Snort :: Changes 2007-05-08

Sourcefire VRT Update

Date: 2007-05-08

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack.
The format of the file is:
sid - Message (rule group)
New rules:
10978 <-> WEB-CLIENT Second Sight Software ActiveGS ActiveX clsid access (web-client.rules)
10979 <-> WEB-CLIENT Second Sight Software ActiveGS ActiveX clsid unicode access (web-client.rules)
10980 <-> WEB-CLIENT Second Sight Software ActiveGS ActiveX function call access (web-client.rules)
10981 <-> WEB-CLIENT Second Sight Software ActiveGS ActiveX function call unicode access (web-client.rules)
10982 <-> WEB-CLIENT Second Sight Software ActiveMod ActiveX clsid access (web-client.rules)
10983 <-> WEB-CLIENT Second Sight Software ActiveMod ActiveX clsid unicode access (web-client.rules)
10984 <-> WEB-CLIENT Second Sight Software ActiveMod ActiveX function call access (web-client.rules)
10985 <-> WEB-CLIENT Second Sight Software ActiveMod ActiveX function call unicode access (web-client.rules)
10986 <-> WEB-CLIENT GraceNote CDDB ActiveX clsid access (web-client.rules)
10987 <-> WEB-CLIENT GraceNote CDDB ActiveX clsid unicode access (web-client.rules)
10988 <-> WEB-CLIENT GraceNote CDDB ActiveX function call access (web-client.rules)
10989 <-> WEB-CLIENT GraceNote CDDB ActiveX function call unicode access (web-client.rules)
10990 <-> WEB-MISC encoded cross site scripting HTML Image tag attempt (web-misc.rules)
10991 <-> WEB-CLIENT Microgaming Download Helper ActiveX clsid access (web-client.rules)
10992 <-> WEB-CLIENT Microgaming Download Helper ActiveX clsid unicode access (web-client.rules)
10993 <-> WEB-CLIENT Microgaming Download Helper ActiveX function call access (web-client.rules)
10994 <-> WEB-CLIENT Microgaming Download Helper ActiveX function call unicode access (web-client.rules)
10995 <-> SMTP possible BDAT DoS attempt (smtp.rules)
10996 <-> WEB-MISC SSLv3 Client_Hello request (web-misc.rules)
10997 <-> WEB-MISC SSLv3 SessionID overflow attempt (web-misc.rules)
10998 <-> EXPLOIT Novell GroupWise WebAccess authentication overflow (exploit.rules)
10999 <-> WEB-CGI chetcpasswd access (web-cgi.rules)
11000 <-> ORACLE dbms_snap_internal.delete_refresh_operations buffer overflow attempt (oracle.rules)
11001 <-> ORACLE dbms_snap_internal.delete_refresh_operations buffer overflow attempt (oracle.rules)
11002 <-> ORACLE dbms_snap_internal.generate_refresh_operations buffer overflow attempt (oracle.rules)
11003 <-> ORACLE dbms_snap_internal.generate_refresh_operations buffer overflow attempt (oracle.rules)
11004 <-> IMAP CRAM-MD5 authentication method buffer overflow (imap.rules)
11005 <-> NETBIOS SMB rpcss alter context attempt (netbios.rules)
11006 <-> NETBIOS SMB rpcss unicode alter context attempt (netbios.rules)
11007 <-> NETBIOS SMB rpcss WriteAndX alter context attempt (netbios.rules)
11008 <-> NETBIOS SMB rpcss WriteAndX unicode alter context attempt (netbios.rules)
11009 <-> NETBIOS SMB-DS rpcss alter context attempt (netbios.rules)
11010 <-> NETBIOS SMB-DS rpcss WriteAndX alter context attempt (netbios.rules)
11011 <-> NETBIOS SMB-DS rpcss unicode alter context attempt (netbios.rules)
11012 <-> NETBIOS SMB-DS rpcss WriteAndX unicode alter context attempt (netbios.rules)
11013 <-> NETBIOS SMB rpcss little endian alter context attempt (netbios.rules)
11014 <-> NETBIOS SMB rpcss WriteAndX little endian alter context attempt (netbios.rules)
11015 <-> NETBIOS SMB rpcss unicode little endian alter context attempt (netbios.rules)
11016 <-> NETBIOS SMB rpcss WriteAndX unicode little endian alter context attempt (netbios.rules)
11017 <-> NETBIOS SMB-DS rpcss little endian alter context attempt (netbios.rules)
11018 <-> NETBIOS SMB-DS rpcss WriteAndX little endian alter context attempt (netbios.rules)
11019 <-> NETBIOS SMB-DS rpcss unicode little endian alter context attempt (netbios.rules)
11020 <-> NETBIOS SMB-DS rpcss WriteAndX unicode little endian alter context attempt (netbios.rules)
11021 <-> NETBIOS SMB rpcss bind attempt (netbios.rules)
11022 <-> NETBIOS SMB rpcss unicode bind attempt (netbios.rules)
11023 <-> NETBIOS SMB rpcss WriteAndX bind attempt (netbios.rules)
11024 <-> NETBIOS SMB rpcss WriteAndX unicode bind attempt (netbios.rules)
11025 <-> NETBIOS SMB-DS rpcss bind attempt (netbios.rules)
11026 <-> NETBIOS SMB-DS rpcss WriteAndX bind attempt (netbios.rules)
11027 <-> NETBIOS SMB-DS rpcss unicode bind attempt (netbios.rules)
11028 <-> NETBIOS SMB-DS rpcss WriteAndX unicode bind attempt (netbios.rules)
11029 <-> NETBIOS SMB rpcss little endian bind attempt (netbios.rules)
11030 <-> NETBIOS SMB rpcss WriteAndX little endian bind attempt (netbios.rules)
11031 <-> NETBIOS SMB rpcss unicode little endian bind attempt (netbios.rules)
11032 <-> NETBIOS SMB rpcss WriteAndX unicode little endian bind attempt (netbios.rules)
11033 <-> NETBIOS SMB-DS rpcss little endian bind attempt (netbios.rules)
11034 <-> NETBIOS SMB-DS rpcss WriteAndX little endian bind attempt (netbios.rules)
11035 <-> NETBIOS SMB-DS rpcss unicode little endian bind attempt (netbios.rules)
11036 <-> NETBIOS SMB-DS rpcss WriteAndX unicode little endian bind attempt (netbios.rules)
11037 <-> NETBIOS SMB rpcss andx alter context attempt (netbios.rules)
11038 <-> NETBIOS SMB rpcss unicode andx alter context attempt (netbios.rules)
11039 <-> NETBIOS SMB rpcss WriteAndX andx alter context attempt (netbios.rules)
11040 <-> NETBIOS SMB rpcss WriteAndX unicode andx alter context attempt (netbios.rules)
11041 <-> NETBIOS SMB-DS rpcss andx alter context attempt (netbios.rules)
11042 <-> NETBIOS SMB-DS rpcss WriteAndX andx alter context attempt (netbios.rules)
11043 <-> NETBIOS SMB-DS rpcss unicode andx alter context attempt (netbios.rules)
11044 <-> NETBIOS SMB-DS rpcss WriteAndX unicode andx alter context attempt (netbios.rules)
11045 <-> NETBIOS SMB rpcss little endian andx alter context attempt (netbios.rules)
11046 <-> NETBIOS SMB rpcss WriteAndX little endian andx alter context attempt (netbios.rules)
11047 <-> NETBIOS SMB rpcss unicode little endian andx alter context attempt (netbios.rules)
11048 <-> NETBIOS SMB rpcss WriteAndX unicode little endian andx alter context attempt (netbios.rules)
11049 <-> NETBIOS SMB-DS rpcss little endian andx alter context attempt (netbios.rules)
11050 <-> NETBIOS SMB-DS rpcss WriteAndX little endian andx alter context attempt (netbios.rules)
11051 <-> NETBIOS SMB-DS rpcss unicode little endian andx alter context attempt (netbios.rules)
11052 <-> NETBIOS SMB-DS rpcss WriteAndX unicode little endian andx alter context attempt (netbios.rules)
11053 <-> NETBIOS SMB rpcss andx bind attempt (netbios.rules)
11054 <-> NETBIOS SMB rpcss unicode andx bind attempt (netbios.rules)
11055 <-> NETBIOS SMB rpcss WriteAndX andx bind attempt (netbios.rules)
11056 <-> NETBIOS SMB rpcss WriteAndX unicode andx bind attempt (netbios.rules)
11057 <-> NETBIOS SMB-DS rpcss andx bind attempt (netbios.rules)
11058 <-> NETBIOS SMB-DS rpcss WriteAndX andx bind attempt (netbios.rules)
11059 <-> NETBIOS SMB-DS rpcss unicode andx bind attempt (netbios.rules)
11060 <-> NETBIOS SMB-DS rpcss WriteAndX unicode andx bind attempt (netbios.rules)
11061 <-> NETBIOS SMB rpcss little endian andx bind attempt (netbios.rules)
11062 <-> NETBIOS SMB rpcss WriteAndX little endian andx bind attempt (netbios.rules)
11063 <-> NETBIOS SMB rpcss unicode little endian andx bind attempt (netbios.rules)
11064 <-> NETBIOS SMB rpcss WriteAndX unicode little endian andx bind attempt (netbios.rules)
11065 <-> NETBIOS SMB-DS rpcss little endian andx bind attempt (netbios.rules)
11066 <-> NETBIOS SMB-DS rpcss WriteAndX little endian andx bind attempt (netbios.rules)
11067 <-> NETBIOS SMB-DS rpcss unicode little endian andx bind attempt (netbios.rules)
11068 <-> NETBIOS SMB-DS rpcss WriteAndX unicode little endian andx bind attempt (netbios.rules)
11069 <-> NETBIOS DCERPC NCACN-IP-TCP rpcss little endian alter context attempt (netbios.rules)
11070 <-> NETBIOS DCERPC NCACN-IP-TCP rpcss alter context attempt (netbios.rules)
11071 <-> NETBIOS DCERPC NCACN-IP-TCP rpcss little endian bind attempt (netbios.rules)
11072 <-> NETBIOS DCERPC NCACN-IP-TCP rpcss bind attempt (netbios.rules)
11073 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject WriteAndX unicode little endian attempt (netbios.rules)
11074 <-> NETBIOS SMB-DS v4 rpcss _RemoteGetClassObject unicode little endian attempt (netbios.rules)
11075 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject unicode attempt (netbios.rules)
11076 <-> NETBIOS SMB v4 rpcss _RemoteGetClassObject WriteAndX attempt (netbios.rules)
11077 <-> NETBIOS SMB-DS v4 rpcss _RemoteGetClassObject unicode attempt (netbios.rules)
11078 <-> NETBIOS SMB-DS v4 rpcss _RemoteGetClassObject attempt (netbios.rules)
11079 <-> NETBIOS SMB-DS v4 rpcss _RemoteGetClassObject little endian attempt (netbios.rules)
11080 <-> NETBIOS SMB v4 rpcss _RemoteGetClassObject WriteAndX unicode attempt (netbios.rules)
11081 <-> NETBIOS SMB v4 rpcss _RemoteGetClassObject attempt (netbios.rules)
11082 <-> NETBIOS SMB-DS v4 rpcss _RemoteGetClassObject WriteAndX attempt (netbios.rules)
11083 <-> NETBIOS SMB v4 rpcss _RemoteGetClassObject unicode attempt (netbios.rules)
11084 <-> NETBIOS SMB-DS v4 rpcss _RemoteGetClassObject WriteAndX unicode attempt (netbios.rules)
11085 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject attempt (netbios.rules)
11086 <-> NETBIOS SMB rpcss _RemoteGetClassObject WriteAndX little endian attempt (netbios.rules)
11087 <-> NETBIOS SMB rpcss _RemoteGetClassObject WriteAndX unicode attempt (netbios.rules)
11088 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject little endian attempt (netbios.rules)
11089 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject unicode little endian attempt (netbios.rules)
11090 <-> NETBIOS SMB-DS v4 rpcss _RemoteGetClassObject WriteAndX unicode little endian attempt (netbios.rules)
11091 <-> NETBIOS SMB v4 rpcss _RemoteGetClassObject unicode little endian attempt (netbios.rules)
11092 <-> NETBIOS SMB v4 rpcss _RemoteGetClassObject little endian attempt (netbios.rules)
11093 <-> NETBIOS SMB v4 rpcss _RemoteGetClassObject WriteAndX unicode little endian attempt (netbios.rules)
11094 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject WriteAndX unicode attempt (netbios.rules)
11095 <-> NETBIOS SMB rpcss _RemoteGetClassObject WriteAndX attempt (netbios.rules)
11096 <-> NETBIOS SMB v4 rpcss _RemoteGetClassObject WriteAndX little endian attempt (netbios.rules)
11097 <-> NETBIOS SMB-DS v4 rpcss _RemoteGetClassObject WriteAndX little endian attempt (netbios.rules)
11098 <-> NETBIOS SMB rpcss _RemoteGetClassObject attempt (netbios.rules)
11099 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject WriteAndX attempt (netbios.rules)
11100 <-> NETBIOS SMB rpcss _RemoteGetClassObject unicode attempt (netbios.rules)
11101 <-> NETBIOS SMB rpcss _RemoteGetClassObject WriteAndX unicode little endian attempt (netbios.rules)
11102 <-> NETBIOS SMB rpcss _RemoteGetClassObject little endian attempt (netbios.rules)
11103 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject WriteAndX little endian attempt (netbios.rules)
11104 <-> NETBIOS SMB rpcss _RemoteGetClassObject unicode little endian attempt (netbios.rules)
11105 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject object call attempt (netbios.rules)
11106 <-> NETBIOS SMB rpcss _RemoteGetClassObject WriteAndX little endian object call attempt (netbios.rules)
11107 <-> NETBIOS SMB rpcss _RemoteGetClassObject WriteAndX unicode object call attempt (netbios.rules)
11108 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject little endian object call attempt (netbios.rules)
11109 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject unicode little endian object call attempt (netbios.rules)
11110 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject WriteAndX unicode object call attempt (netbios.rules)
11111 <-> NETBIOS SMB rpcss _RemoteGetClassObject WriteAndX object call attempt (netbios.rules)
11112 <-> NETBIOS SMB rpcss _RemoteGetClassObject object call attempt (netbios.rules)
11113 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject WriteAndX object call attempt (netbios.rules)
11114 <-> NETBIOS SMB rpcss _RemoteGetClassObject unicode object call attempt (netbios.rules)
11115 <-> NETBIOS SMB rpcss _RemoteGetClassObject WriteAndX unicode little endian object call attempt (netbios.rules)
11116 <-> NETBIOS SMB rpcss _RemoteGetClassObject little endian object call attempt (netbios.rules)
11117 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject WriteAndX little endian object call attempt (netbios.rules)
11118 <-> NETBIOS SMB rpcss _RemoteGetClassObject unicode little endian object call attempt (netbios.rules)
11119 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject WriteAndX unicode little endian object call attempt (netbios.rules)
11120 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject unicode object call attempt (netbios.rules)
11121 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject WriteAndX unicode little endian andx attempt (netbios.rules)
11122 <-> NETBIOS SMB-DS v4 rpcss _RemoteGetClassObject unicode little endian andx attempt (netbios.rules)
11123 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject unicode andx attempt (netbios.rules)
11124 <-> NETBIOS SMB v4 rpcss _RemoteGetClassObject WriteAndX andx attempt (netbios.rules)
11125 <-> NETBIOS SMB-DS v4 rpcss _RemoteGetClassObject unicode andx attempt (netbios.rules)
11126 <-> NETBIOS SMB-DS v4 rpcss _RemoteGetClassObject andx attempt (netbios.rules)
11127 <-> NETBIOS SMB-DS v4 rpcss _RemoteGetClassObject little endian andx attempt (netbios.rules)
11128 <-> NETBIOS SMB v4 rpcss _RemoteGetClassObject WriteAndX unicode andx attempt (netbios.rules)
11129 <-> NETBIOS SMB v4 rpcss _RemoteGetClassObject andx attempt (netbios.rules)
11130 <-> NETBIOS SMB-DS v4 rpcss _RemoteGetClassObject WriteAndX andx attempt (netbios.rules)
11131 <-> NETBIOS SMB v4 rpcss _RemoteGetClassObject unicode andx attempt (netbios.rules)
11132 <-> NETBIOS SMB-DS v4 rpcss _RemoteGetClassObject WriteAndX unicode andx attempt (netbios.rules)
11133 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject andx attempt (netbios.rules)
11134 <-> NETBIOS SMB rpcss _RemoteGetClassObject WriteAndX little endian andx attempt (netbios.rules)
11135 <-> NETBIOS SMB rpcss _RemoteGetClassObject WriteAndX unicode andx attempt (netbios.rules)
11136 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject little endian andx attempt (netbios.rules)
11137 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject unicode little endian andx attempt (netbios.rules)
11138 <-> NETBIOS SMB-DS v4 rpcss _RemoteGetClassObject WriteAndX unicode little endian andx attempt (netbios.rules)
11139 <-> NETBIOS SMB v4 rpcss _RemoteGetClassObject unicode little endian andx attempt (netbios.rules)
11140 <-> NETBIOS SMB v4 rpcss _RemoteGetClassObject little endian andx attempt (netbios.rules)
11141 <-> NETBIOS SMB v4 rpcss _RemoteGetClassObject WriteAndX unicode little endian andx attempt (netbios.rules)
11142 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject WriteAndX unicode andx attempt (netbios.rules)
11143 <-> NETBIOS SMB rpcss _RemoteGetClassObject WriteAndX andx attempt (netbios.rules)
11144 <-> NETBIOS SMB v4 rpcss _RemoteGetClassObject WriteAndX little endian andx attempt (netbios.rules)
11145 <-> NETBIOS SMB-DS v4 rpcss _RemoteGetClassObject WriteAndX little endian andx attempt (netbios.rules)
11146 <-> NETBIOS SMB rpcss _RemoteGetClassObject andx attempt (netbios.rules)
11147 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject WriteAndX andx attempt (netbios.rules)
11148 <-> NETBIOS SMB rpcss _RemoteGetClassObject unicode andx attempt (netbios.rules)
11149 <-> NETBIOS SMB rpcss _RemoteGetClassObject WriteAndX unicode little endian andx attempt (netbios.rules)
11150 <-> NETBIOS SMB rpcss _RemoteGetClassObject little endian andx attempt (netbios.rules)
11151 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject WriteAndX little endian andx attempt (netbios.rules)
11152 <-> NETBIOS SMB rpcss _RemoteGetClassObject unicode little endian andx attempt (netbios.rules)
11153 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject andx object call attempt (netbios.rules)
11154 <-> NETBIOS SMB rpcss _RemoteGetClassObject WriteAndX little endian andx object call attempt (netbios.rules)
11155 <-> NETBIOS SMB rpcss _RemoteGetClassObject WriteAndX unicode andx object call attempt (netbios.rules)
11156 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject little endian andx object call attempt (netbios.rules)
11157 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject unicode little endian andx object call attempt (netbios.rules)
11158 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject WriteAndX unicode andx object call attempt (netbios.rules)
11159 <-> NETBIOS SMB rpcss _RemoteGetClassObject WriteAndX andx object call attempt (netbios.rules)
11160 <-> NETBIOS SMB rpcss _RemoteGetClassObject andx object call attempt (netbios.rules)
11161 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject WriteAndX andx object call attempt (netbios.rules)
11162 <-> NETBIOS SMB rpcss _RemoteGetClassObject unicode andx object call attempt (netbios.rules)
11163 <-> NETBIOS SMB rpcss _RemoteGetClassObject WriteAndX unicode little endian andx object call attempt (netbios.rules)
11164 <-> NETBIOS SMB rpcss _RemoteGetClassObject little endian andx object call attempt (netbios.rules)
11165 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject WriteAndX little endian andx object call attempt (netbios.rules)
11166 <-> NETBIOS SMB rpcss _RemoteGetClassObject unicode little endian andx object call attempt (netbios.rules)
11167 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject WriteAndX unicode little endian andx object call attempt (netbios.rules)
11168 <-> NETBIOS SMB-DS rpcss _RemoteGetClassObject unicode andx object call attempt (netbios.rules)
11169 <-> NETBIOS DCERPC NCACN-IP-TCP rpcss _RemoteGetClassObject little endian attempt (netbios.rules)
11170 <-> NETBIOS DCERPC NCACN-IP-TCP v4 rpcss _RemoteGetClassObject attempt (netbios.rules)
11171 <-> NETBIOS DCERPC NCACN-IP-TCP rpcss _RemoteGetClassObject attempt (netbios.rules)
11172 <-> NETBIOS DCERPC NCACN-IP-TCP v4 rpcss _RemoteGetClassObject little endian attempt (netbios.rules)
11173 <-> NETBIOS DCERPC NCACN-IP-TCP rpcss _RemoteGetClassObject little endian object call attempt (netbios.rules)
11174 <-> NETBIOS DCERPC NCACN-IP-TCP rpcss _RemoteGetClassObject object call attempt (netbios.rules)
11175 <-> ORACLE dbms_cdc_ipublish.chgtab_cache buffer overflow attempt (oracle.rules)
11176 <-> WEB-CLIENT PowerPoint Viewer ActiveX clsid access (web-client.rules)
11177 <-> WEB-CLIENT PowerPoint Viewer ActiveX clsid unicode access (web-client.rules)
11178 <-> WEB-CLIENT PowerPoint Viewer ActiveX function call access (web-client.rules)
11179 <-> WEB-CLIENT PowerPoint Viewer ActiveX function call unicode access (web-client.rules)
11180 <-> WEB-CLIENT quicktime movie ftyp buffer underflow (web-client.rules)
11181 <-> WEB-CLIENT Excel Viewer ActiveX clsid access (web-client.rules)
11182 <-> WEB-CLIENT Excel Viewer ActiveX clsid unicode access (web-client.rules)
11183 <-> WEB-CLIENT Excel Viewer ActiveX function call access (web-client.rules)
11184 <-> WEB-CLIENT Excel Viewer ActiveX function call unicode access (web-client.rules)
11185 <-> DOS CA eTrust key handling dos -- username (dos.rules)
11186 <-> DOS CA eTrust key handling dos -- password (dos.rules)
11187 <-> WEB-CLIENT Word Viewer ActiveX clsid access (web-client.rules)
11188 <-> WEB-CLIENT Word Viewer ActiveX clsid unicode access (web-client.rules)
11189 <-> WEB-CLIENT Word Viewer ActiveX function call access (web-client.rules)
11190 <-> WEB-CLIENT Word Viewer ActiveX function call unicode access (web-client.rules)
11191 <-> WEB-IIS Microsoft Content Management Server memory corruption (web-iis.rules)
11192 <-> POLICY download of executable content (policy.rules)
11193 <-> WEB-MISC Oracle iSQL Plus cross site scripting attempt (web-misc.rules)
11194 <-> WEB-MISC Oracle iSQL Plus cross site scripting attempt (web-misc.rules)
11196 <-> EXPLOIT MaxDB WebDBM get buffer overflow (exploit.rules)
11197 <-> WEB-CLIENT ActiveX Soft DVD Tools ActiveX function call access (web-client.rules)
11198 <-> WEB-CLIENT ActiveX Soft DVD Tools ActiveX function call unicode access (web-client.rules)
11199 <-> WEB-CLIENT Office Viewer ActiveX clsid access (web-client.rules)
11200 <-> WEB-CLIENT Office Viewer ActiveX clsid unicode access (web-client.rules)
11201 <-> WEB-CLIENT Office Viewer ActiveX function call access (web-client.rules)
11202 <-> WEB-CLIENT Office Viewer ActiveX function call unicode access (web-client.rules)
11203 <-> ORACLE sys.dbms_apply_user_agent.set_registration_handler access attempt (oracle.rules)
11204 <-> ORACLE sys.dbms_aqadm_sys access attempt (oracle.rules)
11205 <-> ORACLE sys.dbms_upgrade_internal access attempt (oracle.rules)
11206 <-> WEB-CLIENT East Wind Software ADVDAUDIO ActiveX clsid access (web-client.rules)
11207 <-> WEB-CLIENT East Wind Software ADVDAUDIO ActiveX clsid unicode access (web-client.rules)
11208 <-> WEB-CLIENT East Wind Software ADVDAUDIO ActiveX function call access (web-client.rules)
11209 <-> WEB-CLIENT East Wind Software ADVDAUDIO ActiveX function call unicode access (web-client.rules)
11210 <-> WEB-CLIENT Sienzo Digital Music Mentor ActiveX clsid access (web-client.rules)
11211 <-> WEB-CLIENT Sienzo Digital Music Mentor ActiveX clsid unicode access (web-client.rules)
11212 <-> WEB-CLIENT Sienzo Digital Music Mentor ActiveX function call access (web-client.rules)
11213 <-> WEB-CLIENT Sienzo Digital Music Mentor ActiveX function call unicode access (web-client.rules)
11214 <-> WEB-CLIENT VeralSoft HTTP File Uploader ActiveX clsid access (web-client.rules)
11215 <-> WEB-CLIENT VeralSoft HTTP File Uploader ActiveX clsid unicode access (web-client.rules)
11216 <-> WEB-CLIENT VeralSoft HTTP File Uploader ActiveX function call access (web-client.rules)
11217 <-> WEB-CLIENT VeralSoft HTTP File Uploader ActiveX function call unicode access (web-client.rules)
11218 <-> WEB-CLIENT SmartCode VNC Manager ActiveX clsid access (web-client.rules)
11219 <-> WEB-CLIENT SmartCode VNC Manager ActiveX clsid unicode access (web-client.rules)
11220 <-> WEB-CLIENT SmartCode VNC Manager ActiveX function call access (web-client.rules)
11221 <-> WEB-CLIENT SmartCode VNC Manager ActiveX function call unicode access (web-client.rules)
11222 <-> SMTP Exchange MODPROPS denial of service attempt (smtp.rules)
11223 <-> WEB-MISC google proxystylesheet arbitrary command execution attempt (web-misc.rules)
11224 <-> WEB-CLIENT MSAuth ActiveX clsid access (web-client.rules)
11225 <-> WEB-CLIENT MSAuth ActiveX clsid unicode access (web-client.rules)
11226 <-> WEB-CLIENT MSAuth ActiveX function call access (web-client.rules)
11227 <-> WEB-CLIENT MSAuth ActiveX function call unicode access (web-client.rules)
11228 <-> WEB-CLIENT Microsoft Input Method Editor 3 ActiveX clsid access (web-client.rules)
11229 <-> WEB-CLIENT Microsoft Input Method Editor 3 ActiveX clsid unicode access (web-client.rules)
11230 <-> WEB-CLIENT Microsoft Cryptographic API COM 1 ActiveX clsid access (web-client.rules)
11231 <-> WEB-CLIENT Microsoft Cryptographic API COM 1 ActiveX clsid unicode access (web-client.rules)
11232 <-> WEB-CLIENT Microsoft Cryptographic API COM 1 ActiveX function call access (web-client.rules)
11233 <-> WEB-CLIENT Microsoft Cryptographic API COM 1 ActiveX function call unicode access (web-client.rules)
11234 <-> WEB-CLIENT Microsoft Cryptographic API COM 2 ActiveX clsid access (web-client.rules)
11235 <-> WEB-CLIENT Microsoft Cryptographic API COM 2 ActiveX clsid unicode access (web-client.rules)
11236 <-> WEB-CLIENT OutlookExpress.AddressBook ActiveX clsid access (web-client.rules)
11237 <-> WEB-CLIENT OutlookExpress.AddressBook ActiveX clsid unicode access (web-client.rules)
11238 <-> WEB-CLIENT OutlookExpress.AddressBook ActiveX function call unicode access (web-client.rules)
11239 <-> WEB-CLIENT DXImageTransform.Microsoft.Redirect ActiveX clsid access (web-client.rules)
11240 <-> WEB-CLIENT DXImageTransform.Microsoft.Redirect ActiveX clsid unicode access (web-client.rules)
11241 <-> WEB-CLIENT DXImageTransform.Microsoft.Redirect ActiveX function call access (web-client.rules)
11242 <-> WEB-CLIENT DXImageTransform.Microsoft.Redirect ActiveX function call unicode access (web-client.rules)
11243 <-> WEB-CLIENT DirectAnimation.DAstatics ActiveX clsid access (web-client.rules)
11244 <-> WEB-CLIENT DirectAnimation.DAstatics ActiveX clsid unicode access (web-client.rules)
11245 <-> WEB-CLIENT DirectAnimation.DAstatics ActiveX function call access (web-client.rules)
11246 <-> WEB-CLIENT DirectAnimation.DAstatics ActiveX function call unicode access (web-client.rules)
11247 <-> WEB-CLIENT Research In Motion Undisclosed ActiveX clsid access (web-client.rules)
11248 <-> WEB-CLIENT Research In Motion Undisclosed ActiveX clsid unicode access (web-client.rules)
11249 <-> WEB-CLIENT IE Address ActiveX clsid unicode access (web-client.rules)
11250 <-> WEB-CLIENT Sony Rootkit Uninstaller ActiveX clsid access (web-client.rules)
11251 <-> WEB-CLIENT Sony Rootkit Uninstaller ActiveX clsid unicode access (web-client.rules)
11252 <-> WEB-CLIENT IE Address ActiveX clsid access (web-client.rules)
11253 <-> WEB-CLIENT Microsoft MciWndx ActiveX clsid access (web-client.rules)
11254 <-> WEB-CLIENT Microsoft MciWndx ActiveX clsid unicode access (web-client.rules)
11255 <-> WEB-CLIENT Microsoft MciWndx ActiveX function call access (web-client.rules)
11256 <-> WEB-CLIENT Microsoft MciWndx ActiveX function call unicode access (web-client.rules)
11257 <-> WEB-CLIENT Microsoft Internet Explorer colgroup tag uninitialized memory corruption vulnerability (web-client.rules)
11258 <-> WEB-CLIENT Excel Malformed Named Graph Information unicode overflow (web-client.rules)

Updated rules:
 984 <-> WEB-IIS JET VBA access (web-iis.rules)
 985 <-> WEB-IIS JET VBA access (web-iis.rules)
 995 <-> WEB-IIS ism.dll access (web-iis.rules)
1005 <-> WEB-IIS codebrowser SDK access (web-iis.rules)
2386 <-> WEB-IIS NTLM ASN1 vulnerability scan attempt (web-iis.rules)
2633 <-> ORACLE sys.dbms_rectifier_diff.rectify buffer overflow attempt (oracle.rules)
2665 <-> IMAP login literal format string attempt (imap.rules)
3017 <-> EXPLOIT WINS overflow attempt (exploit.rules)
7005 <-> WEB-CLIENT OutlookExpress.AddressBook ActiveX function call access (web-client.rules)
7902 <-> WEB-CLIENT CDDBControlAOL.CDDBAOLControl ActiveX clsid access (web-client.rules)
7903 <-> WEB-CLIENT CDDBControlAOL.CDDBAOLControl ActiveX clsid unicode access (web-client.rules)
8084 <-> WEB-CGI CVSTrac filediff function access (web-cgi.rules)
9427 <-> WEB-CLIENT Acer LunchApp.APlunch ActiveX clsid access (web-client.rules)
9428 <-> WEB-CLIENT Acer LunchApp.APlunch ActiveX clsid unicode access (web-client.rules)
10156 <-> WEB-CLIENT ActiveX Soft DVD Tools ActiveX clsid access (web-client.rules)
10157 <-> WEB-CLIENT ActiveX Soft DVD Tools ActiveX clsid unicode access (web-client.rules)
10586 <-> NETBIOS SMB-DS v4 dns R_DnssrvUpdateRecord2 unicode overflow attempt (netbios.rules)
Snort

Sourcefire VRT Update

Date: 2007-05-08

Snort Links

Community

Sourcefire
