit.rules, High)
4148 <-> WEB-ACTIVEX DHTML Editing ActiveX clsid access (web-activex.rules, High)
4196 <-> WEB-CLIENT CBO CBL CBM file transfer attempt (web-client.rules, High)
4637 <-> EXPLOIT MailEnable HTTPMail buffer overflow attempt (exploit.rules, High)
4642 <-> ORACLE sys.pbsde.init buffer overflow attempt (oracle.rules, High)
4650 <-> WEB-MISC cacti graph_image.php access (web-misc.rules, Medium)
4675 <-> WEB-CLIENT Macromedia swf DOACTION tag overflow attempt (web-client.rules, High)
4680 <-> WEB-CLIENT quicktime movie file component name integer overflow attempt (web-client.rules, High)
4916 <-> WEB-CLIENT internet explorer javascript onload document.write obfuscation overflow attempt (web-client.rules, High)
4917 <-> WEB-CLIENT internet explorer javascript onload prompt obfuscation overflow attempt (web-client.rules, High)
4989 <-> SQL heap-based overflow attempt (sql.rules, High)
5319 <-> WEB-CLIENT Metasploit Windows picture and fax viewer wmf arbitrary code execution attempt (web-client.rules, High)
5685 <-> SMTP TLSv1 Client_Hello via SSLv2 handshake request (smtp.rules, Low)
5686 <-> SMTP TLSv1 Server_Hello request (smtp.rules, Low)
5687 <-> SMTP SSLv2 Client_Hello request (smtp.rules, Low)
5688 <-> SMTP SSLv2 Client_Hello with pad request (smtp.rules, Low)
5689 <-> SMTP TLSv1 Client_Hello request (smtp.rules, Low)
5690 <-> SMTP SSLv3 Client_Hello request (smtp.rules, Low)
5691 <-> SMTP SSLv2 Server_Hello request (smtp.rules, Low)
5695 <-> WEB-IIS web agent redirect overflow attempt (web-iis.rules, High)
5710 <-> WEB-CLIENT Windows Media Player Plugin for Non-IE browsers buffer overflow attempt (web-client.rules, High)
5715 <-> WEB-MISC malformed ipv6 uri overflow attempt (web-misc.rules, High)
5741 <-> WEB-CLIENT Microsoft HTML help workshop buffer overflow attempt (web-client.rules, High)
5797 <-> POLICY kontiki runtime detection (policy.rules, Low)
6217 <-> DELETED SPYWARE-PUT Adware aornum/iwon copilot runtime detection - ads 1 (deleted.rules, Low)
6409 <-> WEB-FRONTPAGE frontpage server extension long host string overflow attempt (web-frontpage.rules, High)
6410 <-> WEB-FRONTPAGE frontpage server extension long host string overflow attempt (web-frontpage.rules, High)
6411 <-> WEB-FRONTPAGE frontpage server extension long host string overflow attempt (web-frontpage.rules, High)
6502 <-> WEB-CLIENT Mozilla GIF single packet heap overflow - ANIMEXTS1.0 (web-client.rules, High)
6503 <-> WEB-CLIENT Mozilla GIF multipacket heap overflow - ANIMEXTS1.0 (web-client.rules, High)
6507 <-> WEB-MISC novell edirectory imonitor overflow attempt (web-misc.rules, High)
6509 <-> WEB-CLIENT Internet Explorer mhtml uri href buffer overflow attempt (web-client.rules, High)
6510 <-> WEB-CLIENT Internet Explorer mhtml uri shortcut buffer overflow attempt (web-client.rules, High)
6511 <-> WEB-MISC ALT-N WebAdmin user param overflow attempt (web-misc.rules, High)
7021 <-> DOS linux kernel SCTP chunkless packet denial of service attempt (dos.rules, Medium)
7024 <-> WEB-CLIENT excel style handling overflow attempt (web-client.rules, High)
7027 <-> WEB-IIS frontpage server extensions 2002 cross site scripting attempt (web-iis.rules, High)
7028 <-> WEB-IIS frontpage server extensions 2002 cross site scripting attempt (web-iis.rules, High)
7029 <-> WEB-IIS frontpage server extensions 2002 cross site scripting attempt (web-iis.rules, High)
7071 <-> WEB-MISC encoded cross site scripting HTML Image tag set to javascript attempt (web-misc.rules, High)
7197 <-> WEB-CLIENT excel MSO.DLL malformed string parsing single byte buffer over attempt (web-client.rules, High)
7199 <-> WEB-CLIENT excel label record overflow attempt (web-client.rules, High)
7204 <-> WEB-CLIENT excel object ftCmo overflow attempt (web-client.rules, High)
7205 <-> WEB-CLIENT excel FngGroupCount record overflow attempt (web-client.rules, High)
7611 <-> DELETED BACKDOOR flux 1.0 runtime detection (deleted.rules, High)
8060 <-> EXPLOIT UltraVNC VNCLog buffer overflow (exploit.rules, High)
8085 <-> WEB-MISC HP Openview NNM connectedNodes.ovpl port 3443 Unix command execution attempt (web-misc.rules, High)
8086 <-> WEB-MISC HP Openview NNM cdpView.ovpl port 3443 Unix command execution attempt (web-misc.rules, High)
8087 <-> WEB-MISC HP Openview NNM freeIPaddrs.ovpl port 3443 Unix command execution attempt (web-misc.rules, High)
8088 <-> WEB-MISC HP Openview NNM connectedNodes.ovpl Unix command execution attempt (web-misc.rules, High)
8089 <-> WEB-MISC HP Openview NNM cdpView.ovpl Unix command execution attempt (web-misc.rules, High)
8349 <-> WEB-IIS Indexing Service ciRestriction cross-site scripting attempt (web-iis.rules, Medium)
8413 <-> WEB-CLIENT HCP URI uplddrvinfo access (web-client.rules, Low)
8416 <-> WEB-CLIENT VML fill method overflow attempt (web-client.rules, High)
8426 <-> WEB-MISC SSLv2 openssl get shared ciphers overflow attempt (web-misc.rules, High)
8427 <-> WEB-MISC SSLv3 openssl get shared ciphers overflow attempt (web-misc.rules, High)
8429 <-> POP3 SSLv2 openssl get shared ciphers overflow attempt (pop3.rules, High)
8430 <-> POP3 SSLv3 openssl get shared ciphers overflow attempt (pop3.rules, High)
8431 <-> POP3 SSLv2 openssl get shared ciphers overflow attempt (pop3.rules, High)
8432 <-> SMTP SSLv2 openssl get shared ciphers overflow attempt (smtp.rules, High)
8433 <-> SMTP SSLv2 openssl get shared ciphers overflow attempt (smtp.rules, High)
8434 <-> SMTP SSLv3 openssl get shared ciphers overflow attempt (smtp.rules, High)
8435 <-> SMTP SSLv3 openssl get shared ciphers overflow attempt (smtp.rules, High)
8437 <-> SMTP SSLv2 openssl get shared ciphers overflow attempt (smtp.rules, High)
8438 <-> IMAP SSLv2 openssl get shared ciphers overflow attempt (imap.rules, High)
8439 <-> IMAP SSLv3 openssl get shared ciphers overflow attempt (imap.rules, High)
8441 <-> WEB-MISC McAfee header buffer overflow attempt (web-misc.rules, High)
8481 <-> FTP Microsoft NLST * dos attempt (ftp.rules, Medium)
8485 <-> WEB-COLDFUSION CFNEWINTERNALADMINSECURITY access (web-coldfusion.rules, High)
8486 <-> WEB-COLDFUSION CFNEWINTERNALREGISTRY access (web-coldfusion.rules, High)
8487 <-> WEB-COLDFUSION CFADMIN_REGISTRY_SET access (web-coldfusion.rules, High)
8488 <-> WEB-COLDFUSION CFADMIN_REGISTRY_GET access (web-coldfusion.rules, High)
8489 <-> WEB-COLDFUSION CFADMIN_REGISTRY_DELETE access (web-coldfusion.rules, High)
8490 <-> WEB-COLDFUSION viewexample.cfm access (web-coldfusion.rules, Medium)
8491 <-> WEB-COLDFUSION eval.cfm access (web-coldfusion.rules, Medium)
8492 <-> WEB-COLDFUSION openfile.cfm access (web-coldfusion.rules, Medium)
8493 <-> WEB-COLDFUSION sourcewindow.cfm access (web-coldfusion.rules, Medium)
8494 <-> SQL formatmessage possible buffer overflow (sql.rules, High)
8495 <-> SQL formatmessage possible buffer overflow (sql.rules, High)
8496 <-> SQL sp_oacreate unicode vulnerable function attempt (sql.rules, High)
8497 <-> SQL sp_oacreate vulnerable function attempt (sql.rules, High)
8498 <-> SQL sp_oacreate unicode vulnerable function attempt (sql.rules, High)
8499 <-> SQL xp_displayparamstmt unicode vulnerable function attempt (sql.rules, High)
8500 <-> SQL xp_displayparamstmt unicode vulnerable function attempt (sql.rules, High)
8501 <-> SQL xp_displayparamstmt vulnerable function attempt (sql.rules, High)
8502 <-> SQL xp_enumresultset unicode vulnerable function attempt (sql.rules, High)
8503 <-> SQL xp_enumresultset unicode vulnerable function attempt (sql.rules, High)
8504 <-> SQL xp_enumresultset vulnerable function attempt (sql.rules, High)
8505 <-> SQL xp_oadestroy unicode vulnerable function attempt (sql.rules, High)
8506 <-> SQL xp_oadestroy unicode vulnerable function attempt (sql.rules, High)
8507 <-> SQL xp_oadestroy vulnerable function attempt (sql.rules, High)
8508 <-> SQL xp_oagetproperty unicode vulnerable function attempt (sql.rules, High)
8509 <-> SQL xp_oagetproperty unicode vulnerable function attempt (sql.rules, High)
8510 <-> SQL xp_oagetproperty vulnerable function attempt (sql.rules, High)
8511 <-> SQL xp_oamethod unicode vulnerable function attempt (sql.rules, High)
8512 <-> SQL xp_oamethod vulnerable function attempt (sql.rules, High)
8513 <-> SQL xp_oamethod unicode vulnerable function attempt (sql.rules, High)
8514 <-> SQL xp_oasetproperty unicode vulnerable function attempt (sql.rules, High)
8515 <-> SQL xp_oasetproperty unicode vulnerable function attempt (sql.rules, High)
8516 <-> SQL xp_oasetproperty vulnerable function attempt (sql.rules, High)
8517 <-> SQL xp_peekqueue unicode vulnerable function attempt (sql.rules, High)
8518 <-> SQL xp_peekqueue unicode vulnerable function attempt (sql.rules, High)
8519 <-> SQL xp_peekqueue vulnerable function attempt (sql.rules, High)
8520 <-> SQL xp_printstatements unicode vulnerable function attempt (sql.rules, High)
8521 <-> SQL xp_printstatements unicode vulnerable function attempt (sql.rules, High)
8522 <-> SQL xp_printstatements vulnerable function attempt (sql.rules, High)
8523 <-> SQL xp_proxiedmetadata unicode vulnerable function attempt (sql.rules, High)
8524 <-> SQL xp_proxiedmetadata unicode vulnerable function attempt (sql.rules, High)
8525 <-> SQL xp_proxiedmetadata vulnerable function attempt (sql.rules, High)
8526 <-> SQL xp_SetSQLSecurity unicode vulnerable function attempt (sql.rules, High)
8527 <-> SQL xp_SetSQLSecurity unicode vulnerable function attempt (sql.rules, High)
8528 <-> SQL xp_SetSQLSecurity vulnerable function attempt (sql.rules, High)
8529 <-> SQL xp_showcolv unicode vulnerable function attempt (sql.rules, High)
8530 <-> SQL xp_showcolv unicode vulnerable function attempt (sql.rules, High)
8531 <-> SQL xp_showcolv vulnerable function attempt (sql.rules, High)
8532 <-> SQL xp_sqlagent_monitor unicode vulnerable function attempt (sql.rules, High)
8533 <-> SQL xp_sqlagent_monitor vulnerable function attempt (sql.rules, High)
8534 <-> SQL xp_sqlagent_monitor unicode vulnerable function attempt (sql.rules, High)
8535 <-> SQL xp_sqlinventory unicode vulnerable function attempt (sql.rules, High)
8536 <-> SQL xp_sqlinventory vulnerable function attempt (sql.rules, High)
8537 <-> SQL xp_sqlinventory unicode vulnerable function attempt (sql.rules, High)
8538 <-> SQL xp_updatecolvbm unicode vulnerable function attempt (sql.rules, High)
8539 <-> SQL xp_updatecolvbm unicode vulnerable function attempt (sql.rules, High)
8540 <-> SQL xp_updatecolvbm vulnerable function attempt (sql.rules, High)
8700 <-> WEB-IIS ASP.NET 2.0 cross-site scripting attempt (web-iis.rules, High)
8702 <-> EXPLOIT IceCast header buffer overflow attempt (exploit.rules, High)
8703 <-> EXPLOIT IceCast header buffer overflow attempt (exploit.rules, High)
8708 <-> WEB-PHP Wordpress cache_lastpostdate code injection attempt (web-php.rules, High)
8712 <-> WEB-PHP cacti graph_image arbitrary command execution attempt (web-php.rules, High)
8713 <-> WEB-PHP cacti graph_image SQL injection attempt (web-php.rules, High)
8714 <-> WEB-PHP cacti graph_image SQL injection attempt (web-php.rules, High)
8715 <-> WEB-PHP cacti graph_image SQL injection attempt (web-php.rules, High)
8716 <-> WEB-PHP cacti graph_image SQL injection attempt (web-php.rules, High)
8734 <-> WEB-PHP Pajax arbitrary command execution attempt (web-php.rules, High)
9325 <-> DOS Citrix IMA DOS event data length denial of service attempt (dos.rules, Medium)
9380 <-> SPECIFIC-THREATS jitux msn messenger propagation detection (specific-threats.rules, High)
9381 <-> SPECIFIC-THREATS lara smtp propagation detection (specific-threats.rules, High)
9412 <-> SPECIFIC-THREATS sinmsn.b msn propagation detection (specific-threats.rules, High)
9432 <-> WEB-CLIENT Microsoft Agent buffer overflow attempt (web-client.rules, High)
9434 <-> WEB-CLIENT Ultravox-Max-Msg header integer overflow attempt (web-client.rules, High)
9435 <-> DELETED WEB-CLIENT Ultravox-Max-Msg header integer overflow attempt (deleted.rules, High)
9436 <-> DELETED WEB-CLIENT Ultravox-Max-Msg header integer overflow attempt (deleted.rules, High)
9620 <-> WEB-MISC pajax call_dispatcher remote exec attempt (web-misc.rules, High)
9622 <-> DOS Spiffit UDP denial of service attempt (dos.rules, Medium)
9625 <-> WEB-CLIENT Windows Media Player ASX file ref href buffer overflow attempt (web-client.rules, High)
9790 <-> EXPLOIT HP-UX lpd command execution attempt (exploit.rules, High)
9801 <-> WEB-CLIENT Windows Media Player or Explorer Malformed RIFF File denial of service attempt (web-client.rules, Medium)
9840 <-> WEB-CLIENT QuickTime HREF Track Detected (web-client.rules, Low)
9842 <-> WEB-CLIENT Adobe Acrobat Plugin Universal cross-site scripting attempt (web-client.rules, Medium)
9843 <-> WEB-CLIENT Adobe Acrobat Plugin JavaScript parameter double free attempt (web-client.rules, High)
9846 <-> WEB-CLIENT VLC Media Player udp URI format string attempt - multipacket (web-client.rules, High)
9849 <-> WEB-CLIENT Vector Markup Language recolorinfo tag numcolors parameter buffer overflow attempt (web-client.rules, High)
10010 <-> EXPLOIT Putty Server key exchange buffer overflow attempt (exploit.rules, High)
10011 <-> IMAP Novell NetMail APPEND command buffer overflow attempt (imap.rules, Medium)
10062 <-> WEB-CLIENT Java Virtual Machine malformed GIF buffer overflow attempt (web-client.rules, High)
10124 <-> SPECIFIC-THREATS PA168 chipset based IP phone authentication bypass (specific-threats.rules, High)
10125 <-> MISC bomberclone buffer overflow attempt (misc.rules, High)
10131 <-> WEB-CLIENT mozilla compareTo arbitrary code execution attempt (web-client.rules, High)
10172 <-> WEB-MISC uTorrent announce buffer overflow attempt (web-misc.rules, High)
10195 <-> WEB-MISC Content-Length buffer overflow attempt (web-misc.rules, High)
10402 <-> DELETED SPECIFIC-THREATS Trojan.Duntek Data Report POST (deleted.rules, High)
10986 <-> WEB-ACTIVEX GraceNote CDDB ActiveX clsid access (web-activex.rules, High)
10987 <-> WEB-ACTIVEX GraceNote CDDB ActiveX clsid unicode access (web-activex.rules, High)
10988 <-> WEB-ACTIVEX GraceNote CDDB ActiveX function call access (web-activex.rules, High)
10989 <-> WEB-ACTIVEX GraceNote CDDB ActiveX function call unicode access (web-activex.rules, High)
10995 <-> DELETED SMTP possible BDAT DoS attempt (deleted.rules, Medium)
10996 <-> WEB-MISC SSLv3 Client_Hello request (web-misc.rules, Low)
10999 <-> WEB-CGI chetcpasswd access (web-cgi.rules, Medium)
11001 <-> ORACLE dbms_snap_internal.delete_refresh_operations buffer overflow attempt (oracle.rules, High)
11002 <-> ORACLE dbms_snap_internal.generate_refresh_operations buffer overflow attempt (oracle.rules, High)
11003 <-> ORACLE dbms_snap_internal.generate_refresh_operations buffer overflow attempt (oracle.rules, High)
11175 <-> ORACLE dbms_cdc_ipublish.chgtab_cache buffer overflow attempt (oracle.rules, High)
11191 <-> WEB-IIS Microsoft Content Management Server memory corruption (web-iis.rules, High)
11193 <-> WEB-MISC Oracle iSQL Plus cross site scripting attempt (web-misc.rules, High)
11194 <-> WEB-MISC Oracle iSQL Plus cross site scripting attempt (web-misc.rules, High)
11223 <-> WEB-MISC google proxystylesheet arbitrary command execution attempt (web-misc.rules, High)
11616 <-> WEB-MISC Symantec Sygate Policy Manager SQL injection (web-misc.rules, High)
11664 <-> WEB-PHP sphpblog password.txt access attempt (web-php.rules, High)
11665 <-> WEB-PHP sphpblog install03_cgi access attempt (web-php.rules, High)
11666 <-> WEB-PHP sphpblog upload_img_cgi access attempt (web-php.rules, High)
11667 <-> WEB-PHP sphpblog arbitrary file delete attempt (web-php.rules, High)
11668 <-> WEB-PHP vbulletin php code injection (web-php.rules, High)
11669 <-> DELETED SPECIFIC-THREATS Eudora 250 command response buffer overflow attempt (deleted.rules, High)
11671 <-> WEB-MISC SSLv2 Server_Hello request from SSLv3 Client_Hello request (web-misc.rules, Low)
11685 <-> WEB-MISC Oracle iSQL Plus cross site scripting attempt (web-misc.rules, High)
11817 <-> WEB-CGI WhatsUpGold configuration access (web-cgi.rules, Medium)
11834 <-> WEB-MISC Internet Explorer navcancl.htm url spoofing attempt (web-misc.rules, Medium)
11947 <-> WEB-CLIENT Windows schannel security package (web-client.rules, High)
11965 <-> WEB-MISC SSLv2 Server_Hello request from TLSv1 Client_Hello request (web-misc.rules, Low)
11966 <-> WEB-CLIENT Microsoft Internet Explorer CSS tag memory corruption attempt (web-client.rules, High)
12014 <-> WEB-MISC Internet Explorer navcancl.htm url spoofing attempt (web-misc.rules, Medium)
12057 <-> WEB-CGI WhatsUpGold configuration access (web-cgi.rules, Medium)
12059 <-> WEB-MISC Oracle iSQL Plus cross site scripting attempt (web-misc.rules, High)
12060 <-> WEB-MISC Oracle iSQL Plus cross site scripting attempt (web-misc.rules, High)
12064 <-> WEB-IIS w3svc _vti_bin null pointer dereference attempt (web-iis.rules, Medium)
12083 <-> WEB-ACTIVEX Data Dynamics ActiveBar Actbar3 ActiveX clsid access (web-activex.rules, High)
12084 <-> WEB-ACTIVEX Data Dynamics ActiveBar Actbar3 ActiveX clsid unicode access (web-activex.rules, High)
12085 <-> WEB-ACTIVEX Data Dynamics ActiveBar Actbar3 ActiveX function call access (web-activex.rules, High)
12086 <-> WEB-ACTIVEX Data Dynamics ActiveBar Actbar3 ActiveX function call unicode access (web-activex.rules, High)
12220 <-> EXPLOIT IBM Informix Dynamic Server long username (exploit.rules, High)
12221 <-> WEB-PHP file upload GLOBAL variable overwrite attempt (web-php.rules, High)
12277 <-> EXPLOIT Microsoft IE CSS memory corruption exploit (exploit.rules, High)
12301 <-> WEB-ACTIVEX eCentrex VOIP Client Module ActiveX clsid access (web-activex.rules, High)
12302 <-> WEB-ACTIVEX eCentrex VOIP Client Module ActiveX clsid unicode access (web-activex.rules, High)
12421 <-> EXPLOIT RealNetworks Helix RTSP long transport header (exploit.rules, High)
12465 <-> EXPLOIT Apache APR memory corruption attempt (exploit.rules, High)
12592 <-> SMTP Recipient arbitrary command injection attempt (smtp.rules, High)
12595 <-> WEB-IIS malicious ASP file upload attempt (web-iis.rules, High)
12600 <-> WEB-ACTIVEX ebCrypt IncrementalHash ActiveX clsid access (web-activex.rules, High)
12601 <-> WEB-ACTIVEX ebCrypt IncrementalHash ActiveX clsid unicode access (web-activex.rules, High)
12602 <-> WEB-ACTIVEX ebCrypt IncrementalHash ActiveX function call access (web-activex.rules, High)
12603 <-> WEB-ACTIVEX ebCrypt IncrementalHash ActiveX function call unicode access (web-activex.rules, High)
12604 <-> WEB-ACTIVEX ebCrypt PRNGenerator ActiveX clsid access (web-activex.rules, High)
12605 <-> WEB-ACTIVEX ebCrypt PRNGenerator ActiveX clsid unicode access (web-activex.rules, High)
12606 <-> WEB-ACTIVEX ebCrypt PRNGenerator ActiveX function call access (web-activex.rules, High)
12607 <-> WEB-ACTIVEX ebCrypt PRNGenerator ActiveX function call unicode access (web-activex.rules, High)
12610 <-> WEB-PHP phpBB viewtopic double URL encoding attempt (web-php.rules, High)
12629 <-> WEB-MISC sharepoint cross site scripting attempt (web-misc.rules, High)
12711 <-> WEB-MISC Apache Tomcat WebDAV system tag remote file disclosure attempt (web-misc.rules, Medium)
12786 <-> EXPLOIT CA ARCserve Backup for Laptops rsxSetDataGrowthScheduleAndFilter overflow attempt (exploit.rules, High)
12905 <-> SPECIFIC-THREATS Microsoft SPNEGO ASN.1 library heap corruption overflow attempt (specific-threats.rules, High)
13161 <-> EXPLOIT HP OpenView CGI parameter buffer overflow attempt (exploit.rules, High)
13163 <-> DELETED NETBIOS SMB v4 spoolss EnumPrinters little endian overflow attempt (deleted.rules, High)
13164 <-> DELETED NETBIOS SMB v4 spoolss EnumPrinters WriteAndX overflow attempt (deleted.rules, High)
13165 <-> DELETED NETBIOS SMB v4 spoolss EnumPrinters WriteAndX little endian overflow attempt (deleted.rules, High)
13166 <-> DELETED NETBIOS SMB v4 spoolss EnumPrinters unicode overflow attempt (deleted.rules, High)
13167 <-> DELETED NETBIOS SMB v4 spoolss EnumPrinters WriteAndX unicode overflow attempt (deleted.rules, High)
13168 <-> DELETED NETBIOS SMB v4 spoolss EnumPrinters unicode little endian overflow attempt (deleted.rules, High)
13169 <-> DELETED NETBIOS SMB v4 spoolss EnumPrinters WriteAndX unicode little endian overflow attempt (deleted.rules, High)
13170 <-> DELETED NETBIOS SMB spoolss EnumPrinters WriteAndX unicode andx object call overflow attempt (deleted.rules, High)
13171 <-> DELETED NETBIOS SMB spoolss EnumPrinters WriteAndX unicode andx overflow attempt (deleted.rules, High)
13172 <-> DELETED NETBIOS SMB spoolss EnumPrinters WriteAndX unicode little endian andx object call overflow attempt (deleted.rules, High)
13173 <-> DELETED NETBIOS SMB spoolss EnumPrinters WriteAndX unicode little endian andx overflow attempt (deleted.rules, High)
13174 <-> DELETED NETBIOS SMB spoolss EnumPrinters WriteAndX unicode little endian object call overflow attempt (deleted.rules, High)
13175 <-> DELETED NETBIOS SMB spoolss EnumPrinters WriteAndX unicode overflow attempt (deleted.rules, High)
13176 <-> DELETED NETBIOS SMB spoolss EnumPrinters WriteAndX unicode object call overflow attempt (deleted.rules, High)
13177 <-> DELETED NETBIOS SMB spoolss EnumPrinters WriteAndX unicode overflow attempt (deleted.rules, High)
13178 <-> DELETED NETBIOS SMB spoolss EnumPrinters object call overflow attempt (deleted.rules, High)
13179 <-> DELETED NETBIOS SMB spoolss EnumPrinters WriteAndX object call overflow attempt (deleted.rules, High)
13180 <-> DELETED NETBIOS SMB spoolss EnumPrinters little endian object call overflow attempt (deleted.rules, High)
13181 <-> DELETED NETBIOS SMB spoolss EnumPrinters WriteAndX little endian object call overflow attempt (deleted.rules, High)
13182 <-> DELETED NETBIOS SMB spoolss EnumPrinters unicode object call overflow attempt (deleted.rules, High)
13183 <-> DELETED NETBIOS SMB spoolss EnumPrinters WriteAndX unicode object call overflow attempt (deleted.rules, High)
13184 <-> DELETED NETBIOS SMB spoolss EnumPrinters unicode little endian object call overflow attempt (deleted.rules, High)
13185 <-> DELETED NETBIOS SMB spoolss EnumPrinters WriteAndX unicode little endian object call overflow attempt (deleted.rules, High)
13186 <-> DELETED NETBIOS SMB v4 spoolss EnumPrinters andx overflow attempt (deleted.rules, High)
13187 <-> DELETED NETBIOS SMB v4 spoolss EnumPrinters little endian andx overflow attempt (deleted.rules, High)
13188 <-> DELETED NETBIOS SMB v4 spoolss EnumPrinters WriteAndX andx overflow attempt (deleted.rules, High)
13189 <-> DELETED NETBIOS SMB v4 spoolss EnumPrinters WriteAndX little endian andx overflow attempt (deleted.rules, High)
13190 <-> DELETED NETBIOS SMB v4 spoolss EnumPrinters unicode andx overflow attempt (deleted.rules, High)
13191 <-> DELETED NETBIOS SMB v4 spoolss EnumPrinters WriteAndX unicode andx overflow attempt (deleted.rules, High)
13192 <-> DELETED NETBIOS SMB v4 spoolss EnumPrinters unicode little endian andx overflow attempt (deleted.rules, High)
13193 <-> DELETED NETBIOS SMB v4 spoolss EnumPrinters WriteAndX unicode little endian andx overflow attempt (deleted.rules, High)
13194 <-> DELETED NETBIOS SMB v4 spoolss EnumPrinters WriteAndX andx overflow attempt (deleted.rules, High)
13195 <-> DELETED NETBIOS SMB v4 spoolss EnumPrinters WriteAndX little endian andx overflow attempt (deleted.rules, High)
13196 <-> DELETED NETBIOS SMB v4 spoolss EnumPrinters WriteAndX little endian overflow attempt (deleted.rules, High)
13197 <-> DELETED NETBIOS SMB v4 spoolss EnumPrinters WriteAndX overflow attempt (deleted.rules, High)
13198 <-> DELETED NETBIOS SMB v4 spoolss EnumPrinters WriteAndX unicode andx overflow attempt (deleted.rules, High)
13199 <-> DELETED NETBIOS SMB v4 spoolss EnumPrinters WriteAndX unicode little endian andx overflow attempt (deleted.rules, High)
13200 <-> DELETED NETBIOS SMB v4 spoolss EnumPrinters WriteAndX unicode little endian overflow attempt (deleted.rules, High)
13201 <-> DELETED NETBIOS SMB v4 spoolss EnumPrinters WriteAndX unicode overflow attempt (deleted.rules, High)
13202 <-> DELETED NETBIOS SMB v4 spoolss EnumPrinters andx overflow attempt (deleted.rules, High)
13203 <-> DELETED NETBIOS SMB v4 spoolss EnumPrinters little endian andx overflow attempt (deleted.rules, High)
13204 <-> DELETED NETBIOS SMB v4 spoolss EnumPrinters little endian overflow attempt (deleted.rules, High)
13205 <-> DELETED NETBIOS SMB v4 spoolss EnumPrinters overflow attempt (deleted.rules, High)
13206 <-> DELETED NETBIOS SMB v4 spoolss EnumPrinters unicode andx overflow attempt (deleted.rules, High)
13207 <-> DELETED NETBIOS SMB v4 spoolss EnumPrinters unicode little endian andx overflow attempt (deleted.rules, High)
13208 <-> DELETED NETBIOS SMB v4 spoolss EnumPrinters unicode little endian overflow attempt (deleted.rules, High)
13209 <-> DELETED NETBIOS SMB v4 spoolss EnumPrinters unicode overflow attempt (deleted.rules, High)
13221 <-> EXPLOIT Motorola Timbuktu crafted login request buffer overflow attempt (exploit.rules, High)
13222 <-> EXPLOIT Motorola Timbuktu crafted login request buffer overflow attempt (exploit.rules, High)
13269 <-> MISC Microsoft Windows ShellExecute and IE7 nntp url handling code execution attempt (misc.rules, High)
13270 <-> MISC Microsoft Windows ShellExecute and IE7 news url handling code execution attempt (misc.rules, High)
13271 <-> MISC Microsoft Windows ShellExecute and IE7 telnet url handling code execution attempt (misc.rules, High)
13272 <-> MISC Microsoft Windows ShellExecute and IE7 mailto url handling code execution attempt (misc.rules, High)
13291 <-> EXPLOIT Samba send_mailslot buffer overflow attempt (exploit.rules, High)
13292 <-> EXPLOIT Skype skype4com URI handler memory corruption attempt (exploit.rules, High)
13302 <-> WEB-CLIENT Apache mod_imagemap cross site scripting attempt (web-client.rules, High)
13361 <-> EXPLOIT ClamAV MEW PE file integer overflow attempt (exploit.rules, High)
13362 <-> EXPLOIT ClamAV MEW PE file integer overflow attempt (exploit.rules, High)
13367 <-> NETBIOS DCERPC NCACN-IP-TCP spoolss GetPrinterData attempt (netbios.rules, Low)
13368 <-> DELETED NETBIOS SMB-DS v4 spoolss GetPrinterData little endian attempt (deleted.rules, Low)
13369 <-> DELETED NETBIOS SMB-DS v4 spoolss GetPrinterData WriteAndX attempt (deleted.rules, Low)
13370 <-> DELETED NETBIOS SMB-DS v4 spoolss GetPrinterData WriteAndX little endian attempt (deleted.rules, Low)
13371 <-> DELETED NETBIOS SMB-DS v4 spoolss GetPrinterData unicode attempt (deleted.rules, Low)
13372 <-> DELETED NETBIOS SMB-DS v4 spoolss GetPrinterData WriteAndX unicode attempt (deleted.rules, Low)
13373 <-> DELETED NETBIOS SMB-DS v4 spoolss GetPrinterData unicode little endian attempt (deleted.rules, Low)
13374 <-> DELETED NETBIOS SMB-DS v4 spoolss GetPrinterData WriteAndX unicode little endian attempt (deleted.rules, Low)
13375 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData attempt (deleted.rules, Low)
13376 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData WriteAndX attempt (deleted.rules, Low)
13377 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData little endian attempt (deleted.rules, Low)
13378 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData WriteAndX little endian attempt (deleted.rules, Low)
13379 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData unicode attempt (deleted.rules, Low)
13380 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData WriteAndX unicode attempt (deleted.rules, Low)
13381 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData unicode little endian attempt (deleted.rules, Low)
13382 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData WriteAndX unicode little endian attempt (deleted.rules, Low)
13383 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData object call attempt (deleted.rules, Low)
13384 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData WriteAndX object call attempt (deleted.rules, Low)
13385 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData little endian object call attempt (deleted.rules, Low)
13386 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData WriteAndX little endian object call attempt (deleted.rules, Low)
13387 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData unicode object call attempt (deleted.rules, Low)
13388 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData WriteAndX unicode object call attempt (deleted.rules, Low)
13389 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData unicode little endian object call attempt (deleted.rules, Low)
13390 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData WriteAndX unicode little endian object call attempt (deleted.rules, Low)
13391 <-> DELETED NETBIOS SMB-DS v4 spoolss GetPrinterData andx attempt (deleted.rules, Low)
13392 <-> DELETED NETBIOS SMB-DS v4 spoolss GetPrinterData little endian andx attempt (deleted.rules, Low)
13393 <-> DELETED NETBIOS SMB-DS v4 spoolss GetPrinterData WriteAndX andx attempt (deleted.rules, Low)
13394 <-> DELETED NETBIOS SMB-DS v4 spoolss GetPrinterData WriteAndX little endian andx attempt (deleted.rules, Low)
13395 <-> DELETED NETBIOS SMB-DS v4 spoolss GetPrinterData unicode andx attempt (deleted.rules, Low)
13396 <-> DELETED NETBIOS SMB-DS v4 spoolss GetPrinterData WriteAndX unicode andx attempt (deleted.rules, Low)
13397 <-> DELETED NETBIOS SMB-DS v4 spoolss GetPrinterData unicode little endian andx attempt (deleted.rules, Low)
13398 <-> DELETED NETBIOS SMB-DS v4 spoolss GetPrinterData WriteAndX unicode little endian andx attempt (deleted.rules, Low)
13399 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData andx attempt (deleted.rules, Low)
13400 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData WriteAndX andx attempt (deleted.rules, Low)
13401 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData little endian andx attempt (deleted.rules, Low)
13402 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData WriteAndX little endian andx attempt (deleted.rules, Low)
13403 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData unicode andx attempt (deleted.rules, Low)
13404 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData WriteAndX unicode andx attempt (deleted.rules, Low)
13405 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData unicode little endian andx attempt (deleted.rules, Low)
13406 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData WriteAndX unicode little endian andx attempt (deleted.rules, Low)
13407 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData andx object call attempt (deleted.rules, Low)
13408 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData WriteAndX andx object call attempt (deleted.rules, Low)
13409 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData little endian andx object call attempt (deleted.rules, Low)
13410 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData WriteAndX little endian andx object call attempt (deleted.rules, Low)
13411 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData unicode andx object call attempt (deleted.rules, Low)
13412 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData WriteAndX unicode andx object call attempt (deleted.rules, Low)
13413 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData unicode little endian andx object call attempt (deleted.rules, Low)
13414 <-> DELETED NETBIOS SMB-DS spoolss GetPrinterData WriteAndX unicode little endian andx object call attempt (deleted.rules, Low)
13415 <-> EXPLOIT CA BrightStor cheyenneds mailslot overflow (exploit.rules, High)
13419 <-> WEB-ACTIVEX Facebook Photo Uploader ActiveX clsid access (web-activex.rules, High)
13420 <-> WEB-ACTIVEX Facebook Photo Uploader ActiveX clsid unicode access (web-activex.rules, High)
13421 <-> WEB-ACTIVEX Facebook Photo Uploader ActiveX function call access (web-activex.rules, High)
13422 <-> WEB-ACTIVEX Facebook Photo Uploader ActiveX function call unicode access (web-activex.rules, High)
13516 <-> WEB-CLIENT Quicktime HTTP error response buffer overflow (web-client.rules, High)
13591 <-> WEB-CGI Trend Micro OfficeScan CGI password decryption buffer overflow attempt (web-cgi.rules, High)
13599 <-> WEB-ACTIVEX Kingsoft Antivirus Online Update Module ActiveX clsid access (web-activex.rules, High)
13600 <-> WEB-ACTIVEX Kingsoft Antivirus Online Update Module ActiveX clsid unicode access (web-activex.rules, High)
13601 <-> WEB-ACTIVEX Kingsoft Antivirus Online Update Module ActiveX function call access (web-activex.rules, High)
13602 <-> WEB-ACTIVEX Kingsoft Antivirus Online Update Module ActiveX function call unicode access (web-activex.rules, High)
13612 <-> EXPLOIT RealVNC server authentication bypass attempt (exploit.rules, Low)
13618 <-> SPECIFIC-THREATS Oracle database version 9 username buffer overflow attempt (specific-threats.rules, High)
13620 <-> SPECIFIC-THREATS CA Brightstor discovery service alternate buffer overflow attempt (specific-threats.rules, High)
13694 <-> EXPLOIT RealNetworks Helix RTSP long get request exploit attempt (exploit.rules, High)
13695 <-> EXPLOIT RealNetworks Helix RTSP long setup request exploit attempt (exploit.rules, High)
13789 <-> DELETED WEB-CLIENT Microsoft Word file download request (deleted.rules, Low)
13797 <-> WEB-CLIENT pe compact binary download (web-client.rules, Low)
13799 <-> WEB-CLIENT IBM Lotus Expeditor cai URI Handler Command Execution attempt (web-client.rules, High)
13807 <-> WEB-CLIENT Windows metafile SetPaletteEntries heap overflow attempt (web-client.rules, High)
13819 <-> WEB-MISC IBM Lotus Domino Web Server Accept-Language header buffer overflow attempt (web-misc.rules, High)
13840 <-> EXPLOIT Borland Interbase service attach operation buffer overflow (exploit.rules, High)
13841 <-> EXPLOIT Borland Interbase create operation buffer overflow (exploit.rules, High)
13842 <-> EXPLOIT Borland Interbase operation buffer overflow (exploit.rules, High)
13843 <-> EXPLOIT MaxDB WebDBM get buffer overflow (exploit.rules, High)
13902 <-> EXPLOIT IBM Lotus Sametime multiplexer stack buffer overflow attempt (exploit.rules, High)
13915 <-> WEB-MISC backup file download attempt (web-misc.rules, Low)
13919 <-> WEB-CLIENT Apple QuickTime MOV file string handling integer overflow attempt (web-client.rules, High)
13923 <-> SMTP MailEnable SMTP HELO command denial of service attempt (smtp.rules, Medium)
13925 <-> FTP Computer Associates eTrust Secure Content Manager PASV stack overflow attempt (ftp.rules, High)
14039 <-> EXPLOIT GNOME Project libxslt RC4 key string buffer overflow attempt (exploit.rules, High)
14040 <-> EXPLOIT GNOME Project libxslt RC4 key string buffer overflow attempt (exploit.rules, High)
14041 <-> EXPLOIT GNOME Project libxslt RC4 key string buffer overflow attempt (exploit.rules, High)
14230 <-> EXPLOIT SAP DB web server stack overflow attempt (exploit.rules, High)
14610 <-> WEB-PHP Joomla invalid token administrative password reset attempt (web-php.rules, High)
14743 <-> FTP RNTO directory traversal attempt (ftp.rules, Medium)
14746 <-> WEB-ACTIVEX Autodesk DWF Viewer ActiveX clsid access (web-activex.rules, High)
14747 <-> WEB-ACTIVEX Autodesk DWF Viewer ActiveX clsid unicode access (web-activex.rules, High)
14771 <-> WEB-MISC BEA WebLogic Apache Oracle connector Transfer-Encoding buffer overflow (web-misc.rules, High)
14992 <-> WEB-MISC Openwsman HTTP basic authentication buffer overflow attempt (web-misc.rules, High)
15078 <-> EXPLOIT HP Openview Network Node Manager OValarmsrv buffer overflow attempt (exploit.rules, High)
15306 <-> WEB-CLIENT Portable Executable binary file transfer (web-client.rules, Low)
15364 <-> EXPLOIT Ganglia Meta Daemon process_path stack buffer overflow attempt (exploit.rules, High)
15384 <-> WEB-CLIENT Apple QuickTime pict image poly structure memory corruption attempt (web-client.rules, High)
15428 <-> WEB-CLIENT Mozilla Firefox SVG data processing memory corruption attempt (web-client.rules, High)
15434 <-> WEB-MISC HP OpenView Network Node Manager OvOSLocale parameter buffer overflow attempt (web-misc.rules, High)
15473 <-> WEB-CLIENT Nullsoft Winamp m3u file player name handling buffer overflow attempt (web-client.rules, High)
15477 <-> EXPLOIT Oracle BEA WebLogic overlong JESSIONID buffer overflow attempt (exploit.rules, Medium)
15488 <-> SPECIFIC-THREATS Oracle Database Application Express Component APEX password hash disclosure attempt (specific-threats.rules, Medium)
15574 <-> SMTP MAIL FROM command overflow attempt (smtp.rules, High)
15684 <-> MISC Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt (misc.rules, High)
15699 <-> SPECIFIC-THREATS Mozilla Firefox 3.5 unicode stack overflow attempt (specific-threats.rules, High)
15703 <-> WEB-CLIENT Apple iTunes ITMS protocol handler stack buffer overflow attempt (web-client.rules, High)
15704 <-> WEB-CLIENT Apple iTunes ITMSS protocol handler stack buffer overflow attempt (web-client.rules, High)
15706 <-> WEB-CLIENT Apple iTunes DAAP protocol handler stack buffer overflow attempt (web-client.rules, High)
15707 <-> WEB-CLIENT Apple iTunes ITPC protocol handler stack buffer overflow attempt (web-client.rules, High)
15723 <-> ORACLE Oracle database server CompressWorkspaceTree SQL injection attempt (oracle.rules, High)
15866 <-> WEB-CLIENT libxml2 XML file processing long entity name buffer overflow attempt (web-client.rules, High)
15897 <-> WEB-MISC SSLv1 Client_Hello Challenge Length overflow attempt (web-misc.rules, High)
15906 <-> BAD-TRAFFIC Linux Kernel DCCP Protocol Handler dccp_setsockopt_change integer overflow attempt (bad-traffic.rules, Medium)
15907 <-> BAD-TRAFFIC Linux Kernel DCCP Protocol Handler dccp_setsockopt_change integer overflow attempt (bad-traffic.rules, Medium)
15923 <-> WEB-ACTIVEX DHTML Editing ActiveX clsid unicode access (web-activex.rules, High)
15924 <-> WEB-ACTIVEX DHTML Editing ActiveX function call access (web-activex.rules, High)
15925 <-> WEB-ACTIVEX DHTML Editing ActiveX function call unicode access (web-activex.rules, High)
15931 <-> MISC Veritas NetBackup java user interface service format string attack attempt (misc.rules, High)
15938 <-> SPECIFIC-THREATS Backdoor SubSeven client connection to server (specific-threats.rules, High)
15940 <-> SPECIFIC-THREATS RealNetworks RealPlayer Multiple Products RA file processing overflow attempt (specific-threats.rules, High)
15941 <-> DOS Squid Proxy TRACE request remote DoS attempt (dos.rules, High)
15947 <-> SPECIFIC-THREATS Microsoft Outlook Web Access Cross-Site Scripting attempt (specific-threats.rules, High)
15948 <-> SPECIFIC-THREATS CA License Software Invalid Command overflow attempt (specific-threats.rules, High)
15949 <-> SPECIFIC-THREATS McAfee LHA file handling overflow attempt (specific-threats.rules, High)
15950 <-> SPECIFIC-THREATS McAfee LHA Type-2 file handling overflow attempt (specific-threats.rules, High)
15951 <-> SPECIFIC-THREATS MySQL MaxDB Webtool GET command overflow attempt (specific-threats.rules, High)
15960 <-> SPECIFIC-THREATS Novell eDirectory MS-DOS device name DoS attempt (specific-threats.rules, Medium)
15963 <-> SPECIFIC-THREATS Red Hat Enterprise Linux DNS resolver buffer overflow attempt (specific-threats.rules, High)
15971 <-> EXPLOIT CVS Argumentx command double free attempt (exploit.rules, High)
15979 <-> EXPLOIT Check Point VPN-1 ASN.1 Decoding heap overflow attempt (exploit.rules, Medium)
15980 <-> WEB-MISC Apache mod_ssl hook functions format string attempt (web-misc.rules, High)
15988 <-> SPECIFIC-THREATS Microsoft ISA Server DNS spoofing attempt (specific-threats.rules, Medium)
15989 <-> EXPLOIT Squid ASN.1 header parsing denial of service attempt (exploit.rules, Medium)
15991 <-> SPECIFIC-THREATS Multiple vendor DNS message decompression denial of service attempt (specific-threats.rules, Medium)
16008 <-> SPECIFIC-THREATS Microsoft Internet Explorer 7 html object memory corruption attempt (specific-threats.rules, High)
16009 <-> SPECIFIC-THREATS Mozilla products overflow event handling memory corruption attempt (specific-threats.rules, High)
16021 <-> SPECIFIC-THREATS Apache http Server mod_tcl format string attempt (specific-threats.rules, High)
16042 <-> SPECIFIC-THREATS Mozilla browsers CSS moz-binding cross domain scripting attempt (specific-threats.rules, High)
16052 <-> WEB-CLIENT Novell iManager Tomcat http post handling DoS attempt (web-client.rules, Medium)
16068 <-> SPECIFIC-THREATS Yahoo Music Jukebox ActiveX exploit (specific-threats.rules, High)
16195 <-> WEB-MISC Novell eDirectory HTTP request content-length heap buffer overflow attempt (web-misc.rules, High)
16351 <-> VOIP-SIP CSeq buffer overflow attempt (voip.rules, Medium)
16359 <-> WEB-CLIENT Adobe Illustrator DSC comment overflow attempt (web-client.rules, High)
16441 <-> SPECIFIC-THREATS Possible Zeus User-Agent - Download (specific-threats.rules, High)