Sourcefire VRT Rules Update

Date: 2008-09-09

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version CURRENT.

The format of the file is:

sid - Message (rule group)

New rules:
14054 <-> SPYWARE-PUT Adware AdwareALERT runtime detection - auto update (spyware-put.rules)
14055 <-> SPYWARE-PUT Hijacker rediff toolbar runtime detection - hijack ie auto search (spyware-put.rules)
14056 <-> SPYWARE-PUT Hijacker rediff toolbar runtime detection - get news info (spyware-put.rules)
14057 <-> SPYWARE-PUT Trackware murzilka2 runtime detection (spyware-put.rules)
14058 <-> SPYWARE-PUT Hijacker cpush 2 runtime detection - pass info to controlling server (spyware-put.rules)
14059 <-> SPYWARE-PUT Hijacker cpush 2 runtime detection - hijack ie home page (spyware-put.rules)
14060 <-> SPYWARE-PUT Hijacker cpush 2 runtime detection - auto update (spyware-put.rules)
14061 <-> SPYWARE-PUT Trickler antimalware guard runtime detection - order/register request (spyware-put.rules)
14062 <-> SPYWARE-PUT Trickler antimalware guard runtime detection - auto update (spyware-put.rules)
14063 <-> SPYWARE-PUT Hijacker cashon runtime detection - hijack ie searches (spyware-put.rules)
14064 <-> SPYWARE-PUT Hijacker cashon runtime detection - auto update (spyware-put.rules)
14065 <-> SPYWARE-PUT Keylogger emptybase j runtime detection (spyware-put.rules)
14066 <-> SPYWARE-PUT Adware winsecuredisc runtime detection (spyware-put.rules)
14067 <-> SPYWARE-PUT Adware swizzor runtime detection (spyware-put.rules)
14068 <-> SPYWARE-PUT Adware rond runtime detection (spyware-put.rules)
14069 <-> SPYWARE-PUT Adware brave sentry runtime detection - order request (spyware-put.rules)
14070 <-> SPYWARE-PUT Adware brave sentry runtime detection - self update (spyware-put.rules)
14071 <-> SPYWARE-PUT Hijacker Adware bho.gen runtime detection - pop-up window traffic #1 (spyware-put.rules)
14072 <-> SPYWARE-PUT Hijacker Adware bho.gen runtime detection - pop-up window traffic #2 (spyware-put.rules)
14073 <-> SPYWARE-PUT Hijacker Adware bho.gen runtime detection - prompt download page (spyware-put.rules)
14074 <-> SPYWARE-PUT Keylogger spybosspro 4.2 runtime detection (spyware-put.rules)
14075 <-> SPYWARE-PUT Keylogger ultimate Keylogger pro runtime detection (spyware-put.rules)
14076 <-> SPYWARE-PUT Hijacker Adware win32 mostofate runtime detection - hijack search (spyware-put.rules)
14077 <-> SPYWARE-PUT Hijacker Adware win32 mostofate runtime detection - redirect search results (spyware-put.rules)
14078 <-> SPYWARE-PUT Adware winspywareprotect runtime detection - download malicous code (spyware-put.rules)
14079 <-> SPYWARE-PUT Adware winspywareprotect runtime detection - connection to malicious sites (spyware-put.rules)
14080 <-> SPYWARE-PUT Adware winspywareprotect runtime detection - connection to malicious server (spyware-put.rules)
14081 <-> BACKDOOR trojan agent.aarm runtime detection - call home (backdoor.rules)
14082 <-> BACKDOOR trojan agent.aarm runtime detection - spread via spam (backdoor.rules)
14083 <-> BACKDOOR trojan agent.aarm runtime detection - download other malware (backdoor.rules)
14084 <-> BACKDOOR infostealer.banker.c runtime detection - download cfg.bin (backdoor.rules)
14085 <-> BACKDOOR infostealer.banker.c runtime detection - collect user info (backdoor.rules)
14086 <-> BACKDOOR Adware.Win32.Agent.BM runtime detection #1 (backdoor.rules)
14087 <-> BACKDOOR Adware.Win32.Agent.BM runtime detection #2 (backdoor.rules)
14088 <-> WEB-CLIENT Aurigma unspecified 1 ActiveX clsid access (web-client.rules)
14089 <-> WEB-CLIENT Aurigma unspecified 1 ActiveX clsid unicode access (web-client.rules)
14090 <-> WEB-CLIENT Aurigma unspecified 2 ActiveX clsid access (web-client.rules)
14091 <-> WEB-CLIENT Aurigma unspecified 2 ActiveX clsid unicode access (web-client.rules)
14092 <-> WEB-CLIENT Aurigma unspecified 3 ActiveX clsid access (web-client.rules)
14093 <-> WEB-CLIENT Aurigma unspecified 3 ActiveX clsid unicode access (web-client.rules)
14094 <-> WEB-CLIENT Aurigma unspecified 4 ActiveX clsid access (web-client.rules)
14095 <-> WEB-CLIENT Aurigma unspecified 4 ActiveX clsid unicode access (web-client.rules)
14096 <-> WEB-CLIENT Aurigma unspecified 5 ActiveX clsid access (web-client.rules)
14097 <-> WEB-CLIENT Aurigma unspecified 5 ActiveX clsid unicode access (web-client.rules)
14098 <-> WEB-CLIENT Aurigma unspecified 6 ActiveX clsid access (web-client.rules)
14099 <-> WEB-CLIENT Aurigma unspecified 6 ActiveX clsid unicode access (web-client.rules)
14100 <-> WEB-CLIENT Aurigma unspecified 7 ActiveX clsid access (web-client.rules)
14101 <-> WEB-CLIENT Aurigma unspecified 7 ActiveX clsid unicode access (web-client.rules)
14102 <-> WEB-CLIENT Aurigma unspecified 8 ActiveX clsid access (web-client.rules)
14103 <-> WEB-CLIENT Aurigma unspecified 8 ActiveX clsid unicode access (web-client.rules)
14104 <-> WEB-CLIENT Aurigma unspecified 9 ActiveX clsid access (web-client.rules)
14105 <-> WEB-CLIENT Aurigma unspecified 9 ActiveX clsid unicode access (web-client.rules)
14106 <-> WEB-CLIENT Aurigma unspecified 10 ActiveX clsid access (web-client.rules)
14107 <-> WEB-CLIENT Aurigma unspecified 10 ActiveX clsid unicode access (web-client.rules)
14108 <-> WEB-CLIENT Aurigma unspecified 11 ActiveX clsid access (web-client.rules)
14109 <-> WEB-CLIENT Aurigma unspecified 11 ActiveX clsid unicode access (web-client.rules)
14110 <-> WEB-CLIENT Aurigma unspecified 12 ActiveX clsid access (web-client.rules)
14111 <-> WEB-CLIENT Aurigma unspecified 12 ActiveX clsid unicode access (web-client.rules)
14112 <-> WEB-CLIENT Aurigma unspecified 13 ActiveX clsid access (web-client.rules)
14113 <-> WEB-CLIENT Aurigma unspecified 13 ActiveX clsid unicode access (web-client.rules)
14114 <-> WEB-CLIENT Aurigma unspecified 14 ActiveX clsid access (web-client.rules)
14115 <-> WEB-CLIENT Aurigma unspecified 14 ActiveX clsid unicode access (web-client.rules)
14116 <-> WEB-CLIENT Aurigma unspecified 15 ActiveX clsid access (web-client.rules)
14117 <-> WEB-CLIENT Aurigma unspecified 15 ActiveX clsid unicode access (web-client.rules)
14118 <-> WEB-CLIENT Aurigma unspecified 16 ActiveX clsid access (web-client.rules)
14119 <-> WEB-CLIENT Aurigma unspecified 16 ActiveX clsid unicode access (web-client.rules)
14120 <-> WEB-CLIENT Aurigma unspecified 17 ActiveX clsid access (web-client.rules)
14121 <-> WEB-CLIENT Aurigma unspecified 17 ActiveX clsid unicode access (web-client.rules)
14122 <-> WEB-CLIENT Aurigma unspecified 18 ActiveX clsid access (web-client.rules)
14123 <-> WEB-CLIENT Aurigma unspecified 18 ActiveX clsid unicode access (web-client.rules)
14124 <-> WEB-CLIENT Aurigma unspecified 19 ActiveX clsid access (web-client.rules)
14125 <-> WEB-CLIENT Aurigma unspecified 19 ActiveX clsid unicode access (web-client.rules)
14126 <-> WEB-CLIENT Aurigma unspecified 20 ActiveX clsid access (web-client.rules)
14127 <-> WEB-CLIENT Aurigma unspecified 20 ActiveX clsid unicode access (web-client.rules)
14128 <-> WEB-CLIENT Aurigma unspecified 21 ActiveX clsid access (web-client.rules)
14129 <-> WEB-CLIENT Aurigma unspecified 21 ActiveX clsid unicode access (web-client.rules)
14130 <-> WEB-CLIENT Aurigma unspecified 22 ActiveX clsid access (web-client.rules)
14131 <-> WEB-CLIENT Aurigma unspecified 22 ActiveX clsid unicode access (web-client.rules)
14132 <-> WEB-CLIENT Aurigma unspecified 23 ActiveX clsid access (web-client.rules)
14133 <-> WEB-CLIENT Aurigma unspecified 23 ActiveX clsid unicode access (web-client.rules)
14134 <-> WEB-CLIENT Aurigma unspecified 24 ActiveX clsid access (web-client.rules)
14135 <-> WEB-CLIENT Aurigma unspecified 24 ActiveX clsid unicode access (web-client.rules)
14136 <-> WEB-CLIENT Aurigma unspecified 25 ActiveX clsid access (web-client.rules)
14137 <-> WEB-CLIENT Aurigma unspecified 25 ActiveX clsid unicode access (web-client.rules)
14138 <-> WEB-CLIENT Aurigma unspecified 26 ActiveX clsid access (web-client.rules)
14139 <-> WEB-CLIENT Aurigma unspecified 26 ActiveX clsid unicode access (web-client.rules)
14140 <-> WEB-CLIENT Aurigma unspecified 27 ActiveX clsid access (web-client.rules)
14141 <-> WEB-CLIENT Aurigma unspecified 27 ActiveX clsid unicode access (web-client.rules)
14142 <-> WEB-CLIENT Aurigma unspecified 28 ActiveX clsid access (web-client.rules)
14143 <-> WEB-CLIENT Aurigma unspecified 28 ActiveX clsid unicode access (web-client.rules)
14144 <-> WEB-CLIENT Aurigma unspecified 29 ActiveX clsid access (web-client.rules)
14145 <-> WEB-CLIENT Aurigma unspecified 29 ActiveX clsid unicode access (web-client.rules)
14146 <-> WEB-CLIENT Aurigma unspecified 30 ActiveX clsid access (web-client.rules)
14147 <-> WEB-CLIENT Aurigma unspecified 30 ActiveX clsid unicode access (web-client.rules)
14148 <-> WEB-CLIENT Aurigma unspecified 31 ActiveX clsid access (web-client.rules)
14149 <-> WEB-CLIENT Aurigma unspecified 31 ActiveX clsid unicode access (web-client.rules)
14150 <-> WEB-CLIENT Aurigma unspecified 32 ActiveX clsid access (web-client.rules)
14151 <-> WEB-CLIENT Aurigma unspecified 32 ActiveX clsid unicode access (web-client.rules)
14152 <-> WEB-CLIENT Aurigma unspecified 33 ActiveX clsid access (web-client.rules)
14153 <-> WEB-CLIENT Aurigma unspecified 33 ActiveX clsid unicode access (web-client.rules)
14154 <-> WEB-CLIENT Aurigma unspecified 34 ActiveX clsid access (web-client.rules)
14155 <-> WEB-CLIENT Aurigma unspecified 34 ActiveX clsid unicode access (web-client.rules)
14156 <-> WEB-CLIENT Aurigma unspecified 35 ActiveX clsid access (web-client.rules)
14157 <-> WEB-CLIENT Aurigma unspecified 35 ActiveX clsid unicode access (web-client.rules)
14158 <-> WEB-CLIENT Aurigma unspecified 36 ActiveX clsid access (web-client.rules)
14159 <-> WEB-CLIENT Aurigma unspecified 36 ActiveX clsid unicode access (web-client.rules)
14160 <-> WEB-CLIENT Aurigma unspecified 37 ActiveX clsid access (web-client.rules)
14161 <-> WEB-CLIENT Aurigma unspecified 37 ActiveX clsid unicode access (web-client.rules)
14162 <-> WEB-CLIENT Aurigma unspecified 38 ActiveX clsid access (web-client.rules)
14163 <-> WEB-CLIENT Aurigma unspecified 38 ActiveX clsid unicode access (web-client.rules)
14164 <-> WEB-CLIENT Aurigma unspecified 39 ActiveX clsid access (web-client.rules)
14165 <-> WEB-CLIENT Aurigma unspecified 39 ActiveX clsid unicode access (web-client.rules)
14166 <-> WEB-CLIENT Aurigma unspecified 40 ActiveX clsid access (web-client.rules)
14167 <-> WEB-CLIENT Aurigma unspecified 40 ActiveX clsid unicode access (web-client.rules)
14168 <-> WEB-CLIENT Aurigma unspecified 41 ActiveX clsid access (web-client.rules)
14169 <-> WEB-CLIENT Aurigma unspecified 41 ActiveX clsid unicode access (web-client.rules)
14170 <-> WEB-CLIENT Aurigma unspecified 42 ActiveX clsid access (web-client.rules)
14171 <-> WEB-CLIENT Aurigma unspecified 42 ActiveX clsid unicode access (web-client.rules)
14172 <-> WEB-CLIENT Aurigma unspecified 43 ActiveX clsid access (web-client.rules)
14173 <-> WEB-CLIENT Aurigma unspecified 43 ActiveX clsid unicode access (web-client.rules)
14174 <-> WEB-CLIENT Aurigma unspecified 44 ActiveX clsid access (web-client.rules)
14175 <-> WEB-CLIENT Aurigma unspecified 44 ActiveX clsid unicode access (web-client.rules)
14176 <-> WEB-CLIENT Aurigma unspecified 45 ActiveX clsid access (web-client.rules)
14177 <-> WEB-CLIENT Aurigma unspecified 45 ActiveX clsid unicode access (web-client.rules)
14178 <-> WEB-CLIENT Aurigma unspecified 46 ActiveX clsid access (web-client.rules)
14179 <-> WEB-CLIENT Aurigma unspecified 46 ActiveX clsid unicode access (web-client.rules)
14180 <-> WEB-CLIENT Aurigma unspecified 47 ActiveX clsid access (web-client.rules)
14181 <-> WEB-CLIENT Aurigma unspecified 47 ActiveX clsid unicode access (web-client.rules)
14182 <-> WEB-CLIENT Aurigma unspecified 48 ActiveX clsid access (web-client.rules)
14183 <-> WEB-CLIENT Aurigma unspecified 48 ActiveX clsid unicode access (web-client.rules)
14184 <-> WEB-CLIENT Aurigma unspecified 49 ActiveX clsid access (web-client.rules)
14185 <-> WEB-CLIENT Aurigma unspecified 49 ActiveX clsid unicode access (web-client.rules)
14186 <-> WEB-CLIENT Aurigma unspecified 50 ActiveX clsid access (web-client.rules)
14187 <-> WEB-CLIENT Aurigma unspecified 50 ActiveX clsid unicode access (web-client.rules)
14188 <-> WEB-CLIENT Aurigma unspecified 51 ActiveX clsid access (web-client.rules)
14189 <-> WEB-CLIENT Aurigma unspecified 51 ActiveX clsid unicode access (web-client.rules)
14190 <-> WEB-CLIENT Aurigma unspecified 52 ActiveX clsid access (web-client.rules)
14191 <-> WEB-CLIENT Aurigma unspecified 52 ActiveX clsid unicode access (web-client.rules)
14192 <-> WEB-CLIENT Aurigma unspecified 53 ActiveX clsid access (web-client.rules)
14193 <-> WEB-CLIENT Aurigma unspecified 53 ActiveX clsid unicode access (web-client.rules)
14194 <-> WEB-CLIENT Aurigma unspecified 54 ActiveX clsid access (web-client.rules)
14195 <-> WEB-CLIENT Aurigma unspecified 54 ActiveX clsid unicode access (web-client.rules)
14196 <-> WEB-CLIENT Aurigma unspecified 55 ActiveX clsid access (web-client.rules)
14197 <-> WEB-CLIENT Aurigma unspecified 55 ActiveX clsid unicode access (web-client.rules)
14198 <-> WEB-CLIENT Aurigma unspecified 56 ActiveX clsid access (web-client.rules)
14199 <-> WEB-CLIENT Aurigma unspecified 56 ActiveX clsid unicode access (web-client.rules)
14200 <-> WEB-CLIENT Aurigma unspecified 57 ActiveX clsid access (web-client.rules)
14201 <-> WEB-CLIENT Aurigma unspecified 57 ActiveX clsid unicode access (web-client.rules)
14202 <-> WEB-CLIENT Aurigma unspecified 58 ActiveX clsid access (web-client.rules)
14203 <-> WEB-CLIENT Aurigma unspecified 58 ActiveX clsid unicode access (web-client.rules)
14204 <-> WEB-CLIENT Aurigma unspecified 59 ActiveX clsid access (web-client.rules)
14205 <-> WEB-CLIENT Aurigma unspecified 59 ActiveX clsid unicode access (web-client.rules)
14206 <-> WEB-CLIENT Aurigma unspecified 60 ActiveX clsid access (web-client.rules)
14207 <-> WEB-CLIENT Aurigma unspecified 60 ActiveX clsid unicode access (web-client.rules)
14208 <-> WEB-CLIENT Aurigma unspecified 61 ActiveX clsid access (web-client.rules)
14209 <-> WEB-CLIENT Aurigma unspecified 61 ActiveX clsid unicode access (web-client.rules)
14210 <-> WEB-CLIENT Aurigma unspecified 62 ActiveX clsid access (web-client.rules)
14211 <-> WEB-CLIENT Aurigma unspecified 62 ActiveX clsid unicode access (web-client.rules)
14212 <-> WEB-CLIENT Aurigma unspecified 63 ActiveX clsid access (web-client.rules)
14213 <-> WEB-CLIENT Aurigma unspecified 63 ActiveX clsid unicode access (web-client.rules)
14214 <-> WEB-CLIENT Aurigma unspecified 64 ActiveX clsid access (web-client.rules)
14215 <-> WEB-CLIENT Aurigma unspecified 64 ActiveX clsid unicode access (web-client.rules)
14216 <-> WEB-CLIENT Aurigma unspecified 65 ActiveX clsid access (web-client.rules)
14217 <-> WEB-CLIENT Aurigma unspecified 65 ActiveX clsid unicode access (web-client.rules)
14218 <-> WEB-CLIENT Aurigma unspecified 66 ActiveX clsid access (web-client.rules)
14219 <-> WEB-CLIENT Aurigma unspecified 66 ActiveX clsid unicode access (web-client.rules)
14220 <-> WEB-CLIENT Aurigma unspecified 67 ActiveX clsid access (web-client.rules)
14221 <-> WEB-CLIENT Aurigma unspecified 67 ActiveX clsid unicode access (web-client.rules)
14222 <-> WEB-CLIENT Aurigma unspecified 68 ActiveX clsid access (web-client.rules)
14223 <-> WEB-CLIENT Aurigma unspecified 68 ActiveX clsid unicode access (web-client.rules)
14224 <-> WEB-CLIENT Aurigma unspecified 69 ActiveX clsid access (web-client.rules)
14225 <-> WEB-CLIENT Aurigma unspecified 69 ActiveX clsid unicode access (web-client.rules)
14226 <-> WEB-CLIENT Aurigma unspecified 70 ActiveX clsid access (web-client.rules)
14227 <-> WEB-CLIENT Aurigma unspecified 70 ActiveX clsid unicode access (web-client.rules)
14228 <-> WEB-CLIENT Aurigma unspecified 71 ActiveX clsid access (web-client.rules)
14229 <-> WEB-CLIENT Aurigma unspecified 71 ActiveX clsid unicode access (web-client.rules)
14230 <-> EXPLOIT SAP DB web server stack overflow attempt (exploit.rules)
14231 <-> WEB-CLIENT SoftArtisans XFile FileManager ActiveX clsid access (web-client.rules)
14232 <-> WEB-CLIENT SoftArtisans XFile FileManager ActiveX clsid unicode access (web-client.rules)
14233 <-> WEB-CLIENT SoftArtisans XFile FileManager ActiveX function call access (web-client.rules)
14234 <-> WEB-CLIENT SoftArtisans XFile FileManager ActiveX function call unicode access (web-client.rules)
14235 <-> WEB-CLIENT Microsoft Windows Media Services ActiveX clsid access (web-client.rules)
14236 <-> WEB-CLIENT Microsoft Windows Media Services ActiveX clsid unicode access (web-client.rules)
14237 <-> WEB-CLIENT Microsoft Windows Media Services ActiveX function call access (web-client.rules)
14238 <-> WEB-CLIENT Microsoft Windows Media Services ActiveX function call unicode access (web-client.rules)
14239 <-> WEB-CLIENT Friendly Technologies fwRemoteConfig ActiveX clsid access (web-client.rules)
14240 <-> WEB-CLIENT Friendly Technologies fwRemoteConfig ActiveX clsid unicode access (web-client.rules)
14241 <-> WEB-CLIENT Friendly Technologies fwRemoteConfig ActiveX function call access (web-client.rules)
14242 <-> WEB-CLIENT Friendly Technologies fwRemoteConfig ActiveX function call unicode access (web-client.rules)
14243 <-> WEB-CLIENT Najdi.si Toolbar ActiveX clsid access (web-client.rules)
14244 <-> WEB-CLIENT Najdi.si Toolbar ActiveX clsid unicode access (web-client.rules)
14245 <-> WEB-CLIENT Najdi.si Toolbar ActiveX function call access (web-client.rules)
14246 <-> WEB-CLIENT Najdi.si Toolbar ActiveX function call unicode access (web-client.rules)
14247 <-> WEB-CLIENT Eyeball MessengerSDK ActiveX clsid access (web-client.rules)
14248 <-> WEB-CLIENT Eyeball MessengerSDK ActiveX clsid unicode access (web-client.rules)
14249 <-> WEB-CLIENT Eyeball MessengerSDK ActiveX function call access (web-client.rules)
14250 <-> WEB-CLIENT Eyeball MessengerSDK ActiveX function call unicode access (web-client.rules)
14264 <-> MULTIMEDIA Windows Media Player playlist download (multimedia.rules)
14265 <-> EXPLOIT CitectSCADA ODBC buffer overflow attempt (exploit.rules)
14266 <-> WEB-CLIENT Microsoft Windows Image Acquisition Logger ActiveX clsid access (web-client.rules)
14267 <-> WEB-CLIENT Microsoft Windows Image Acquisition Logger ActiveX clsid unicode access (web-client.rules)
14268 <-> WEB-CLIENT Microsoft Windows Image Acquisition Logger ActiveX function call access (web-client.rules)
14269 <-> WEB-CLIENT Microsoft Windows Image Acquisition Logger ActiveX function call unicode access (web-client.rules)

Updated rules:
3632 <-> WEB-CLIENT Bitmap width integer overflow attempt (web-client.rules)
3633 <-> WEB-CLIENT bitmap transfer (web-client.rules)
3634 <-> WEB-CLIENT Bitmap width integer overflow multipacket attempt (web-client.rules)
5797 <-> POLICY kontiki runtime detection (policy.rules)
7087 <-> BACKDOOR sinique 1.0 runtime detection - initial connection with correct password client-to-server (backdoor.rules)
7088 <-> BACKDOOR sinique 1.0 runtime detection - initial connection with correct password server-to-client (backdoor.rules)
7089 <-> BACKDOOR sinique 1.0 runtime detection - initial connection with wrong password -client-to-server (backdoor.rules)
7090 <-> BACKDOOR sinique 1.0 runtime detection - initial connection with wrong password server-to-client (backdoor.rules)
7693 <-> BACKDOOR exception 1.0 runtime detection - initial connection client-to-server (backdoor.rules)
7694 <-> BACKDOOR exception 1.0 runtime detection - initial connection server-to-client (backdoor.rules)
12780 <-> WEB-CLIENT Aurigma Image Uploader 4 Vulnerable Methods ActiveX clsid access (web-client.rules)
12781 <-> WEB-CLIENT Aurigma Image Uploader 4 Vulnerable Methods ActiveX clsid unicode access (web-client.rules)
12782 <-> WEB-CLIENT Aurigma Image Uploader 4 Vulnerable Methods ActiveX function call access (web-client.rules)
12783 <-> WEB-CLIENT Aurigma Image Uploader 4 Vulnerable Methods ActiveX function call unicode access (web-client.rules)
13228 <-> WEB-CLIENT HP eSupportDiagnostics 1 ActiveX clsid access (web-client.rules)
13229 <-> WEB-CLIENT HP eSupportDiagnostics 1 ActiveX clsid unicode access (web-client.rules)
13230 <-> WEB-CLIENT HP eSupportDiagnostics 2 ActiveX clsid access (web-client.rules)
13231 <-> WEB-CLIENT HP eSupportDiagnostics 2 ActiveX clsid unicode access (web-client.rules)
13279 <-> SPYWARE-PUT Keylogger advanced spy 4.0 runtime detection (spyware-put.rules)
13419 <-> WEB-CLIENT Facebook Photo Uploader ActiveX clsid access (web-client.rules)
13420 <-> WEB-CLIENT Facebook Photo Uploader ActiveX clsid unicode access (web-client.rules)
13421 <-> WEB-CLIENT Facebook Photo Uploader ActiveX function call access (web-client.rules)
13422 <-> WEB-CLIENT Facebook Photo Uploader ActiveX function call unicode access (web-client.rules)
13434 <-> WEB-CLIENT Aurigma Image Uploader 4 Property Overflows ActiveX clsid access (web-client.rules)
13435 <-> WEB-CLIENT Aurigma Image Uploader 4 Property Overflows ActiveX clsid unicode access (web-client.rules)
13436 <-> WEB-CLIENT Aurigma Image Uploader 4 Property Overflows ActiveX function call access (web-client.rules)
13437 <-> WEB-CLIENT Aurigma Image Uploader 4 Property Overflows ActiveX function call unicode access (web-client.rules)
13438 <-> WEB-CLIENT Aurigma Image Uploader 5 Vulnerable Methods ActiveX clsid access (web-client.rules)
13439 <-> WEB-CLIENT Aurigma Image Uploader 5 Vulnerable Methods ActiveX clsid unicode access (web-client.rules)
13440 <-> WEB-CLIENT Aurigma Image Uploader 5 Vulnerable Methods ActiveX function call access (web-client.rules)
13441 <-> WEB-CLIENT Aurigma Image Uploader 5 Vulnerable Methods ActiveX function call unicode access (web-client.rules)
13442 <-> WEB-CLIENT Aurigma Image Uploader 5 Property Overflows ActiveX clsid access (web-client.rules)
13443 <-> WEB-CLIENT Aurigma Image Uploader 5 Property Overflows ActiveX clsid unicode access (web-client.rules)
13444 <-> WEB-CLIENT Aurigma Image Uploader 5 Property Overflows ActiveX function call access (web-client.rules)
13445 <-> WEB-CLIENT Aurigma Image Uploader 5 Property Overflows ActiveX function call unicode access (web-client.rules)
13523 <-> WEB-CLIENT Novell iPrint ActiveX clsid access (web-client.rules)
13524 <-> WEB-CLIENT Novell iPrint ActiveX clsid unicode access (web-client.rules)
13525 <-> WEB-CLIENT Novell iPrint ActiveX function call access (web-client.rules)
13526 <-> WEB-CLIENT Novell iPrint ActiveX function call unicode access (web-client.rules)
13720 <-> WEB-CLIENT HP eSupportDiagnostics 3 ActiveX clsid access (web-client.rules)
13721 <-> WEB-CLIENT HP eSupportDiagnostics 3 ActiveX clsid unicode access (web-client.rules)
13722 <-> WEB-CLIENT HP eSupportDiagnostics 4 ActiveX clsid access (web-client.rules)
13723 <-> WEB-CLIENT HP eSupportDiagnostics 4 ActiveX clsid unicode access (web-client.rules)
13724 <-> WEB-CLIENT HP eSupportDiagnostics 5 ActiveX clsid access (web-client.rules)
13725 <-> WEB-CLIENT HP eSupportDiagnostics 5 ActiveX clsid unicode access (web-client.rules)
13726 <-> WEB-CLIENT HP eSupportDiagnostics 6 ActiveX clsid access (web-client.rules)
13727 <-> WEB-CLIENT HP eSupportDiagnostics 6 ActiveX clsid unicode access (web-client.rules)
13728 <-> WEB-CLIENT HP eSupportDiagnostics 7 ActiveX clsid access (web-client.rules)
13729 <-> WEB-CLIENT HP eSupportDiagnostics 7 ActiveX clsid unicode access (web-client.rules)
13730 <-> WEB-CLIENT HP eSupportDiagnostics 8 ActiveX clsid access (web-client.rules)
13731 <-> WEB-CLIENT HP eSupportDiagnostics 8 ActiveX clsid unicode access (web-client.rules)
13732 <-> WEB-CLIENT HP eSupportDiagnostics 9 ActiveX clsid access (web-client.rules)
13733 <-> WEB-CLIENT HP eSupportDiagnostics 9 ActiveX clsid unicode access (web-client.rules)
13734 <-> WEB-CLIENT HP eSupportDiagnostics 10 ActiveX clsid access (web-client.rules)
13735 <-> WEB-CLIENT HP eSupportDiagnostics 10 ActiveX clsid unicode access (web-client.rules)
13736 <-> WEB-CLIENT HP eSupportDiagnostics 11 ActiveX clsid access (web-client.rules)
13737 <-> WEB-CLIENT HP eSupportDiagnostics 11 ActiveX clsid unicode access (web-client.rules)
13738 <-> WEB-CLIENT HP eSupportDiagnostics 12 ActiveX clsid access (web-client.rules)
13739 <-> WEB-CLIENT HP eSupportDiagnostics 12 ActiveX clsid unicode access (web-client.rules)
13740 <-> WEB-CLIENT HP eSupportDiagnostics 13 ActiveX clsid access (web-client.rules)
13741 <-> WEB-CLIENT HP eSupportDiagnostics 13 ActiveX clsid unicode access (web-client.rules)
13742 <-> WEB-CLIENT HP eSupportDiagnostics 14 ActiveX clsid access (web-client.rules)
13743 <-> WEB-CLIENT HP eSupportDiagnostics 14 ActiveX clsid unicode access (web-client.rules)
13744 <-> WEB-CLIENT HP eSupportDiagnostics 15 ActiveX clsid access (web-client.rules)
13745 <-> WEB-CLIENT HP eSupportDiagnostics 15 ActiveX clsid unicode access (web-client.rules)
13746 <-> WEB-CLIENT HP eSupportDiagnostics 16 ActiveX clsid access (web-client.rules)
13747 <-> WEB-CLIENT HP eSupportDiagnostics 16 ActiveX clsid unicode access (web-client.rules)
13748 <-> WEB-CLIENT HP eSupportDiagnostics 17 ActiveX clsid access (web-client.rules)
13749 <-> WEB-CLIENT HP eSupportDiagnostics 17 ActiveX clsid unicode access (web-client.rules)
13750 <-> WEB-CLIENT HP eSupportDiagnostics 18 ActiveX clsid access (web-client.rules)
13751 <-> WEB-CLIENT HP eSupportDiagnostics 18 ActiveX clsid unicode access (web-client.rules)
13752 <-> WEB-CLIENT HP eSupportDiagnostics 19 ActiveX clsid access (web-client.rules)
13753 <-> WEB-CLIENT HP eSupportDiagnostics 19 ActiveX clsid unicode access (web-client.rules)
13754 <-> WEB-CLIENT HP eSupportDiagnostics 20 ActiveX clsid access (web-client.rules)
13755 <-> WEB-CLIENT HP eSupportDiagnostics 20 ActiveX clsid unicode access (web-client.rules)
13756 <-> WEB-CLIENT HP eSupportDiagnostics 21 ActiveX clsid access (web-client.rules)
13757 <-> WEB-CLIENT HP eSupportDiagnostics 21 ActiveX clsid unicode access (web-client.rules)
13857 <-> WEB-CLIENT HP Instant Support DataManager ActiveX clsid access (web-client.rules)
13858 <-> WEB-CLIENT HP Instant Support DataManager ActiveX clsid unicode access (web-client.rules)
13859 <-> WEB-CLIENT HP Instant Support DataManager ActiveX function call access (web-client.rules)
13860 <-> WEB-CLIENT HP Instant Support DataManager ActiveX function call unicode access (web-client.rules)
13865 <-> WEB-CLIENT Adobe BMP image handler buffer overflow attempt (web-client.rules)
13896 <-> SQL Microsoft SQL server MTF file download (sql.rules)