Talos Rules 2019-04-16
This release adds and modifies rules in several categories.

Talos has added and modified multiple rules in the browser-ie, browser-plugins, file-java, file-other and server-webapp rule sets to provide coverage for emerging threats from these technologies.

Change logs

2019-04-16 13:27:12 UTC

Snort Subscriber Rules Update

Date: 2019-04-16

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091300.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:49826 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49825 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49824 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49823 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49822 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49821 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49820 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49819 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49818 <-> DISABLED <-> SERVER-WEBAPP Trend Micro DDEI directory traversal attempt (server-webapp.rules)
 * 1:49817 <-> DISABLED <-> SERVER-WEBAPP Trend Micro DDEI directory traversal attempt (server-webapp.rules)
 * 1:49812 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object property memory corruption attempt (browser-ie.rules)
 * 1:49811 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object property memory corruption attempt (browser-ie.rules)
 * 1:49810 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (browser-plugins.rules)
 * 1:49809 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (browser-plugins.rules)
 * 1:49808 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (browser-plugins.rules)
 * 1:49807 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (browser-plugins.rules)
 * 1:49806 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer Element object use-after-free attempt (browser-ie.rules)
 * 1:49805 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer Element object use-after-free attempt (browser-ie.rules)
 * 1:49842 <-> DISABLED <-> SERVER-WEBAPP LG-Ericsson iPECS NMS 30M directory traversal attempt (server-webapp.rules)
 * 1:49841 <-> DISABLED <-> SERVER-WEBAPP LG-Ericsson iPECS NMS 30M directory traversal attempt (server-webapp.rules)
 * 1:49840 <-> DISABLED <-> SERVER-WEBAPP LG-Ericsson iPECS NMS 30M directory traversal attempt (server-webapp.rules)
 * 1:49839 <-> DISABLED <-> SERVER-WEBAPP LG-Ericsson iPECS NMS 30M directory traversal attempt (server-webapp.rules)
 * 1:49838 <-> DISABLED <-> SERVER-WEBAPP Tpshop remote file include attempt (server-webapp.rules)
 * 1:49837 <-> DISABLED <-> SERVER-WEBAPP Tpshop remote file include attempt (server-webapp.rules)
 * 1:49836 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49835 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49834 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49833 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49832 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49831 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49830 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49829 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49828 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49827 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49847 <-> DISABLED <-> SERVER-WEBAPP All in One Video Downloader SQL injection attempt (server-webapp.rules)
 * 1:49846 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:49845 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:49849 <-> DISABLED <-> SERVER-WEBAPP All in One Video Downloader SQL injection attempt (server-webapp.rules)
 * 1:49848 <-> DISABLED <-> SERVER-WEBAPP All in One Video Downloader SQL injection attempt (server-webapp.rules)
 * 3:49801 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0800 attack attempt (protocol-other.rules)
 * 3:49802 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0800 attack attempt (protocol-other.rules)
 * 3:49803 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0799 attack attempt (protocol-other.rules)
 * 3:49804 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0799 attack attempt (protocol-other.rules)
 * 3:49813 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0802 attack attempt (file-other.rules)
 * 3:49814 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0802 attack attempt (file-other.rules)
 * 3:49815 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0802 attack attempt (file-other.rules)
 * 3:49816 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0802 attack attempt (file-other.rules)
 * 3:49843 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0797 attack attempt (protocol-other.rules)
 * 3:49844 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0797 attack attempt (protocol-other.rules)
 * 3:49850 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0804 attack attempt (file-other.rules)
 * 3:49851 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0804 attack attempt (file-other.rules)

Modified Rules:


 * 1:19245 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer redirect to cdl protocol attempt (browser-ie.rules)
 * 1:27796 <-> DISABLED <-> SERVER-WEBAPP CA Total Defense Suite UNCWS UnassignFunctionalRoles stored procedure POST SQL injection attempt (server-webapp.rules)
 * 1:27797 <-> DISABLED <-> SERVER-WEBAPP CA Total Defense Suite UNCWS UnassignFunctionalRoles stored procedure SQL injection attempt (server-webapp.rules)

2019-04-16 13:27:12 UTC

Snort Subscriber Rules Update

Date: 2019-04-16

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091200.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:49840 <-> DISABLED <-> SERVER-WEBAPP LG-Ericsson iPECS NMS 30M directory traversal attempt (server-webapp.rules)
 * 1:49809 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (browser-plugins.rules)
 * 1:49836 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49822 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49807 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (browser-plugins.rules)
 * 1:49823 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49808 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (browser-plugins.rules)
 * 1:49812 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object property memory corruption attempt (browser-ie.rules)
 * 1:49817 <-> DISABLED <-> SERVER-WEBAPP Trend Micro DDEI directory traversal attempt (server-webapp.rules)
 * 1:49824 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49825 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49826 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49827 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49828 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49829 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49830 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49831 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49832 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49833 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49821 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49834 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49835 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49837 <-> DISABLED <-> SERVER-WEBAPP Tpshop remote file include attempt (server-webapp.rules)
 * 1:49838 <-> DISABLED <-> SERVER-WEBAPP Tpshop remote file include attempt (server-webapp.rules)
 * 1:49839 <-> DISABLED <-> SERVER-WEBAPP LG-Ericsson iPECS NMS 30M directory traversal attempt (server-webapp.rules)
 * 1:49810 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (browser-plugins.rules)
 * 1:49841 <-> DISABLED <-> SERVER-WEBAPP LG-Ericsson iPECS NMS 30M directory traversal attempt (server-webapp.rules)
 * 1:49845 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:49842 <-> DISABLED <-> SERVER-WEBAPP LG-Ericsson iPECS NMS 30M directory traversal attempt (server-webapp.rules)
 * 1:49847 <-> DISABLED <-> SERVER-WEBAPP All in One Video Downloader SQL injection attempt (server-webapp.rules)
 * 1:49846 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:49848 <-> DISABLED <-> SERVER-WEBAPP All in One Video Downloader SQL injection attempt (server-webapp.rules)
 * 1:49849 <-> DISABLED <-> SERVER-WEBAPP All in One Video Downloader SQL injection attempt (server-webapp.rules)
 * 1:49811 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object property memory corruption attempt (browser-ie.rules)
 * 1:49805 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer Element object use-after-free attempt (browser-ie.rules)
 * 1:49806 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer Element object use-after-free attempt (browser-ie.rules)
 * 1:49819 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49820 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49818 <-> DISABLED <-> SERVER-WEBAPP Trend Micro DDEI directory traversal attempt (server-webapp.rules)
 * 3:49815 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0802 attack attempt (file-other.rules)
 * 3:49802 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0800 attack attempt (protocol-other.rules)
 * 3:49804 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0799 attack attempt (protocol-other.rules)
 * 3:49803 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0799 attack attempt (protocol-other.rules)
 * 3:49844 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0797 attack attempt (protocol-other.rules)
 * 3:49850 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0804 attack attempt (file-other.rules)
 * 3:49851 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0804 attack attempt (file-other.rules)
 * 3:49813 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0802 attack attempt (file-other.rules)
 * 3:49801 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0800 attack attempt (protocol-other.rules)
 * 3:49814 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0802 attack attempt (file-other.rules)
 * 3:49843 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0797 attack attempt (protocol-other.rules)
 * 3:49816 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0802 attack attempt (file-other.rules)

Modified Rules:


 * 1:27796 <-> DISABLED <-> SERVER-WEBAPP CA Total Defense Suite UNCWS UnassignFunctionalRoles stored procedure POST SQL injection attempt (server-webapp.rules)
 * 1:27797 <-> DISABLED <-> SERVER-WEBAPP CA Total Defense Suite UNCWS UnassignFunctionalRoles stored procedure SQL injection attempt (server-webapp.rules)
 * 1:19245 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer redirect to cdl protocol attempt (browser-ie.rules)

2019-04-16 13:27:12 UTC

Snort Subscriber Rules Update

Date: 2019-04-16

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091101.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:49818 <-> DISABLED <-> SERVER-WEBAPP Trend Micro DDEI directory traversal attempt (server-webapp.rules)
 * 1:49807 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (browser-plugins.rules)
 * 1:49840 <-> DISABLED <-> SERVER-WEBAPP LG-Ericsson iPECS NMS 30M directory traversal attempt (server-webapp.rules)
 * 1:49819 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49809 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (browser-plugins.rules)
 * 1:49846 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:49842 <-> DISABLED <-> SERVER-WEBAPP LG-Ericsson iPECS NMS 30M directory traversal attempt (server-webapp.rules)
 * 1:49841 <-> DISABLED <-> SERVER-WEBAPP LG-Ericsson iPECS NMS 30M directory traversal attempt (server-webapp.rules)
 * 1:49845 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:49820 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49831 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49838 <-> DISABLED <-> SERVER-WEBAPP Tpshop remote file include attempt (server-webapp.rules)
 * 1:49849 <-> DISABLED <-> SERVER-WEBAPP All in One Video Downloader SQL injection attempt (server-webapp.rules)
 * 1:49848 <-> DISABLED <-> SERVER-WEBAPP All in One Video Downloader SQL injection attempt (server-webapp.rules)
 * 1:49847 <-> DISABLED <-> SERVER-WEBAPP All in One Video Downloader SQL injection attempt (server-webapp.rules)
 * 1:49805 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer Element object use-after-free attempt (browser-ie.rules)
 * 1:49817 <-> DISABLED <-> SERVER-WEBAPP Trend Micro DDEI directory traversal attempt (server-webapp.rules)
 * 1:49811 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object property memory corruption attempt (browser-ie.rules)
 * 1:49810 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (browser-plugins.rules)
 * 1:49828 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49829 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49821 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49832 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49834 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49833 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49835 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49823 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49822 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49836 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49839 <-> DISABLED <-> SERVER-WEBAPP LG-Ericsson iPECS NMS 30M directory traversal attempt (server-webapp.rules)
 * 1:49830 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49826 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49827 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49824 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49825 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49812 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object property memory corruption attempt (browser-ie.rules)
 * 1:49806 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer Element object use-after-free attempt (browser-ie.rules)
 * 1:49808 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (browser-plugins.rules)
 * 1:49837 <-> DISABLED <-> SERVER-WEBAPP Tpshop remote file include attempt (server-webapp.rules)
 * 3:49801 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0800 attack attempt (protocol-other.rules)
 * 3:49803 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0799 attack attempt (protocol-other.rules)
 * 3:49804 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0799 attack attempt (protocol-other.rules)
 * 3:49815 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0802 attack attempt (file-other.rules)
 * 3:49813 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0802 attack attempt (file-other.rules)
 * 3:49814 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0802 attack attempt (file-other.rules)
 * 3:49844 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0797 attack attempt (protocol-other.rules)
 * 3:49850 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0804 attack attempt (file-other.rules)
 * 3:49851 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0804 attack attempt (file-other.rules)
 * 3:49802 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0800 attack attempt (protocol-other.rules)
 * 3:49816 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0802 attack attempt (file-other.rules)
 * 3:49843 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0797 attack attempt (protocol-other.rules)

Modified Rules:


 * 1:19245 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer redirect to cdl protocol attempt (browser-ie.rules)
 * 1:27796 <-> DISABLED <-> SERVER-WEBAPP CA Total Defense Suite UNCWS UnassignFunctionalRoles stored procedure POST SQL injection attempt (server-webapp.rules)
 * 1:27797 <-> DISABLED <-> SERVER-WEBAPP CA Total Defense Suite UNCWS UnassignFunctionalRoles stored procedure SQL injection attempt (server-webapp.rules)

2019-04-16 13:27:12 UTC

Snort Subscriber Rules Update

Date: 2019-04-16

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3000.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:49824 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (snort3-server-webapp.rules)
 * 1:49825 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (snort3-server-webapp.rules)
 * 1:49826 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (snort3-server-webapp.rules)
 * 1:49848 <-> DISABLED <-> SERVER-WEBAPP All in One Video Downloader SQL injection attempt (snort3-server-webapp.rules)
 * 1:49818 <-> DISABLED <-> SERVER-WEBAPP Trend Micro DDEI directory traversal attempt (snort3-server-webapp.rules)
 * 1:49841 <-> DISABLED <-> SERVER-WEBAPP LG-Ericsson iPECS NMS 30M directory traversal attempt (snort3-server-webapp.rules)
 * 1:49806 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer Element object use-after-free attempt (snort3-browser-ie.rules)
 * 1:49811 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object property memory corruption attempt (snort3-browser-ie.rules)
 * 1:49812 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object property memory corruption attempt (snort3-browser-ie.rules)
 * 1:49819 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (snort3-server-webapp.rules)
 * 1:49820 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (snort3-server-webapp.rules)
 * 1:49810 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (snort3-browser-plugins.rules)
 * 1:49817 <-> DISABLED <-> SERVER-WEBAPP Trend Micro DDEI directory traversal attempt (snort3-server-webapp.rules)
 * 1:49822 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (snort3-server-webapp.rules)
 * 1:49821 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (snort3-server-webapp.rules)
 * 1:49809 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (snort3-browser-plugins.rules)
 * 1:49805 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer Element object use-after-free attempt (snort3-browser-ie.rules)
 * 1:49833 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (snort3-server-webapp.rules)
 * 1:49836 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (snort3-server-webapp.rules)
 * 1:49835 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (snort3-server-webapp.rules)
 * 1:49837 <-> DISABLED <-> SERVER-WEBAPP Tpshop remote file include attempt (snort3-server-webapp.rules)
 * 1:49830 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (snort3-server-webapp.rules)
 * 1:49838 <-> DISABLED <-> SERVER-WEBAPP Tpshop remote file include attempt (snort3-server-webapp.rules)
 * 1:49839 <-> DISABLED <-> SERVER-WEBAPP LG-Ericsson iPECS NMS 30M directory traversal attempt (snort3-server-webapp.rules)
 * 1:49827 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (snort3-server-webapp.rules)
 * 1:49807 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (snort3-browser-plugins.rules)
 * 1:49847 <-> DISABLED <-> SERVER-WEBAPP All in One Video Downloader SQL injection attempt (snort3-server-webapp.rules)
 * 1:49846 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (snort3-file-java.rules)
 * 1:49808 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (snort3-browser-plugins.rules)
 * 1:49845 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (snort3-file-java.rules)
 * 1:49829 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (snort3-server-webapp.rules)
 * 1:49828 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (snort3-server-webapp.rules)
 * 1:49842 <-> DISABLED <-> SERVER-WEBAPP LG-Ericsson iPECS NMS 30M directory traversal attempt (snort3-server-webapp.rules)
 * 1:49849 <-> DISABLED <-> SERVER-WEBAPP All in One Video Downloader SQL injection attempt (snort3-server-webapp.rules)
 * 1:49840 <-> DISABLED <-> SERVER-WEBAPP LG-Ericsson iPECS NMS 30M directory traversal attempt (snort3-server-webapp.rules)
 * 1:49823 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (snort3-server-webapp.rules)
 * 1:49834 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (snort3-server-webapp.rules)
 * 1:49832 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (snort3-server-webapp.rules)
 * 1:49831 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (snort3-server-webapp.rules)

Modified Rules:


 * 1:19245 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer redirect to cdl protocol attempt (snort3-browser-ie.rules)
 * 1:27796 <-> DISABLED <-> SERVER-WEBAPP CA Total Defense Suite UNCWS UnassignFunctionalRoles stored procedure POST SQL injection attempt (snort3-server-webapp.rules)
 * 1:27797 <-> DISABLED <-> SERVER-WEBAPP CA Total Defense Suite UNCWS UnassignFunctionalRoles stored procedure SQL injection attempt (snort3-server-webapp.rules)

2019-04-16 13:27:12 UTC

Snort Subscriber Rules Update

Date: 2019-04-16

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2990.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:49847 <-> DISABLED <-> SERVER-WEBAPP All in One Video Downloader SQL injection attempt (server-webapp.rules)
 * 1:49838 <-> DISABLED <-> SERVER-WEBAPP Tpshop remote file include attempt (server-webapp.rules)
 * 1:49848 <-> DISABLED <-> SERVER-WEBAPP All in One Video Downloader SQL injection attempt (server-webapp.rules)
 * 1:49834 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49845 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:49826 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49840 <-> DISABLED <-> SERVER-WEBAPP LG-Ericsson iPECS NMS 30M directory traversal attempt (server-webapp.rules)
 * 1:49835 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49808 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (browser-plugins.rules)
 * 1:49822 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49849 <-> DISABLED <-> SERVER-WEBAPP All in One Video Downloader SQL injection attempt (server-webapp.rules)
 * 1:49837 <-> DISABLED <-> SERVER-WEBAPP Tpshop remote file include attempt (server-webapp.rules)
 * 1:49832 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49806 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer Element object use-after-free attempt (browser-ie.rules)
 * 1:49846 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:49825 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49809 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (browser-plugins.rules)
 * 1:49842 <-> DISABLED <-> SERVER-WEBAPP LG-Ericsson iPECS NMS 30M directory traversal attempt (server-webapp.rules)
 * 1:49829 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49805 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer Element object use-after-free attempt (browser-ie.rules)
 * 1:49810 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (browser-plugins.rules)
 * 1:49812 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object property memory corruption attempt (browser-ie.rules)
 * 1:49817 <-> DISABLED <-> SERVER-WEBAPP Trend Micro DDEI directory traversal attempt (server-webapp.rules)
 * 1:49841 <-> DISABLED <-> SERVER-WEBAPP LG-Ericsson iPECS NMS 30M directory traversal attempt (server-webapp.rules)
 * 1:49820 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49823 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49807 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (browser-plugins.rules)
 * 1:49819 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49821 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49811 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object property memory corruption attempt (browser-ie.rules)
 * 1:49833 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49827 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49828 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49818 <-> DISABLED <-> SERVER-WEBAPP Trend Micro DDEI directory traversal attempt (server-webapp.rules)
 * 1:49831 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49824 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49836 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49839 <-> DISABLED <-> SERVER-WEBAPP LG-Ericsson iPECS NMS 30M directory traversal attempt (server-webapp.rules)
 * 1:49830 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 3:49813 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0802 attack attempt (file-other.rules)
 * 3:49843 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0797 attack attempt (protocol-other.rules)
 * 3:49844 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0797 attack attempt (protocol-other.rules)
 * 3:49803 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0799 attack attempt (protocol-other.rules)
 * 3:49802 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0800 attack attempt (protocol-other.rules)
 * 3:49801 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0800 attack attempt (protocol-other.rules)
 * 3:49814 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0802 attack attempt (file-other.rules)
 * 3:49851 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0804 attack attempt (file-other.rules)
 * 3:49815 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0802 attack attempt (file-other.rules)
 * 3:49850 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0804 attack attempt (file-other.rules)
 * 3:49816 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0802 attack attempt (file-other.rules)
 * 3:49804 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0799 attack attempt (protocol-other.rules)

Modified Rules:


 * 1:19245 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer redirect to cdl protocol attempt (browser-ie.rules)
 * 1:27796 <-> DISABLED <-> SERVER-WEBAPP CA Total Defense Suite UNCWS UnassignFunctionalRoles stored procedure POST SQL injection attempt (server-webapp.rules)
 * 1:27797 <-> DISABLED <-> SERVER-WEBAPP CA Total Defense Suite UNCWS UnassignFunctionalRoles stored procedure SQL injection attempt (server-webapp.rules)

2019-04-16 13:27:12 UTC

Snort Subscriber Rules Update

Date: 2019-04-16

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2983.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:49818 <-> DISABLED <-> SERVER-WEBAPP Trend Micro DDEI directory traversal attempt (server-webapp.rules)
 * 1:49817 <-> DISABLED <-> SERVER-WEBAPP Trend Micro DDEI directory traversal attempt (server-webapp.rules)
 * 1:49806 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer Element object use-after-free attempt (browser-ie.rules)
 * 1:49824 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49819 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49820 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49807 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (browser-plugins.rules)
 * 1:49840 <-> DISABLED <-> SERVER-WEBAPP LG-Ericsson iPECS NMS 30M directory traversal attempt (server-webapp.rules)
 * 1:49805 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer Element object use-after-free attempt (browser-ie.rules)
 * 1:49809 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (browser-plugins.rules)
 * 1:49842 <-> DISABLED <-> SERVER-WEBAPP LG-Ericsson iPECS NMS 30M directory traversal attempt (server-webapp.rules)
 * 1:49841 <-> DISABLED <-> SERVER-WEBAPP LG-Ericsson iPECS NMS 30M directory traversal attempt (server-webapp.rules)
 * 1:49848 <-> DISABLED <-> SERVER-WEBAPP All in One Video Downloader SQL injection attempt (server-webapp.rules)
 * 1:49845 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:49833 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49829 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49808 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (browser-plugins.rules)
 * 1:49831 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49811 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object property memory corruption attempt (browser-ie.rules)
 * 1:49825 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49812 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object property memory corruption attempt (browser-ie.rules)
 * 1:49832 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49836 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49847 <-> DISABLED <-> SERVER-WEBAPP All in One Video Downloader SQL injection attempt (server-webapp.rules)
 * 1:49835 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49827 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49826 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49839 <-> DISABLED <-> SERVER-WEBAPP LG-Ericsson iPECS NMS 30M directory traversal attempt (server-webapp.rules)
 * 1:49837 <-> DISABLED <-> SERVER-WEBAPP Tpshop remote file include attempt (server-webapp.rules)
 * 1:49838 <-> DISABLED <-> SERVER-WEBAPP Tpshop remote file include attempt (server-webapp.rules)
 * 1:49846 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:49823 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49822 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49828 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49830 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49821 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49834 <-> DISABLED <-> SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (server-webapp.rules)
 * 1:49849 <-> DISABLED <-> SERVER-WEBAPP All in One Video Downloader SQL injection attempt (server-webapp.rules)
 * 1:49810 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (browser-plugins.rules)
 * 3:49814 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0802 attack attempt (file-other.rules)
 * 3:49813 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0802 attack attempt (file-other.rules)
 * 3:49850 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0804 attack attempt (file-other.rules)
 * 3:49803 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0799 attack attempt (protocol-other.rules)
 * 3:49851 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0804 attack attempt (file-other.rules)
 * 3:49801 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0800 attack attempt (protocol-other.rules)
 * 3:49802 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0800 attack attempt (protocol-other.rules)
 * 3:49844 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0797 attack attempt (protocol-other.rules)
 * 3:49804 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0799 attack attempt (protocol-other.rules)
 * 3:49843 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0797 attack attempt (protocol-other.rules)
 * 3:49815 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0802 attack attempt (file-other.rules)
 * 3:49816 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0802 attack attempt (file-other.rules)

Modified Rules:


 * 1:19245 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer redirect to cdl protocol attempt (browser-ie.rules)
 * 1:27796 <-> DISABLED <-> SERVER-WEBAPP CA Total Defense Suite UNCWS UnassignFunctionalRoles stored procedure POST SQL injection attempt (server-webapp.rules)
 * 1:27797 <-> DISABLED <-> SERVER-WEBAPP CA Total Defense Suite UNCWS UnassignFunctionalRoles stored procedure SQL injection attempt (server-webapp.rules)