Sourcefire VRT Rules Update

Date: 2007-08-14

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version CURRENT.

The format of the file is:

sid - Message (rule group)

New rules:
12224 <-> SPYWARE-PUT Adware enbrowser snackman runtime detection (spyware-put.rules)
12225 <-> SPYWARE-PUT Adware zango2007 toolbar runtime detection (spyware-put.rules)
12226 <-> SPYWARE-PUT Keylogger overspy runtime detection (spyware-put.rules)
12227 <-> SPYWARE-PUT Trackware snap ultrasearch/desktop toolbar runtime detection - search (spyware-put.rules)
12228 <-> SPYWARE-PUT Trackware snap ultrasearch/desktop toolbar runtime detection - cookie (spyware-put.rules)
12229 <-> SPYWARE-PUT Adware vroomsearch runtime detection (spyware-put.rules)
12230 <-> SPYWARE-PUT Hacker-Tool hippynotify 2.0 runtime detection (spyware-put.rules)
12231 <-> SPYWARE-PUT Adware vroomsearch runtime detection (spyware-put.rules)
12232 <-> SPYWARE-PUT Adware errorsafe runtime detection (spyware-put.rules)
12233 <-> BACKDOOR theef 2.10 runtime detection - connect with no password (backdoor.rules)
12234 <-> BACKDOOR theef 2.10 runtime detection - connect with no password (backdoor.rules)
12235 <-> BACKDOOR theef 2.10 runtime detection - connect with password (backdoor.rules)
12236 <-> BACKDOOR theef 2.10 runtime detection - connect with password (backdoor.rules)
12237 <-> BACKDOOR theef 2.10 runtime detection - ftp (backdoor.rules)
12238 <-> BACKDOOR theef 2.10 runtime detection - ftp (backdoor.rules)
12239 <-> BACKDOOR webcenter v1.0 Backdoor - init connection (backdoor.rules)
12240 <-> BACKDOOR genie 1.7 runtime detection - init connection (backdoor.rules)
12241 <-> BACKDOOR genie 1.7 runtime detection - init connection (backdoor.rules)
12242 <-> BACKDOOR hotmail hacker log edition 5.0 runtime detection - init connection (backdoor.rules)
12243 <-> BACKDOOR hotmail hacker log edition 5.0 runtime detection - init connection (backdoor.rules)
12244 <-> BACKDOOR itadem trojan 3.0 runtime detection (backdoor.rules)
12245 <-> BACKDOOR furax 1.0 b3 runtime detection (backdoor.rules)
12246 <-> WEB-CLIENT Symantec NavComUI AxSysListView32 ActiveX clsid access (web-client.rules)
12247 <-> WEB-CLIENT Symantec NavComUI AxSysListView32 ActiveX clsid unicode access (web-client.rules)
12248 <-> WEB-CLIENT Symantec NavComUI AxSysListView32 ActiveX function call access (web-client.rules)
12249 <-> WEB-CLIENT Symantec NavComUI AxSysListView32 ActiveX function call unicode access (web-client.rules)
12250 <-> WEB-CLIENT Symantec NavComUI AxSysListView32OAA ActiveX clsid access (web-client.rules)
12251 <-> WEB-CLIENT Symantec NavComUI AxSysListView32OAA ActiveX clsid unicode access (web-client.rules)
12252 <-> WEB-CLIENT Symantec NavComUI AxSysListView32OAA ActiveX function call access (web-client.rules)
12253 <-> WEB-CLIENT Symantec NavComUI AxSysListView32OAA ActiveX function call unicode access (web-client.rules)
12254 <-> EXPLOIT CA message queuing erroneous length field (exploit.rules)
12255 <-> WEB-CGI CSGuestbook setup attempt (web-cgi.rules)
12256 <-> WEB-CLIENT Excel malformed FBI record (web-client.rules)
12257 <-> WEB-CLIENT Microsoft DirectX Media SDK ActiveX clsid access (web-client.rules)
12258 <-> WEB-CLIENT Microsoft DirectX Media SDK ActiveX clsid unicode access (web-client.rules)
12259 <-> WEB-CLIENT Microsoft DirectX Media SDK ActiveX function call access (web-client.rules)
12260 <-> WEB-CLIENT Microsoft DirectX Media SDK ActiveX function call unicode access (web-client.rules)
12261 <-> WEB-CLIENT Microsoft Visual Basic 6 PDWizard.File ActiveX clsid access (web-client.rules)
12262 <-> WEB-CLIENT Microsoft Visual Basic 6 PDWizard.File ActiveX clsid unicode access (web-client.rules)
12263 <-> WEB-CLIENT Microsoft Visual Basic 6 PDWizard.File ActiveX function call access (web-client.rules)
12264 <-> WEB-CLIENT Microsoft Visual Basic 6 PDWizard.File ActiveX function call unicode access (web-client.rules)
12265 <-> WEB-CLIENT Microsoft Visual Basic 6 SearchHelper ActiveX clsid access (web-client.rules)
12266 <-> WEB-CLIENT Microsoft Visual Basic 6 SearchHelper ActiveX clsid unicode access (web-client.rules)
12267 <-> WEB-CLIENT Microsoft Visual Basic 6 SearchHelper ActiveX function call access (web-client.rules)
12268 <-> WEB-CLIENT Microsoft Visual Basic 6 SearchHelper ActiveX function call unicode access (web-client.rules)
12269 <-> WEB-CLIENT Microsoft Visual Basic 6 TLIApplication ActiveX clsid access (web-client.rules)
12270 <-> WEB-CLIENT Microsoft Visual Basic 6 TLIApplication ActiveX clsid unicode access (web-client.rules)
12271 <-> WEB-CLIENT Microsoft Visual Basic 6 TLIApplication ActiveX function call access (web-client.rules)
12272 <-> WEB-CLIENT Microsoft Visual Basic 6 TLIApplication ActiveX function call unicode access (web-client.rules)
12273 <-> WEB-CLIENT Microsoft Visual Basic 6 TypeLibInfo ActiveX clsid access (web-client.rules)
12274 <-> WEB-CLIENT Microsoft Visual Basic 6 TypeLibInfo ActiveX clsid unicode access (web-client.rules)
12275 <-> WEB-CLIENT Microsoft Visual Basic 6 TypeLibInfo ActiveX function call access (web-client.rules)
12276 <-> WEB-CLIENT Microsoft Visual Basic 6 TypeLibInfo ActiveX function call unicode access (web-client.rules)
12277 <-> EXPLOIT Microsoft IE CSS memory corruption exploit (exploit.rules)
12278 <-> POLICY Microsoft Media Player compressed skin download (policy.rules)
12279 <-> WEB-CLIENT Microsoft XML substringData integer overflow attept (web-client.rules)
12280 <-> WEB-CLIENT VML source file memory corruption (web-client.rules)
12281 <-> WEB-CLIENT VML source file memory corruption (web-client.rules)
12282 <-> WEB-CLIENT VML source file memory corruption (web-client.rules)
12283 <-> WEB-CLIENT xlw file download (web-client.rules)
12284 <-> WEB-CLIENT Excel rtWnDesk record memory corruption exploit attempt (web-client.rules)

Updated rules:
 518 <-> TFTP Put (tftp.rules)
 519 <-> TFTP parent directory (tftp.rules)
 520 <-> TFTP root directory (tftp.rules)
 569 <-> RPC snmpXdmi overflow attempt TCP (rpc.rules)
 572 <-> RPC DOS ttdbserv Solaris (rpc.rules)
 574 <-> RPC mountd TCP export request (rpc.rules)
 575 <-> RPC portmap admind request UDP (rpc.rules)
 576 <-> RPC portmap amountd request UDP (rpc.rules)
 577 <-> RPC portmap bootparam request UDP (rpc.rules)
 578 <-> RPC portmap cmsd request UDP (rpc.rules)
 579 <-> RPC portmap mountd request UDP (rpc.rules)
 580 <-> RPC portmap nisd request UDP (rpc.rules)
 581 <-> RPC portmap pcnfsd request UDP (rpc.rules)
 582 <-> RPC portmap rexd request UDP (rpc.rules)
 583 <-> RPC portmap rstatd request UDP (rpc.rules)
 584 <-> RPC portmap rusers request UDP (rpc.rules)
 585 <-> RPC portmap sadmind request UDP (rpc.rules)
 586 <-> RPC portmap selection_svc request UDP (rpc.rules)
 587 <-> RPC portmap status request UDP (rpc.rules)
 588 <-> RPC portmap ttdbserv request UDP (rpc.rules)
 589 <-> RPC portmap yppasswd request UDP (rpc.rules)
 590 <-> RPC portmap ypserv request UDP (rpc.rules)
 591 <-> RPC portmap ypupdated request TCP (rpc.rules)
 593 <-> RPC portmap snmpXdmi request TCP (rpc.rules)
 595 <-> RPC portmap espd request TCP (rpc.rules)
 598 <-> RPC portmap listing TCP 111 (rpc.rules)
 599 <-> RPC portmap listing TCP 32771 (rpc.rules)
 612 <-> RPC rusers query UDP (rpc.rules)
 709 <-> TELNET 4Dgifts SGI account attempt (telnet.rules)
 710 <-> TELNET EZsetup account attempt (telnet.rules)
 711 <-> TELNET SGI telnetd format bug (telnet.rules)
 712 <-> TELNET ld_library_path (telnet.rules)
 713 <-> TELNET livingston DOS (telnet.rules)
 714 <-> TELNET resolv_host_conf (telnet.rules)
 715 <-> TELNET Attempted SU from wrong group (telnet.rules)
 717 <-> TELNET not on console (telnet.rules)
 719 <-> TELNET root login (telnet.rules)
 803 <-> WEB-CGI HyperSeek hsx.cgi directory traversal attempt (web-cgi.rules)
 804 <-> WEB-CGI SWSoft ASPSeek Overflow attempt (web-cgi.rules)
 805 <-> WEB-CGI webspeed access (web-cgi.rules)
 806 <-> WEB-CGI yabb directory traversal attempt (web-cgi.rules)
 807 <-> WEB-CGI /wwwboard/passwd.txt access (web-cgi.rules)
 808 <-> WEB-CGI webdriver access (web-cgi.rules)
 809 <-> WEB-CGI whois_raw.cgi arbitrary command execution attempt (web-cgi.rules)
 810 <-> WEB-CGI whois_raw.cgi access (web-cgi.rules)
 811 <-> WEB-CGI websitepro path access (web-cgi.rules)
 812 <-> WEB-CGI webplus version access (web-cgi.rules)
 813 <-> WEB-CGI webplus directory traversal (web-cgi.rules)
 815 <-> WEB-CGI websendmail access (web-cgi.rules)
 817 <-> WEB-CGI dcboard.cgi invalid user addition attempt (web-cgi.rules)
 818 <-> WEB-CGI dcforum.cgi access (web-cgi.rules)
 819 <-> WEB-CGI mmstdod.cgi access (web-cgi.rules)
 820 <-> WEB-CGI anaconda directory transversal attempt (web-cgi.rules)
 821 <-> WEB-CGI imagemap.exe overflow attempt (web-cgi.rules)
 823 <-> WEB-CGI cvsweb.cgi access (web-cgi.rules)
 824 <-> WEB-CGI php.cgi access (web-cgi.rules)
 825 <-> WEB-CGI glimpse access (web-cgi.rules)
 826 <-> WEB-CGI htmlscript access (web-cgi.rules)
 827 <-> WEB-CGI info2www access (web-cgi.rules)
 828 <-> WEB-CGI maillist.pl access (web-cgi.rules)
 829 <-> WEB-CGI nph-test-cgi access (web-cgi.rules)
 832 <-> WEB-CGI perl.exe access (web-cgi.rules)
 833 <-> WEB-CGI rguest.exe access (web-cgi.rules)
 834 <-> WEB-CGI rwwwshell.pl access (web-cgi.rules)
 835 <-> WEB-CGI test-cgi access (web-cgi.rules)
 836 <-> WEB-CGI textcounter.pl access (web-cgi.rules)
 837 <-> WEB-CGI uploader.exe access (web-cgi.rules)
 838 <-> WEB-CGI webgais access (web-cgi.rules)
 839 <-> WEB-CGI finger access (web-cgi.rules)
 840 <-> WEB-CGI perlshop.cgi access (web-cgi.rules)
 842 <-> WEB-CGI aglimpse access (web-cgi.rules)
 843 <-> WEB-CGI anform2 access (web-cgi.rules)
 844 <-> WEB-CGI args.bat access (web-cgi.rules)
 845 <-> WEB-CGI AT-admin.cgi access (web-cgi.rules)
 846 <-> WEB-CGI bnbform.cgi access (web-cgi.rules)
 847 <-> WEB-CGI campas access (web-cgi.rules)
 848 <-> WEB-CGI view-source directory traversal (web-cgi.rules)
 849 <-> WEB-CGI view-source access (web-cgi.rules)
 850 <-> WEB-CGI wais.pl access (web-cgi.rules)
 851 <-> WEB-CGI files.pl access (web-cgi.rules)
 852 <-> WEB-CGI wguest.exe access (web-cgi.rules)
 853 <-> WEB-CGI wrap access (web-cgi.rules)
 854 <-> WEB-CGI classifieds.cgi access (web-cgi.rules)
 856 <-> WEB-CGI environ.cgi access (web-cgi.rules)
 857 <-> WEB-CGI faxsurvey access (web-cgi.rules)
 858 <-> WEB-CGI filemail access (web-cgi.rules)
 859 <-> WEB-CGI man.sh access (web-cgi.rules)
 860 <-> WEB-CGI snork.bat access (web-cgi.rules)
 861 <-> WEB-CGI w3-msql access (web-cgi.rules)
 862 <-> WEB-CGI csh access (web-cgi.rules)
 863 <-> WEB-CGI day5datacopier.cgi access (web-cgi.rules)
 864 <-> WEB-CGI day5datanotifier.cgi access (web-cgi.rules)
 865 <-> WEB-CGI ksh access (web-cgi.rules)
 866 <-> WEB-CGI post-query access (web-cgi.rules)
 867 <-> WEB-CGI visadmin.exe access (web-cgi.rules)
 868 <-> WEB-CGI rsh access (web-cgi.rules)
 869 <-> WEB-CGI dumpenv.pl access (web-cgi.rules)
 870 <-> WEB-CGI snorkerz.cmd access (web-cgi.rules)
 871 <-> WEB-CGI survey.cgi access (web-cgi.rules)
 872 <-> WEB-CGI tcsh access (web-cgi.rules)
 875 <-> WEB-CGI win-c-sample.exe access (web-cgi.rules)
 877 <-> WEB-CGI rksh access (web-cgi.rules)
 878 <-> WEB-CGI w3tvars.pm access (web-cgi.rules)
 879 <-> WEB-CGI admin.pl access (web-cgi.rules)
 880 <-> WEB-CGI LWGate access (web-cgi.rules)
 881 <-> WEB-CGI archie access (web-cgi.rules)
 882 <-> WEB-CGI calendar access (web-cgi.rules)
 883 <-> WEB-CGI flexform access (web-cgi.rules)
 884 <-> WEB-CGI formmail access (web-cgi.rules)
 885 <-> WEB-CGI bash access (web-cgi.rules)
 886 <-> WEB-CGI phf access (web-cgi.rules)
 887 <-> WEB-CGI www-sql access (web-cgi.rules)
 888 <-> WEB-CGI wwwadmin.pl access (web-cgi.rules)
 889 <-> WEB-CGI ppdscgi.exe access (web-cgi.rules)
 890 <-> WEB-CGI sendform.cgi access (web-cgi.rules)
 891 <-> WEB-CGI upload.pl access (web-cgi.rules)
 892 <-> WEB-CGI AnyForm2 access (web-cgi.rules)
 894 <-> WEB-CGI bb-hist.sh access (web-cgi.rules)
 895 <-> WEB-CGI redirect access (web-cgi.rules)
 896 <-> WEB-CGI way-board access (web-cgi.rules)
 897 <-> WEB-CGI pals-cgi access (web-cgi.rules)
 898 <-> WEB-CGI commerce.cgi access (web-cgi.rules)
 899 <-> WEB-CGI Amaya templates sendtemp.pl directory traversal attempt (web-cgi.rules)
 900 <-> WEB-CGI webspirs.cgi directory traversal attempt (web-cgi.rules)
 901 <-> WEB-CGI webspirs.cgi access (web-cgi.rules)
 902 <-> WEB-CGI tstisapi.dll access (web-cgi.rules)
1051 <-> WEB-CGI technote main.cgi file directory traversal attempt (web-cgi.rules)
1052 <-> WEB-CGI technote print.cgi directory traversal attempt (web-cgi.rules)
1053 <-> WEB-CGI ads.cgi command execution attempt (web-cgi.rules)
1088 <-> WEB-CGI eXtropia webstore directory traversal (web-cgi.rules)
1089 <-> WEB-CGI shopping cart directory traversal (web-cgi.rules)
1090 <-> WEB-CGI Allaire Pro Web Shell attempt (web-cgi.rules)
1092 <-> WEB-CGI Armada Style Master Index directory traversal (web-cgi.rules)
1093 <-> WEB-CGI cached_feed.cgi moreover shopping cart directory traversal (web-cgi.rules)
1097 <-> WEB-CGI Talentsoft Web+ exploit attempt (web-cgi.rules)
1106 <-> WEB-CGI Poll-it access (web-cgi.rules)
1149 <-> WEB-CGI count.cgi access (web-cgi.rules)
1163 <-> WEB-CGI webdist.cgi access (web-cgi.rules)
1172 <-> WEB-CGI bigconf.cgi access (web-cgi.rules)
1174 <-> WEB-CGI /cgi-bin/jj access (web-cgi.rules)
1185 <-> WEB-CGI bizdbsearch attempt (web-cgi.rules)
1194 <-> WEB-CGI sojourn.cgi File attempt (web-cgi.rules)
1195 <-> WEB-CGI sojourn.cgi access (web-cgi.rules)
1196 <-> WEB-CGI SGI InfoSearch fname attempt (web-cgi.rules)
1204 <-> WEB-CGI ax-admin.cgi access (web-cgi.rules)
1205 <-> WEB-CGI axs.cgi access (web-cgi.rules)
1206 <-> WEB-CGI cachemgr.cgi access (web-cgi.rules)
1208 <-> WEB-CGI responder.cgi access (web-cgi.rules)
1211 <-> WEB-CGI web-map.cgi access (web-cgi.rules)
1215 <-> WEB-CGI ministats admin access (web-cgi.rules)
1219 <-> WEB-CGI dfire.cgi access (web-cgi.rules)
1222 <-> WEB-CGI pals-cgi arbitrary file access attempt (web-cgi.rules)
1252 <-> TELNET bsd telnet exploit response (telnet.rules)
1253 <-> TELNET bsd exploit client finishing (telnet.rules)
1262 <-> RPC portmap admind request TCP (rpc.rules)
1263 <-> RPC portmap amountd request TCP (rpc.rules)
1264 <-> RPC portmap bootparam request TCP (rpc.rules)
1265 <-> RPC portmap cmsd request TCP (rpc.rules)
1266 <-> RPC portmap mountd request TCP (rpc.rules)
1267 <-> RPC portmap nisd request TCP (rpc.rules)
1268 <-> RPC portmap pcnfsd request TCP (rpc.rules)
1269 <-> RPC portmap rexd request TCP (rpc.rules)
1270 <-> RPC portmap rstatd request TCP (rpc.rules)
1271 <-> RPC portmap rusers request TCP (rpc.rules)
1272 <-> RPC portmap sadmind request TCP (rpc.rules)
1273 <-> RPC portmap selection_svc request TCP (rpc.rules)
1274 <-> RPC portmap ttdbserv request TCP (rpc.rules)
1275 <-> RPC portmap yppasswd request TCP (rpc.rules)
1276 <-> RPC portmap ypserv request TCP (rpc.rules)
1277 <-> RPC portmap ypupdated request UDP (rpc.rules)
1279 <-> RPC portmap snmpXdmi request UDP (rpc.rules)
1280 <-> RPC portmap listing UDP 111 (rpc.rules)
1281 <-> RPC portmap listing UDP 32771 (rpc.rules)
1289 <-> TFTP GET Admin.dll (tftp.rules)
1293 <-> DELETED NETBIOS nimda .eml (deleted.rules)
1294 <-> DELETED NETBIOS nimda .nws (deleted.rules)
1295 <-> NETBIOS nimda RICHED20.DLL (netbios.rules)
1304 <-> WEB-CGI txt2html.cgi access (web-cgi.rules)
1305 <-> WEB-CGI txt2html.cgi directory traversal attempt (web-cgi.rules)
1306 <-> WEB-CGI store.cgi product directory traversal attempt (web-cgi.rules)
1307 <-> WEB-CGI store.cgi access (web-cgi.rules)
1308 <-> WEB-CGI sendmessage.cgi access (web-cgi.rules)
1309 <-> WEB-CGI zsh access (web-cgi.rules)
1392 <-> WEB-CGI lastlines.cgi access (web-cgi.rules)
1395 <-> WEB-CGI zml.cgi attempt (web-cgi.rules)
1396 <-> WEB-CGI zml.cgi access (web-cgi.rules)
1397 <-> WEB-CGI wayboard attempt (web-cgi.rules)
1405 <-> WEB-CGI AHG search.cgi access (web-cgi.rules)
1406 <-> WEB-CGI agora.cgi access (web-cgi.rules)
1409 <-> SNMP community string buffer overflow attempt (snmp.rules)
1410 <-> WEB-CGI dcboard.cgi access (web-cgi.rules)
1411 <-> SNMP public access udp (snmp.rules)
1412 <-> SNMP public access tcp (snmp.rules)
1413 <-> SNMP private access udp (snmp.rules)
1414 <-> SNMP private access tcp (snmp.rules)
1415 <-> SNMP Broadcast request (snmp.rules)
1416 <-> SNMP broadcast trap (snmp.rules)
1417 <-> SNMP request udp (snmp.rules)
1418 <-> SNMP request tcp (snmp.rules)
1419 <-> SNMP trap udp (snmp.rules)
1420 <-> SNMP trap tcp (snmp.rules)
1421 <-> SNMP AgentX/tcp request (snmp.rules)
1422 <-> SNMP community string buffer overflow attempt with evasion (snmp.rules)
1426 <-> SNMP PROTOS test-suite-req-app attempt (snmp.rules)
1427 <-> SNMP PROTOS test-suite-trap-app attempt (snmp.rules)
1430 <-> TELNET Solaris memory mismanagement exploit attempt (telnet.rules)
1441 <-> TFTP GET nc.exe (tftp.rules)
1442 <-> TFTP GET shadow (tftp.rules)
1443 <-> TFTP GET passwd (tftp.rules)
1444 <-> TFTP Get (tftp.rules)
1451 <-> WEB-CGI NPH-publish access (web-cgi.rules)
1452 <-> WEB-CGI args.cmd access (web-cgi.rules)
1453 <-> WEB-CGI AT-generated.cgi access (web-cgi.rules)
1454 <-> WEB-CGI wwwwais access (web-cgi.rules)
1455 <-> WEB-CGI calendar.pl access (web-cgi.rules)
1456 <-> WEB-CGI calender_admin.pl access (web-cgi.rules)
1457 <-> WEB-CGI user_update_admin.pl access (web-cgi.rules)
1458 <-> WEB-CGI user_update_passwd.pl access (web-cgi.rules)
1459 <-> WEB-CGI bb-histlog.sh access (web-cgi.rules)
1460 <-> WEB-CGI bb-histsvc.sh access (web-cgi.rules)
1461 <-> WEB-CGI bb-rep.sh access (web-cgi.rules)
1462 <-> WEB-CGI bb-replog.sh access (web-cgi.rules)
1465 <-> WEB-CGI auktion.cgi access (web-cgi.rules)
1466 <-> WEB-CGI cgiforum.pl access (web-cgi.rules)
1467 <-> WEB-CGI directorypro.cgi access (web-cgi.rules)
1468 <-> WEB-CGI Web Shopper shopper.cgi attempt (web-cgi.rules)
1469 <-> WEB-CGI Web Shopper shopper.cgi access (web-cgi.rules)
1470 <-> WEB-CGI listrec.pl access (web-cgi.rules)
1471 <-> WEB-CGI mailnews.cgi access (web-cgi.rules)
1472 <-> WEB-CGI book.cgi access (web-cgi.rules)
1473 <-> WEB-CGI newsdesk.cgi access (web-cgi.rules)
1474 <-> WEB-CGI cal_make.pl access (web-cgi.rules)
1475 <-> WEB-CGI mailit.pl access (web-cgi.rules)
1476 <-> WEB-CGI sdbsearch.cgi access (web-cgi.rules)
1478 <-> WEB-CGI swc access (web-cgi.rules)
1479 <-> WEB-CGI ttawebtop.cgi arbitrary file attempt (web-cgi.rules)
1480 <-> WEB-CGI ttawebtop.cgi access (web-cgi.rules)
1481 <-> WEB-CGI upload.cgi access (web-cgi.rules)
1482 <-> WEB-CGI view_source access (web-cgi.rules)
1483 <-> WEB-CGI ustorekeeper.pl access (web-cgi.rules)
1488 <-> WEB-CGI store.cgi directory traversal attempt (web-cgi.rules)
1494 <-> WEB-CGI SIX webboard generate.cgi attempt (web-cgi.rules)
1495 <-> WEB-CGI SIX webboard generate.cgi access (web-cgi.rules)
1496 <-> WEB-CGI spin_client.cgi access (web-cgi.rules)
1501 <-> WEB-CGI a1stats a1disp3.cgi directory traversal attempt (web-cgi.rules)
1502 <-> WEB-CGI a1stats a1disp3.cgi access (web-cgi.rules)
1503 <-> WEB-CGI admentor admin.asp access (web-cgi.rules)
1505 <-> WEB-CGI alchemy http server PRN arbitrary command execution attempt (web-cgi.rules)
1506 <-> WEB-CGI alchemy http server NUL arbitrary command execution attempt (web-cgi.rules)
1507 <-> WEB-CGI alibaba.pl arbitrary command execution attempt (web-cgi.rules)
1508 <-> WEB-CGI alibaba.pl access (web-cgi.rules)
1509 <-> WEB-CGI AltaVista Intranet Search directory traversal attempt (web-cgi.rules)
1510 <-> WEB-CGI test.bat arbitrary command execution attempt (web-cgi.rules)
1511 <-> WEB-CGI test.bat access (web-cgi.rules)
1512 <-> WEB-CGI input.bat arbitrary command execution attempt (web-cgi.rules)
1513 <-> WEB-CGI input.bat access (web-cgi.rules)
1514 <-> WEB-CGI input2.bat arbitrary command execution attempt (web-cgi.rules)
1515 <-> WEB-CGI input2.bat access (web-cgi.rules)
1516 <-> WEB-CGI envout.bat arbitrary command execution attempt (web-cgi.rules)
1517 <-> WEB-CGI envout.bat access (web-cgi.rules)
1531 <-> WEB-CGI bb-hist.sh attempt (web-cgi.rules)
1532 <-> WEB-CGI bb-hostscv.sh attempt (web-cgi.rules)
1533 <-> WEB-CGI bb-hostscv.sh access (web-cgi.rules)
1534 <-> WEB-CGI agora.cgi attempt (web-cgi.rules)
1535 <-> WEB-CGI bizdbsearch access (web-cgi.rules)
1536 <-> WEB-CGI calendar_admin.pl arbitrary command execution attempt (web-cgi.rules)
1537 <-> WEB-CGI calendar_admin.pl access (web-cgi.rules)
1539 <-> WEB-CGI /cgi-bin/ls access (web-cgi.rules)
1542 <-> WEB-CGI cgimail access (web-cgi.rules)
1543 <-> WEB-CGI cgiwrap access (web-cgi.rules)
1547 <-> WEB-CGI csSearch.cgi arbitrary command execution attempt (web-cgi.rules)
1548 <-> WEB-CGI csSearch.cgi access (web-cgi.rules)
1554 <-> WEB-CGI dbman db.cgi access (web-cgi.rules)
1555 <-> WEB-CGI DCShop access (web-cgi.rules)
1556 <-> WEB-CGI DCShop orders.txt access (web-cgi.rules)
1557 <-> WEB-CGI DCShop auth_user_file.txt access (web-cgi.rules)
1565 <-> WEB-CGI eshop.pl arbitrary commane execution attempt (web-cgi.rules)
1566 <-> WEB-CGI eshop.pl access (web-cgi.rules)
1569 <-> WEB-CGI loadpage.cgi directory traversal attempt (web-cgi.rules)
1570 <-> WEB-CGI loadpage.cgi access (web-cgi.rules)
1571 <-> WEB-CGI dcforum.cgi directory traversal attempt (web-cgi.rules)
1572 <-> WEB-CGI commerce.cgi arbitrary file access attempt (web-cgi.rules)
1573 <-> WEB-CGI cgiforum.pl attempt (web-cgi.rules)
1574 <-> WEB-CGI directorypro.cgi attempt (web-cgi.rules)
1590 <-> WEB-CGI faqmanager.cgi arbitrary file access attempt (web-cgi.rules)
1591 <-> WEB-CGI faqmanager.cgi access (web-cgi.rules)
1592 <-> WEB-CGI /fcgi-bin/echo.exe access (web-cgi.rules)
1593 <-> WEB-CGI FormHandler.cgi external site redirection attempt (web-cgi.rules)
1594 <-> WEB-CGI FormHandler.cgi access (web-cgi.rules)
1597 <-> WEB-CGI guestbook.cgi access (web-cgi.rules)
1598 <-> WEB-CGI Home Free search.cgi directory traversal attempt (web-cgi.rules)
1599 <-> WEB-CGI search.cgi access (web-cgi.rules)
1600 <-> WEB-CGI htsearch arbitrary configuration file attempt (web-cgi.rules)
1601 <-> WEB-CGI htsearch arbitrary file read attempt (web-cgi.rules)
1602 <-> WEB-CGI htsearch access (web-cgi.rules)
1606 <-> WEB-CGI icat access (web-cgi.rules)
1607 <-> WEB-CGI HyperSeek hsx.cgi access (web-cgi.rules)
1608 <-> WEB-CGI htmlscript attempt (web-cgi.rules)
1610 <-> WEB-CGI formmail arbitrary command execution attempt (web-cgi.rules)
1611 <-> WEB-CGI eXtropia webstore access (web-cgi.rules)
1617 <-> WEB-CGI Bugzilla doeditvotes.cgi access (web-cgi.rules)
1628 <-> WEB-CGI FormHandler.cgi directory traversal attempt attempt (web-cgi.rules)
1637 <-> WEB-CGI yabb access (web-cgi.rules)
1642 <-> WEB-CGI document.d2w access (web-cgi.rules)
1643 <-> WEB-CGI db2www access (web-cgi.rules)
1644 <-> WEB-CGI test-cgi attempt (web-cgi.rules)
1645 <-> WEB-CGI testcgi access (web-cgi.rules)
1646 <-> WEB-CGI test.cgi access (web-cgi.rules)
1648 <-> WEB-CGI perl.exe command attempt (web-cgi.rules)
1649 <-> WEB-CGI perl command attempt (web-cgi.rules)
1650 <-> WEB-CGI tst.bat access (web-cgi.rules)
1651 <-> WEB-CGI environ.pl access (web-cgi.rules)
1652 <-> WEB-CGI campas attempt (web-cgi.rules)
1654 <-> WEB-CGI cart32.exe access (web-cgi.rules)
1655 <-> WEB-CGI pfdispaly.cgi arbitrary command execution attempt (web-cgi.rules)
1656 <-> WEB-CGI pfdispaly.cgi access (web-cgi.rules)
1657 <-> WEB-CGI pagelog.cgi directory traversal attempt (web-cgi.rules)
1658 <-> WEB-CGI pagelog.cgi access (web-cgi.rules)
1668 <-> WEB-CGI /cgi-bin/ access (web-cgi.rules)
1669 <-> WEB-CGI /cgi-dos/ access (web-cgi.rules)
1700 <-> WEB-CGI imagemap.exe access (web-cgi.rules)
1701 <-> WEB-CGI calendar-admin.pl access (web-cgi.rules)
1702 <-> WEB-CGI Amaya templates sendtemp.pl access (web-cgi.rules)
1703 <-> WEB-CGI auktion.cgi directory traversal attempt (web-cgi.rules)
1704 <-> WEB-CGI cal_make.pl directory traversal attempt (web-cgi.rules)
1705 <-> WEB-CGI echo.bat arbitrary command execution attempt (web-cgi.rules)
1706 <-> WEB-CGI echo.bat access (web-cgi.rules)
1707 <-> WEB-CGI hello.bat arbitrary command execution attempt (web-cgi.rules)
1708 <-> WEB-CGI hello.bat access (web-cgi.rules)
1709 <-> WEB-CGI ad.cgi access (web-cgi.rules)
1710 <-> WEB-CGI bbs_forum.cgi access (web-cgi.rules)
1711 <-> WEB-CGI bsguest.cgi access (web-cgi.rules)
1712 <-> WEB-CGI bslist.cgi access (web-cgi.rules)
1713 <-> WEB-CGI cgforum.cgi access (web-cgi.rules)
1714 <-> WEB-CGI newdesk access (web-cgi.rules)
1715 <-> WEB-CGI register.cgi access (web-cgi.rules)
1716 <-> WEB-CGI gbook.cgi access (web-cgi.rules)
1717 <-> WEB-CGI simplestguest.cgi access (web-cgi.rules)
1718 <-> WEB-CGI statsconfig.pl access (web-cgi.rules)
1719 <-> WEB-CGI talkback.cgi directory traversal attempt (web-cgi.rules)
1720 <-> WEB-CGI talkback.cgi access (web-cgi.rules)
1721 <-> WEB-CGI adcycle access (web-cgi.rules)
1722 <-> WEB-CGI MachineInfo access (web-cgi.rules)
1723 <-> WEB-CGI emumail.cgi NULL attempt (web-cgi.rules)
1724 <-> WEB-CGI emumail.cgi access (web-cgi.rules)
1727 <-> WEB-CGI SGI InfoSearch fname access (web-cgi.rules)
1730 <-> WEB-CGI ustorekeeper.pl directory traversal attempt (web-cgi.rules)
1731 <-> WEB-CGI a1stats access (web-cgi.rules)
1732 <-> RPC portmap rwalld request UDP (rpc.rules)
1733 <-> RPC portmap rwalld request TCP (rpc.rules)
1746 <-> RPC portmap cachefsd request UDP (rpc.rules)
1747 <-> RPC portmap cachefsd request TCP (rpc.rules)
1762 <-> WEB-CGI phf arbitrary command execution attempt (web-cgi.rules)
1763 <-> WEB-CGI Nortel Contivity cgiproc DOS attempt (web-cgi.rules)
1764 <-> WEB-CGI Nortel Contivity cgiproc DOS attempt (web-cgi.rules)
1765 <-> WEB-CGI Nortel Contivity cgiproc access (web-cgi.rules)
1787 <-> WEB-CGI csPassword.cgi access (web-cgi.rules)
1788 <-> WEB-CGI csPassword password.cgi.tmp access (web-cgi.rules)
1805 <-> WEB-CGI Oracle reports CGI access (web-cgi.rules)
1822 <-> WEB-CGI alienform.cgi directory traversal attempt (web-cgi.rules)
1823 <-> WEB-CGI AlienForm af.cgi directory traversal attempt (web-cgi.rules)
1824 <-> WEB-CGI alienform.cgi access (web-cgi.rules)
1825 <-> WEB-CGI AlienForm af.cgi access (web-cgi.rules)
1850 <-> WEB-CGI way-board.cgi access (web-cgi.rules)
1862 <-> WEB-CGI mrtg.cgi directory traversal attempt (web-cgi.rules)
1865 <-> WEB-CGI webdist.cgi arbitrary command attempt (web-cgi.rules)
1868 <-> WEB-CGI story.pl arbitrary file read attempt (web-cgi.rules)
1869 <-> WEB-CGI story.pl access (web-cgi.rules)
1870 <-> WEB-CGI siteUserMod.cgi access (web-cgi.rules)
1875 <-> WEB-CGI cgicso access (web-cgi.rules)
1876 <-> WEB-CGI nph-publish.cgi access (web-cgi.rules)
1877 <-> WEB-CGI printenv access (web-cgi.rules)
1878 <-> WEB-CGI sdbsearch.cgi access (web-cgi.rules)
1879 <-> WEB-CGI book.cgi arbitrary command execution attempt (web-cgi.rules)
1890 <-> RPC status GHBN format string attack (rpc.rules)
1891 <-> RPC status GHBN format string attack (rpc.rules)
1892 <-> SNMP null community string attempt (snmp.rules)
1893 <-> SNMP missing community string attempt (snmp.rules)
1905 <-> RPC AMD UDP amqproc_mount plog overflow attempt (rpc.rules)
1906 <-> RPC AMD TCP amqproc_mount plog overflow attempt (rpc.rules)
1907 <-> RPC CMSD UDP CMSD_CREATE buffer overflow attempt (rpc.rules)
1908 <-> RPC CMSD TCP CMSD_CREATE buffer overflow attempt (rpc.rules)
1909 <-> RPC CMSD TCP CMSD_INSERT buffer overflow attempt (rpc.rules)
1910 <-> RPC CMSD udp CMSD_INSERT buffer overflow attempt (rpc.rules)
1911 <-> RPC sadmind UDP NETMGT_PROC_SERVICE CLIENT_DOMAIN overflow attempt (rpc.rules)
1912 <-> RPC sadmind TCP NETMGT_PROC_SERVICE CLIENT_DOMAIN overflow attempt (rpc.rules)
1913 <-> RPC STATD UDP stat mon_name format string exploit attempt (rpc.rules)
1914 <-> RPC STATD TCP stat mon_name format string exploit attempt (rpc.rules)
1915 <-> RPC STATD UDP monitor mon_name format string exploit attempt (rpc.rules)
1916 <-> RPC STATD TCP monitor mon_name format string exploit attempt (rpc.rules)
1922 <-> RPC portmap proxy attempt TCP (rpc.rules)
1923 <-> RPC portmap proxy attempt UDP (rpc.rules)
1924 <-> RPC mountd UDP export request (rpc.rules)
1925 <-> RPC mountd TCP exportall request (rpc.rules)
1926 <-> RPC mountd UDP exportall request (rpc.rules)
1931 <-> WEB-CGI rpc-nlog.pl access (web-cgi.rules)
1932 <-> WEB-CGI rpc-smb.pl access (web-cgi.rules)
1933 <-> WEB-CGI cart.cgi access (web-cgi.rules)
1941 <-> TFTP GET filename overflow attempt (tftp.rules)
1949 <-> RPC portmap SET attempt TCP 111 (rpc.rules)
1950 <-> RPC portmap SET attempt UDP 111 (rpc.rules)
1951 <-> RPC mountd TCP mount request (rpc.rules)
1952 <-> RPC mountd UDP mount request (rpc.rules)
1953 <-> RPC AMD TCP pid request (rpc.rules)
1954 <-> RPC AMD UDP pid request (rpc.rules)
1955 <-> RPC AMD TCP version request (rpc.rules)
1956 <-> RPC AMD UDP version request (rpc.rules)
1957 <-> RPC sadmind UDP PING (rpc.rules)
1958 <-> RPC sadmind TCP PING (rpc.rules)
1959 <-> RPC portmap NFS request UDP (rpc.rules)
1960 <-> RPC portmap NFS request TCP (rpc.rules)
1961 <-> RPC portmap RQUOTA request UDP (rpc.rules)
1962 <-> RPC portmap RQUOTA request TCP (rpc.rules)
1963 <-> RPC RQUOTA getquota overflow attempt UDP (rpc.rules)
1964 <-> RPC tooltalk UDP overflow attempt (rpc.rules)
1965 <-> RPC tooltalk TCP overflow attempt (rpc.rules)
1994 <-> WEB-CGI vpasswd.cgi access (web-cgi.rules)
1995 <-> WEB-CGI alya.cgi access (web-cgi.rules)
1996 <-> WEB-CGI viralator.cgi access (web-cgi.rules)
2001 <-> WEB-CGI smartsearch.cgi access (web-cgi.rules)
2005 <-> RPC portmap kcms_server request UDP (rpc.rules)
2006 <-> RPC portmap kcms_server request TCP (rpc.rules)
2007 <-> RPC kcms_server directory traversal attempt (rpc.rules)
2014 <-> RPC portmap UNSET attempt TCP 111 (rpc.rules)
2015 <-> RPC portmap UNSET attempt UDP 111 (rpc.rules)
2016 <-> RPC portmap status request TCP (rpc.rules)
2017 <-> RPC portmap espd request UDP (rpc.rules)
2018 <-> RPC mountd TCP dump request (rpc.rules)
2019 <-> RPC mountd UDP dump request (rpc.rules)
2020 <-> RPC mountd TCP unmount request (rpc.rules)
2021 <-> RPC mountd UDP unmount request (rpc.rules)
2022 <-> RPC mountd TCP unmountall request (rpc.rules)
2023 <-> RPC mountd UDP unmountall request (rpc.rules)
2024 <-> RPC RQUOTA getquota overflow attempt TCP (rpc.rules)
2025 <-> RPC yppasswd username overflow attempt UDP (rpc.rules)
2026 <-> RPC yppasswd username overflow attempt TCP (rpc.rules)
2027 <-> RPC yppasswd old password overflow attempt UDP (rpc.rules)
2028 <-> RPC yppasswd old password overflow attempt TCP (rpc.rules)
2029 <-> RPC yppasswd new password overflow attempt UDP (rpc.rules)
2030 <-> RPC yppasswd new password overflow attempt TCP (rpc.rules)
2031 <-> RPC yppasswd user update UDP (rpc.rules)
2032 <-> RPC yppasswd user update TCP (rpc.rules)
2033 <-> RPC ypserv maplist request UDP (rpc.rules)
2034 <-> RPC ypserv maplist request TCP (rpc.rules)
2035 <-> RPC portmap network-status-monitor request UDP (rpc.rules)
2036 <-> RPC portmap network-status-monitor request TCP (rpc.rules)
2037 <-> RPC network-status-monitor mon-callback request UDP (rpc.rules)
2038 <-> RPC network-status-monitor mon-callback request TCP (rpc.rules)
2045 <-> RPC snmpXdmi overflow attempt UDP (rpc.rules)
2051 <-> WEB-CGI cached_feed.cgi moreover shopping cart access (web-cgi.rules)
2052 <-> WEB-CGI overflow.cgi access (web-cgi.rules)
2053 <-> WEB-CGI process_bug.cgi access (web-cgi.rules)
2054 <-> WEB-CGI enter_bug.cgi arbitrary command attempt (web-cgi.rules)
2055 <-> WEB-CGI enter_bug.cgi access (web-cgi.rules)
2079 <-> RPC portmap nlockmgr request UDP (rpc.rules)
2080 <-> RPC portmap nlockmgr request TCP (rpc.rules)
2081 <-> RPC portmap rpc.xfsmd request UDP (rpc.rules)
2082 <-> RPC portmap rpc.xfsmd request TCP (rpc.rules)
2083 <-> RPC rpc.xfsmd xfs_export attempt UDP (rpc.rules)
2084 <-> RPC rpc.xfsmd xfs_export attempt TCP (rpc.rules)
2085 <-> WEB-CGI parse_xml.cgi access (web-cgi.rules)
2086 <-> WEB-CGI streaming server parse_xml.cgi access (web-cgi.rules)
2088 <-> RPC ypupdated arbitrary command attempt UDP (rpc.rules)
2089 <-> RPC ypupdated arbitrary command attempt TCP (rpc.rules)
2092 <-> RPC portmap proxy integer overflow attempt UDP (rpc.rules)
2093 <-> RPC portmap proxy integer overflow attempt TCP (rpc.rules)
2094 <-> RPC CMSD UDP CMSD_CREATE array buffer overflow attempt (rpc.rules)
2095 <-> RPC CMSD TCP CMSD_CREATE array buffer overflow attempt (rpc.rules)
2115 <-> WEB-CGI album.pl access (web-cgi.rules)
2116 <-> WEB-CGI chipcfg.cgi access (web-cgi.rules)
2127 <-> WEB-CGI ikonboard.cgi access (web-cgi.rules)
2128 <-> WEB-CGI swsrv.cgi access (web-cgi.rules)
2184 <-> RPC mountd TCP mount path overflow attempt (rpc.rules)
2185 <-> RPC mountd UDP mount path overflow attempt (rpc.rules)
2194 <-> WEB-CGI CSMailto.cgi access (web-cgi.rules)
2195 <-> WEB-CGI alert.cgi access (web-cgi.rules)
2196 <-> WEB-CGI catgy.cgi access (web-cgi.rules)
2197 <-> WEB-CGI cvsview2.cgi access (web-cgi.rules)
2198 <-> WEB-CGI cvslog.cgi access (web-cgi.rules)
2199 <-> WEB-CGI multidiff.cgi access (web-cgi.rules)
2200 <-> WEB-CGI dnewsweb.cgi access (web-cgi.rules)
2201 <-> WEB-CGI download.cgi access (web-cgi.rules)
2202 <-> WEB-CGI edit_action.cgi access (web-cgi.rules)
2203 <-> WEB-CGI everythingform.cgi access (web-cgi.rules)
2204 <-> WEB-CGI ezadmin.cgi access (web-cgi.rules)
2205 <-> WEB-CGI ezboard.cgi access (web-cgi.rules)
2206 <-> WEB-CGI ezman.cgi access (web-cgi.rules)
2207 <-> WEB-CGI fileseek.cgi access (web-cgi.rules)
2208 <-> WEB-CGI fom.cgi access (web-cgi.rules)
2209 <-> WEB-CGI getdoc.cgi access (web-cgi.rules)
2210 <-> WEB-CGI global.cgi access (web-cgi.rules)
2211 <-> WEB-CGI guestserver.cgi access (web-cgi.rules)
2212 <-> WEB-CGI imageFolio.cgi access (web-cgi.rules)
2213 <-> WEB-CGI mailfile.cgi access (web-cgi.rules)
2214 <-> WEB-CGI mailview.cgi access (web-cgi.rules)
2215 <-> WEB-CGI nsManager.cgi access (web-cgi.rules)
2216 <-> WEB-CGI readmail.cgi access (web-cgi.rules)
2217 <-> WEB-CGI printmail.cgi access (web-cgi.rules)
2218 <-> WEB-CGI service.cgi access (web-cgi.rules)
2219 <-> WEB-CGI setpasswd.cgi access (web-cgi.rules)
2220 <-> WEB-CGI simplestmail.cgi access (web-cgi.rules)
2221 <-> WEB-CGI ws_mail.cgi access (web-cgi.rules)
2222 <-> WEB-CGI nph-exploitscanget.cgi access (web-cgi.rules)
2223 <-> WEB-CGI csNews.cgi access (web-cgi.rules)
2224 <-> WEB-CGI psunami.cgi access (web-cgi.rules)
2225 <-> WEB-CGI gozila.cgi access (web-cgi.rules)
2255 <-> RPC sadmind query with root credentials attempt TCP (rpc.rules)
2256 <-> RPC sadmind query with root credentials attempt UDP (rpc.rules)
2323 <-> WEB-CGI quickstore.cgi access (web-cgi.rules)
2337 <-> TFTP PUT filename overflow attempt (tftp.rules)
2339 <-> TFTP NULL command attempt (tftp.rules)
2387 <-> WEB-CGI view_broadcast.cgi access (web-cgi.rules)
2388 <-> WEB-CGI streaming server view_broadcast.cgi access (web-cgi.rules)
2396 <-> WEB-CGI CCBill whereami.cgi arbitrary command execution attempt (web-cgi.rules)
2397 <-> WEB-CGI CCBill whereami.cgi access (web-cgi.rules)
2406 <-> TELNET APC SmartSlot default admin account attempt (telnet.rules)
2433 <-> WEB-CGI MDaemon form2raw.cgi overflow attempt (web-cgi.rules)
2434 <-> WEB-CGI MDaemon form2raw.cgi access (web-cgi.rules)
2436 <-> WEB-CLIENT Microsoft wmf metafile access (web-client.rules)
2567 <-> WEB-CGI Emumail init.emu access (web-cgi.rules)
2568 <-> WEB-CGI Emumail emumail.fcgi access (web-cgi.rules)
2663 <-> WEB-CGI WhatsUpGold instancename overflow attempt (web-cgi.rules)
2668 <-> WEB-CGI processit access (web-cgi.rules)
2669 <-> WEB-CGI ibillpm.pl access (web-cgi.rules)
2670 <-> WEB-CGI pgpmail.pl access (web-cgi.rules)
3062 <-> WEB-CGI NetScreen SA 5000 delhomepage.cgi access (web-cgi.rules)
3131 <-> WEB-CGI mailman directory traversal attempt (web-cgi.rules)
3147 <-> TELNET login buffer overflow attempt (telnet.rules)
3274 <-> TELNET login buffer non-evasive overflow attempt (telnet.rules)
3463 <-> WEB-CGI awstats access (web-cgi.rules)
3464 <-> WEB-CGI awstats.pl command execution attempt (web-cgi.rules)
3465 <-> WEB-CGI RiSearch show.pl proxy attempt (web-cgi.rules)
3468 <-> WEB-CGI math_sum.mscgi access (web-cgi.rules)
3469 <-> WEB-CGI Ipswitch WhatsUp Gold dos attempt (web-cgi.rules)
3533 <-> TELNET client LINEMODE SLC overflow attempt (telnet.rules)
3537 <-> TELNET client ENV OPT escape overflow attempt (telnet.rules)
3638 <-> WEB-CGI SoftCart.exe CGI buffer overflow attempt (web-cgi.rules)
3674 <-> WEB-CGI db4web_c directory traversal attempt (web-cgi.rules)
3687 <-> TELNET client ENV OPT USERVAR information disclosure (telnet.rules)
3688 <-> TELNET client ENV OPT VAR information disclosure (telnet.rules)
3690 <-> WEB-CGI Nucleus CMS action.php itemid SQL injection (web-cgi.rules)
3813 <-> WEB-CGI awstats.pl configdir command execution attempt (web-cgi.rules)
3817 <-> TFTP GET transfer mode overflow attempt (tftp.rules)
3818 <-> TFTP PUT transfer mode overflow attempt (tftp.rules)
4128 <-> WEB-CGI 4DWebstar ShellExample.cgi information disclosure (web-cgi.rules)
5318 <-> WEB-CLIENT wmf file arbitrary code execution attempt (web-client.rules)
5692 <-> P2P Skype client successful install (p2p.rules)
5693 <-> P2P Skype client start up get latest version attempt (p2p.rules)
5694 <-> P2P Skype client setup get newest version attempt (p2p.rules)
5998 <-> P2P Skype client login startup (p2p.rules)
5999 <-> P2P Skype client login (p2p.rules)
6000 <-> DELETED P2P Skype client login startup (deleted.rules)
6001 <-> DELETED P2P Skype client login (deleted.rules)
7829 <-> SPYWARE-PUT Adware gator user-agent detected (spyware-put.rules)
8084 <-> WEB-CGI CVSTrac filediff function access (web-cgi.rules)
9621 <-> TFTP 3COM server transport mode buffer overflow attempt (tftp.rules)
9623 <-> RPC UNIX authentication machinename string overflow attempt TCP (rpc.rules)
9624 <-> RPC UNIX authentication machinename string overflow attempt UDP (rpc.rules)
9638 <-> TFTP PUT Microsoft RIS filename overwrite attempt (tftp.rules)
10132 <-> RPC portmap BrightStor ARCserve denial of service attempt (rpc.rules)
10133 <-> RPC portmap BrightStor ARCserve denial of service attempt (rpc.rules)
10136 <-> TELNET Solaris login environment variable authentication bypass attempt (telnet.rules)
10172 <-> WEB-MISC uTorrent announce buffer overflow attempt (web-misc.rules)
10408 <-> RPC portmap HP-UX Single Logical Screen SLSD tcp request (rpc.rules)
10409 <-> RPC portmap HP-UX Single Logical Screen SLSD udp request (rpc.rules)
10410 <-> RPC portmap HP-UX Single Logical Screen SLSD tcp request (rpc.rules)
10411 <-> RPC portmap HP-UX Single Logical Screen SLSD udp request (rpc.rules)
10464 <-> TELNET kerberos login environment variable authentication bypass attempt (telnet.rules)
10482 <-> RPC portmap CA BrightStor ARCserve tcp request (rpc.rules)
10483 <-> RPC portmap CA BrightStor ARCserve udp request (rpc.rules)
10484 <-> RPC portmap CA BrightStor ARCserve tcp procedure 191 attempt (rpc.rules)
10485 <-> RPC portmap CA BrightStor ARCserve udp procedure 191 attempt (rpc.rules)
10999 <-> WEB-CGI chetcpasswd access (web-cgi.rules)
11288 <-> RPC portmap mountd tcp request (rpc.rules)
11289 <-> RPC portmap mountd tcp zero-length payload denial of service attempt (rpc.rules)
11817 <-> WEB-CGI WhatsUpGold configuration access (web-cgi.rules)
12046 <-> RPC MIT Kerberos kadmind RPC Library unix authentication buffer overflow attempt (rpc.rules)
12056 <-> WEB-CGI WhatsUpGold instancename overflow attempt (web-cgi.rules)
12057 <-> WEB-CGI WhatsUpGold configuration access (web-cgi.rules)
12075 <-> RPC MIT Kerberos kadmind rpc library uninitialized pointer arbitrary code execution attempt (rpc.rules)
12185 <-> RPC portmap 2112 tcp request (rpc.rules)
12186 <-> RPC portmap 2112 udp request (rpc.rules)
12187 <-> RPC portmap 2112 tcp rename_principal attempt (rpc.rules)
12188 <-> RPC portmap 2112 udp rename_principal attempt (rpc.rules)
12198 <-> SNMP MS Windows getbulk request (snmp.rules)
12203 <-> WEB-CLIENT VMWare Vielib.dll ActiveX clsid access (web-client.rules)
12204 <-> WEB-CLIENT VMWare Vielib.dll ActiveX clsid unicode access (web-client.rules)
12205 <-> WEB-CLIENT VMWare Vielib.dll ActiveX function call access (web-client.rules)
12206 <-> WEB-CLIENT VMWare Vielib.dll ActiveX function call unicode access (web-client.rules)
12219 <-> WEB-CLIENT SMIL RealPlayer wallclock parsing buffer overflow (web-client.rules)