Sourcefire VRT Certified Rules Update

Date: 2005-12-08

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack.

The format of the file is:

sid - Message (rule group)

New rules:
4681 - WEB-MISC Symantec admin interface client negative Content-Length attempt (web-misc.rules)
4682 - NETBIOS DCERPC NCACN-IP-TCP locator alter context attempt (netbios.rules)
4683 - NETBIOS DCERPC NCACN-IP-TCP locator bind attempt (netbios.rules)
4684 - NETBIOS DCERPC NCACN-IP-TCP locator little endian alter context attempt (netbios.rules)
4685 - NETBIOS DCERPC NCACN-IP-TCP locator little endian bind attempt (netbios.rules)
4686 - NETBIOS SMB locator WriteAndX alter context attempt (netbios.rules)
4687 - NETBIOS SMB locator WriteAndX andx alter context attempt (netbios.rules)
4688 - NETBIOS SMB locator WriteAndX andx bind attempt (netbios.rules)
4689 - NETBIOS SMB locator WriteAndX bind attempt (netbios.rules)
4690 - NETBIOS SMB locator WriteAndX little endian alter context attempt (netbios.rules)
4691 - NETBIOS SMB locator WriteAndX little endian andx alter context attempt (netbios.rules)
4692 - NETBIOS SMB locator WriteAndX little endian andx bind attempt (netbios.rules)
4693 - NETBIOS SMB locator WriteAndX little endian bind attempt (netbios.rules)
4694 - NETBIOS SMB locator WriteAndX unicode alter context attempt (netbios.rules)
4695 - NETBIOS SMB locator WriteAndX unicode andx alter context attempt (netbios.rules)
4696 - NETBIOS SMB locator WriteAndX unicode andx bind attempt (netbios.rules)
4697 - NETBIOS SMB locator WriteAndX unicode bind attempt (netbios.rules)
4698 - NETBIOS SMB locator WriteAndX unicode little endian alter context attempt (netbios.rules)
4699 - NETBIOS SMB locator WriteAndX unicode little endian andx alter context attempt (netbios.rules)
4700 - NETBIOS SMB locator WriteAndX unicode little endian andx bind attempt (netbios.rules)
4701 - NETBIOS SMB locator WriteAndX unicode little endian bind attempt (netbios.rules)
4702 - NETBIOS SMB locator alter context attempt (netbios.rules)
4703 - NETBIOS SMB locator andx alter context attempt (netbios.rules)
4704 - NETBIOS SMB locator andx bind attempt (netbios.rules)
4705 - NETBIOS SMB locator bind attempt (netbios.rules)
4706 - NETBIOS SMB locator little endian alter context attempt (netbios.rules)
4707 - NETBIOS SMB locator little endian andx alter context attempt (netbios.rules)
4708 - NETBIOS SMB locator little endian andx bind attempt (netbios.rules)
4709 - NETBIOS SMB locator little endian bind attempt (netbios.rules)
4710 - NETBIOS SMB locator unicode alter context attempt (netbios.rules)
4711 - NETBIOS SMB locator unicode andx alter context attempt (netbios.rules)
4712 - NETBIOS SMB locator unicode andx bind attempt (netbios.rules)
4713 - NETBIOS SMB locator unicode bind attempt (netbios.rules)
4714 - NETBIOS SMB locator unicode little endian alter context attempt (netbios.rules)
4715 - NETBIOS SMB locator unicode little endian andx alter context attempt (netbios.rules)
4716 - NETBIOS SMB locator unicode little endian andx bind attempt (netbios.rules)
4717 - NETBIOS SMB locator unicode little endian bind attempt (netbios.rules)
4718 - NETBIOS SMB-DS locator WriteAndX alter context attempt (netbios.rules)
4719 - NETBIOS SMB-DS locator WriteAndX andx alter context attempt (netbios.rules)
4720 - NETBIOS SMB-DS locator WriteAndX andx bind attempt (netbios.rules)
4721 - NETBIOS SMB-DS locator WriteAndX bind attempt (netbios.rules)
4722 - NETBIOS SMB-DS locator WriteAndX little endian alter context attempt (netbios.rules)
4723 - NETBIOS SMB-DS locator WriteAndX little endian andx alter context attempt (netbios.rules)
4724 - NETBIOS SMB-DS locator WriteAndX little endian andx bind attempt (netbios.rules)
4725 - NETBIOS SMB-DS locator WriteAndX little endian bind attempt (netbios.rules)
4726 - NETBIOS SMB-DS locator WriteAndX unicode alter context attempt (netbios.rules)
4727 - NETBIOS SMB-DS locator WriteAndX unicode andx alter context attempt (netbios.rules)
4728 - NETBIOS SMB-DS locator WriteAndX unicode andx bind attempt (netbios.rules)
4729 - NETBIOS SMB-DS locator WriteAndX unicode bind attempt (netbios.rules)
4730 - NETBIOS SMB-DS locator WriteAndX unicode little endian alter context attempt (netbios.rules)
4731 - NETBIOS SMB-DS locator WriteAndX unicode little endian andx alter context attempt (netbios.rules)
4732 - NETBIOS SMB-DS locator WriteAndX unicode little endian andx bind attempt (netbios.rules)
4733 - NETBIOS SMB-DS locator WriteAndX unicode little endian bind attempt (netbios.rules)
4734 - NETBIOS SMB-DS locator alter context attempt (netbios.rules)
4735 - NETBIOS SMB-DS locator andx alter context attempt (netbios.rules)
4736 - NETBIOS SMB-DS locator andx bind attempt (netbios.rules)
4737 - NETBIOS SMB-DS locator bind attempt (netbios.rules)
4738 - NETBIOS SMB-DS locator little endian alter context attempt (netbios.rules)
4739 - NETBIOS SMB-DS locator little endian andx alter context attempt (netbios.rules)
4740 - NETBIOS SMB-DS locator little endian andx bind attempt (netbios.rules)
4741 - NETBIOS SMB-DS locator little endian bind attempt (netbios.rules)
4742 - NETBIOS SMB-DS locator unicode alter context attempt (netbios.rules)
4743 - NETBIOS SMB-DS locator unicode andx alter context attempt (netbios.rules)
4744 - NETBIOS SMB-DS locator unicode andx bind attempt (netbios.rules)
4745 - NETBIOS SMB-DS locator unicode bind attempt (netbios.rules)
4746 - NETBIOS SMB-DS locator unicode little endian alter context attempt (netbios.rules)
4747 - NETBIOS SMB-DS locator unicode little endian andx alter context attempt (netbios.rules)
4748 - NETBIOS SMB-DS locator unicode little endian andx bind attempt (netbios.rules)
4749 - NETBIOS SMB-DS locator unicode little endian bind attempt (netbios.rules)
4750 - NETBIOS DCERPC NCADG-IP-UDP locator alter context attempt (netbios.rules)
4751 - NETBIOS DCERPC NCADG-IP-UDP locator bind attempt (netbios.rules)
4752 - NETBIOS DCERPC NCADG-IP-UDP locator little endian alter context attempt (netbios.rules)
4753 - NETBIOS DCERPC NCADG-IP-UDP locator little endian bind attempt (netbios.rules)
4754 - NETBIOS DCERPC NCACN-IP-TCP locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules)
4755 - NETBIOS DCERPC NCACN-IP-TCP locator nsi_binding_lookup_begin overflow attempt (netbios.rules)
4756 - NETBIOS DCERPC NCACN-IP-TCP v4 locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules)
4757 - NETBIOS DCERPC NCACN-IP-TCP v4 locator nsi_binding_lookup_begin overflow attempt (netbios.rules)
4758 - NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX andx overflow attempt (netbios.rules)
4759 - NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX little endian andx overflow attempt (netbios.rules)
4760 - NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX little endian overflow attempt (netbios.rules)
4761 - NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX overflow attempt (netbios.rules)
4762 - NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX unicode andx overflow attempt (netbios.rules)
4763 - NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX unicode little endian andx overflow attempt (netbios.rules)
4764 - NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX unicode little endian overflow attempt (netbios.rules)
4765 - NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX unicode overflow attempt (netbios.rules)
4766 - NETBIOS SMB locator nsi_binding_lookup_begin andx overflow attempt (netbios.rules)
4767 - NETBIOS SMB locator nsi_binding_lookup_begin little endian andx overflow attempt (netbios.rules)
4768 - NETBIOS SMB locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules)
4769 - NETBIOS SMB locator nsi_binding_lookup_begin overflow attempt (netbios.rules)
4770 - NETBIOS SMB locator nsi_binding_lookup_begin unicode andx overflow attempt (netbios.rules)
4771 - NETBIOS SMB locator nsi_binding_lookup_begin unicode little endian andx overflow attempt (netbios.rules)
4772 - NETBIOS SMB locator nsi_binding_lookup_begin unicode little endian overflow attempt (netbios.rules)
4773 - NETBIOS SMB locator nsi_binding_lookup_begin unicode overflow attempt (netbios.rules)
4774 - NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX andx overflow attempt (netbios.rules)
4775 - NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX little endian andx overflow attempt (netbios.rules)
4776 - NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX little endian overflow attempt (netbios.rules)
4777 - NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX overflow attempt (netbios.rules)
4778 - NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX unicode andx overflow attempt (netbios.rules)
4779 - NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX unicode little endian andx overflow attempt (netbios.rules)
4780 - NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX unicode little endian overflow attempt (netbios.rules)
4781 - NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX unicode overflow attempt (netbios.rules)
4782 - NETBIOS SMB v4 locator nsi_binding_lookup_begin andx overflow attempt (netbios.rules)
4783 - NETBIOS SMB v4 locator nsi_binding_lookup_begin little endian andx overflow attempt (netbios.rules)
4784 - NETBIOS SMB v4 locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules)
4785 - NETBIOS SMB v4 locator nsi_binding_lookup_begin overflow attempt (netbios.rules)
4786 - NETBIOS SMB v4 locator nsi_binding_lookup_begin unicode andx overflow attempt (netbios.rules)
4787 - NETBIOS SMB v4 locator nsi_binding_lookup_begin unicode little endian andx overflow attempt (netbios.rules)
4788 - NETBIOS SMB v4 locator nsi_binding_lookup_begin unicode little endian overflow attempt (netbios.rules)
4789 - NETBIOS SMB v4 locator nsi_binding_lookup_begin unicode overflow attempt (netbios.rules)
4790 - NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX andx overflow attempt (netbios.rules)
4791 - NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX little endian andx overflow attempt (netbios.rules)
4792 - NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX little endian overflow attempt (netbios.rules)
4793 - NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX overflow attempt (netbios.rules)
4794 - NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX unicode andx overflow attempt (netbios.rules)
4795 - NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX unicode little endian andx overflow attempt (netbios.rules)
4796 - NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX unicode little endian overflow attempt (netbios.rules)
4797 - NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX unicode overflow attempt (netbios.rules)
4798 - NETBIOS SMB-DS locator nsi_binding_lookup_begin andx overflow attempt (netbios.rules)
4799 - NETBIOS SMB-DS locator nsi_binding_lookup_begin little endian andx overflow attempt (netbios.rules)
4800 - NETBIOS SMB-DS locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules)
4801 - NETBIOS SMB-DS locator nsi_binding_lookup_begin overflow attempt (netbios.rules)
4802 - NETBIOS SMB-DS locator nsi_binding_lookup_begin unicode andx overflow attempt (netbios.rules)
4803 - NETBIOS SMB-DS locator nsi_binding_lookup_begin unicode little endian andx overflow attempt (netbios.rules)
4804 - NETBIOS SMB-DS locator nsi_binding_lookup_begin unicode little endian overflow attempt (netbios.rules)
4805 - NETBIOS SMB-DS locator nsi_binding_lookup_begin unicode overflow attempt (netbios.rules)
4806 - NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX andx overflow attempt (netbios.rules)
4807 - NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX little endian andx overflow attempt (netbios.rules)
4808 - NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX little endian overflow attempt (netbios.rules)
4809 - NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX overflow attempt (netbios.rules)
4810 - NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX unicode andx overflow attempt (netbios.rules)
4811 - NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX unicode little endian andx overflow attempt (netbios.rules)
4812 - NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX unicode little endian overflow attempt (netbios.rules)
4813 - NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX unicode overflow attempt (netbios.rules)
4814 - NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin andx overflow attempt (netbios.rules)
4815 - NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin little endian andx overflow attempt (netbios.rules)
4816 - NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules)
4817 - NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin overflow attempt (netbios.rules)
4818 - NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin unicode andx overflow attempt (netbios.rules)
4819 - NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin unicode little endian andx overflow attempt (netbios.rules)
4820 - NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin unicode little endian overflow attempt (netbios.rules)
4821 - NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin unicode overflow attempt (netbios.rules)
4822 - NETBIOS DCERPC NCADG-IP-UDP locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules)
4823 - NETBIOS DCERPC NCADG-IP-UDP locator nsi_binding_lookup_begin overflow attempt (netbios.rules)
4824 - NETBIOS DCERPC NCADG-IP-UDP v4 locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules)
4825 - NETBIOS DCERPC NCADG-IP-UDP v4 locator nsi_binding_lookup_begin overflow attempt (netbios.rules)

Updated rules:
 230 - DDOS shaft client login to handler (ddos.rules)
 312 - EXPLOIT ntpdx overflow attempt (exploit.rules)
 360 - FTP serv-u directory transversal (ftp.rules)
 527 - DELETED BAD-TRAFFIC same SRC/DST (deleted.rules)
 569 - RPC snmpXdmi overflow attempt TCP (rpc.rules)
 593 - RPC portmap snmpXdmi request TCP (rpc.rules)
 899 - WEB-CGI Amaya templates sendtemp.pl directory traversal attempt (web-cgi.rules)
 969 - WEB-IIS WebDAV file lock attempt (web-iis.rules)
1042 - WEB-IIS view source via translate header (web-iis.rules)
1048 - WEB-MISC Netscape Enterprise directory listing attempt (web-misc.rules)
1113 - DELETED WEB-MISC http directory traversal (deleted.rules)
1248 - WEB-FRONTPAGE rad fp30reg.dll access (web-frontpage.rules)
1249 - WEB-FRONTPAGE frontpage rad fp4areg.dll access (web-frontpage.rules)
1250 - WEB-MISC Cisco IOS HTTP configuration attempt (web-misc.rules)
1254 - WEB-PHP PHPLIB remote command attempt (web-php.rules)
1279 - RPC portmap snmpXdmi request UDP (rpc.rules)
1323 - EXPLOIT rwhoisd format string attempt (exploit.rules)
1327 - EXPLOIT ssh CRC32 overflow (exploit.rules)
1377 - FTP wu-ftp bad file completion attempt [ (ftp.rules)
1378 - FTP wu-ftp bad file completion attempt { (ftp.rules)
1384 - MISC UPnP malformed advertisement (misc.rules)
1388 - MISC UPnP Location overflow (misc.rules)
1395 - WEB-CGI zml.cgi attempt (web-cgi.rules)
1396 - WEB-CGI zml.cgi access (web-cgi.rules)
1397 - WEB-CGI wayboard attempt (web-cgi.rules)
1398 - EXPLOIT CDE dtspcd exploit attempt (exploit.rules)
1447 - MISC MS Terminal server request RDP (misc.rules)
1448 - MISC MS Terminal server request (misc.rules)
1451 - WEB-CGI NPH-publish access (web-cgi.rules)
1467 - WEB-CGI directorypro.cgi access (web-cgi.rules)
1470 - WEB-CGI listrec.pl access (web-cgi.rules)
1473 - WEB-CGI newsdesk.cgi access (web-cgi.rules)
1484 - DELETED WEB-IIS /isapi/tstisapi.dll access (deleted.rules)
1495 - WEB-CGI SIX webboard generate.cgi access (web-cgi.rules)
1505 - WEB-CGI alchemy http server PRN arbitrary command execution attempt (web-cgi.rules)
1506 - WEB-CGI alchemy http server NUL arbitrary command execution attempt (web-cgi.rules)
1519 - WEB-MISC apache ?M=D directory list attempt (web-misc.rules)
1562 - FTP SITE CHOWN overflow attempt (ftp.rules)
1571 - WEB-CGI dcforum.cgi directory traversal attempt (web-cgi.rules)
1574 - WEB-CGI directorypro.cgi attempt (web-cgi.rules)
1663 - WEB-MISC *%0a.pl access (web-misc.rules)
1701 - WEB-CGI calendar-admin.pl access (web-cgi.rules)
1746 - RPC portmap cachefsd request UDP (rpc.rules)
1747 - RPC portmap cachefsd request TCP (rpc.rules)
1755 - IMAP partial body buffer overflow attempt (imap.rules)
1801 - WEB-IIS .asp HTTP header buffer overflow attempt (web-iis.rules)
1802 - WEB-IIS .asa HTTP header buffer overflow attempt (web-iis.rules)
1803 - WEB-IIS .cer HTTP header buffer overflow attempt (web-iis.rules)
1804 - WEB-IIS .cdx HTTP header buffer overflow attempt (web-iis.rules)
1806 - WEB-IIS .htr chunked Transfer-Encoding (web-iis.rules)
1807 - WEB-MISC Chunked-Encoding transfer attempt (web-misc.rules)
1809 - WEB-MISC Apache Chunked-Encoding worm attempt (web-misc.rules)
1811 - ATTACK-RESPONSES successful gobbles ssh exploit uname (attack-responses.rules)
1812 - EXPLOIT gobbles SSH exploit attempt (exploit.rules)
1815 - WEB-PHP directory.php arbitrary command attempt (web-php.rules)
1838 - EXPLOIT SSH server banner overflow (exploit.rules)
1839 - WEB-MISC mailman cross site scripting attempt (web-misc.rules)
1875 - WEB-CGI cgicso access (web-cgi.rules)
1894 - EXPLOIT kadmind buffer overflow attempt (exploit.rules)
1941 - TFTP GET filename overflow attempt (tftp.rules)
1957 - RPC sadmind UDP PING (rpc.rules)
1958 - RPC sadmind TCP PING (rpc.rules)
1969 - WEB-MISC ion-p access (web-misc.rules)
1970 - WEB-IIS MDAC Content-Type overflow attempt (web-iis.rules)
1974 - FTP REST overflow attempt (ftp.rules)
1975 - FTP DELE overflow attempt (ftp.rules)
1993 - IMAP login literal buffer overflow attempt (imap.rules)
1997 - WEB-PHP read_body.php access attempt (web-php.rules)
2010 - MISC CVS double free exploit attempt response (misc.rules)
2011 - MISC CVS invalid directory response (misc.rules)
2025 - RPC yppasswd username overflow attempt UDP (rpc.rules)
2026 - RPC yppasswd username overflow attempt TCP (rpc.rules)
2033 - RPC ypserv maplist request UDP (rpc.rules)
2034 - RPC ypserv maplist request TCP (rpc.rules)
2045 - RPC snmpXdmi overflow attempt UDP (rpc.rules)
2046 - IMAP partial body.peek buffer overflow attempt (imap.rules)
2061 - WEB-MISC Tomcat null byte directory listing attempt (web-misc.rules)
2074 - WEB-PHP Mambo uploadimage.php upload php file attempt (web-php.rules)
2075 - WEB-PHP Mambo upload.php upload php file attempt (web-php.rules)
2076 - WEB-PHP Mambo uploadimage.php access (web-php.rules)
2077 - WEB-PHP Mambo upload.php access (web-php.rules)
2086 - WEB-CGI streaming server parse_xml.cgi access (web-cgi.rules)
2092 - RPC portmap proxy integer overflow attempt UDP (rpc.rules)
2093 - RPC portmap proxy integer overflow attempt TCP (rpc.rules)
2094 - RPC CMSD UDP CMSD_CREATE array buffer overflow attempt (rpc.rules)
2095 - RPC CMSD TCP CMSD_CREATE array buffer overflow attempt (rpc.rules)
2103 - NETBIOS SMB trans2open buffer overflow attempt (netbios.rules)
2104 - ATTACK-RESPONSES rexec username too long response (attack-responses.rules)
2117 - WEB-IIS Battleaxe Forum login.asp access (web-iis.rules)
2121 - POP3 DELE negative argument attempt (pop3.rules)
2126 - MISC Microsoft PPTP Start Control Request buffer overflow attempt (misc.rules)
2158 - MISC BGP invalid length (misc.rules)
2159 - MISC BGP invalid type 0 (misc.rules)
2186 - BAD-TRAFFIC IP Proto 53 SWIPE (bad-traffic.rules)
2187 - BAD-TRAFFIC IP Proto 55 IP Mobility (bad-traffic.rules)
2188 - BAD-TRAFFIC IP Proto 77 Sun ND (bad-traffic.rules)
2189 - BAD-TRAFFIC IP Proto 103 PIM (bad-traffic.rules)
2247 - WEB-IIS UploadScript11.asp access (web-iis.rules)
2262 - SMTP SEND FROM sendmail prescan too long addresses overflow (smtp.rules)
2264 - SMTP SAML FROM sendmail prescan too long addresses overflow (smtp.rules)
2266 - SMTP SOML FROM sendmail prescan too long addresses overflow (smtp.rules)
2268 - SMTP MAIL FROM sendmail prescan too long addresses overflow (smtp.rules)
2270 - SMTP RCPT TO sendmail prescan too long addresses overflow (smtp.rules)
2272 - FTP LIST integer overflow attempt (ftp.rules)
2317 - MISC CVS non-relative path error response (misc.rules)
2318 - MISC CVS non-relative path access attempt (misc.rules)
2329 - MS-SQL probe response overflow attempt (sql.rules)
2330 - IMAP auth overflow attempt (imap.rules)
2337 - TFTP PUT filename overflow attempt (tftp.rules)
2411 - WEB-MISC Real Server DESCRIBE buffer overflow attempt (web-misc.rules)
2424 - NNTP sendsys overflow attempt (nntp.rules)
2425 - NNTP senduuname overflow attempt (nntp.rules)
2426 - NNTP version overflow attempt (nntp.rules)
2427 - NNTP checkgroups overflow attempt (nntp.rules)
2428 - NNTP ihave overflow attempt (nntp.rules)
2429 - NNTP sendme overflow attempt (nntp.rules)
2430 - NNTP newgroup overflow attempt (nntp.rules)
2431 - NNTP rmgroup overflow attempt (nntp.rules)
2433 - WEB-CGI MDaemon form2raw.cgi overflow attempt (web-cgi.rules)
2434 - WEB-CGI MDaemon form2raw.cgi access (web-cgi.rules)
2448 - WEB-MISC setinfo.hts access (web-misc.rules)
2449 - FTP ALLO overflow attempt (ftp.rules)
2489 - EXPLOIT esignal STREAMQUOTE buffer overflow attempt (exploit.rules)
2490 - EXPLOIT esignal SNAPQUOTE buffer overflow attempt (exploit.rules)
2515 - WEB-MISC PCT Client_Hello overflow attempt (web-misc.rules)
2517 - IMAP PCT Client_Hello overflow attempt (imap.rules)
2518 - POP3 PCT Client_Hello overflow attempt (pop3.rules)
2528 - SMTP PCT Client_Hello overflow attempt (smtp.rules)
2547 - MISC HP Web JetAdmin remote file upload attempt (misc.rules)
2548 - MISC HP Web JetAdmin setinfo access (misc.rules)
2569 - WEB-MISC cPanel resetpass access (web-misc.rules)
2574 - FTP RETR format string attempt (ftp.rules)
2578 - EXPLOIT kerberos principal name overflow UDP (exploit.rules)
2579 - EXPLOIT kerberos principal name overflow TCP (exploit.rules)
2584 - EXPLOIT eMule buffer overflow attempt (exploit.rules)
2611 - ORACLE LINK metadata buffer overflow attempt (oracle.rules)
2614 - ORACLE time_zone buffer overflow attempt (oracle.rules)
2651 - ORACLE NUMTODSINTERVAL/NUMTOYMINTERVAL buffer overflow attempt (oracle.rules)
2669 - WEB-CGI ibillpm.pl access (web-cgi.rules)
3007 - IMAP delete overflow attempt (imap.rules)
3008 - IMAP delete literal overflow attempt (imap.rules)
3058 - IMAP copy literal overflow attempt (imap.rules)
3062 - WEB-CGI NetScreen SA 5000 delhomepage.cgi access (web-cgi.rules)
3065 - IMAP append literal overflow attempt (imap.rules)
3066 - IMAP append overflow attempt (imap.rules)
3067 - IMAP examine literal overflow attempt (imap.rules)
3068 - IMAP examine overflow attempt (imap.rules)
3069 - IMAP fetch literal overflow attempt (imap.rules)
3070 - IMAP fetch overflow attempt (imap.rules)
3071 - IMAP status literal overflow attempt (imap.rules)
3072 - IMAP status overflow attempt (imap.rules)
3073 - IMAP subscribe literal overflow attempt (imap.rules)
3074 - IMAP subscribe overflow attempt (imap.rules)
3075 - IMAP unsubscribe literal overflow attempt (imap.rules)
3076 - IMAP unsubscribe overflow attempt (imap.rules)
3088 - WEB-CLIENT winamp .cda file name overflow attempt (web-client.rules)
3147 - TELNET login buffer overflow attempt (telnet.rules)
3150 - WEB-IIS SQLXML content type overflow (web-iis.rules)
3192 - WEB-CLIENT Windows Media Player directory traversal via Content-Disposition attempt (web-client.rules)
3195 - NETBIOS name query overflow attempt TCP (netbios.rules)
3196 - NETBIOS name query overflow attempt UDP (netbios.rules)
3199 - EXPLOIT WINS name query overflow attempt TCP (exploit.rules)
3200 - EXPLOIT WINS name query overflow attempt UDP (exploit.rules)
3274 - TELNET login buffer non-evasive overflow attempt (telnet.rules)
3441 - FTP PORT bounce attempt (ftp.rules)
3453 - MISC Arkeia client backup system info probe (misc.rules)
3454 - MISC Arkeia client backup generic info probe (misc.rules)
3455 - EXPLOIT Bontago Game Server Nickname Buffer Overflow (exploit.rules)
3457 - EXPLOIT Arkeia backup client type 77 overflow attempt (exploit.rules)
3458 - EXPLOIT Arkeia backup client type 84 overflow attempt (exploit.rules)
3470 - WEB-CLIENT RealPlayer VIDORV30 header length buffer overflow (web-client.rules)
3518 - WEB-MISC MySQL MaxDB WebSQL wppassword buffer overflow (web-misc.rules)
3519 - WEB-MISC MySQL MaxDB WebSQL wppassword buffer overflow default port (web-misc.rules)
3534 - WEB-CLIENT Mozilla GIF heap overflow (web-client.rules)
3536 - WEB-CLIENT Mozilla GIF multipacket heap overflow (web-client.rules)
3538 - EXPLOIT RADIUS registration MSID overflow attempt (exploit.rules)
3539 - EXPLOIT RADIUS MSID overflow attempt (exploit.rules)
3540 - EXPLOIT RADIUS registration vendor ATTR_TYPE_STR overflow attempt (exploit.rules)
3541 - EXPLOIT RADIUS ATTR_TYPE_STR overflow attempt (exploit.rules)
3549 - WEB-CLIENT HTML DOM invalid element creation attempt (web-client.rules)
3553 - WEB-CLIENT HTML DOM null element insertion attempt (web-client.rules)
3627 - POLICY X-LINK2STATE CHUNK attempt (policy.rules)
3629 - WEB-MISC sambar /search/results.stm access (web-misc.rules)
3638 - WEB-CGI SoftCart.exe CGI buffer overflow attempt (web-cgi.rules)
3651 - EXPLOIT CVS rsh annotate revision overflow attempt (exploit.rules)
3652 - EXPLOIT CVS pserver annotate revision overflow attempt (exploit.rules)
3657 - ORACLE ctxsys.driload attempt (oracle.rules)
3658 - EXPLOIT ARCserve backup universal agent option 1000 little endian buffer overflow attempt (exploit.rules)
3659 - EXPLOIT ARCserve backup universal agent option 1000 buffer overflow attempt (exploit.rules)
3660 - EXPLOIT ARCserve backup universal agent option 00 little endian buffer overflow attempt (exploit.rules)
3661 - EXPLOIT ARCserve backup universal agent option 00 buffer overflow attempt (exploit.rules)
3662 - EXPLOIT ARCserve backup universal agent option 03 little endian buffer overflow attempt (exploit.rules)
3663 - EXPLOIT ARCserve backup universal agent option 03 buffer overflow attempt (exploit.rules)
3665 - MYSQL server greeting (mysql.rules)
3666 - MYSQL server greeting finished (mysql.rules)
3667 - MYSQL protocol 41 client authentication bypass attempt (mysql.rules)
3668 - MYSQL client authentication bypass attempt (mysql.rules)
3669 - MYSQL protocol 41 secure client overflow attempt (mysql.rules)
3670 - MYSQL secure client overflow attempt (mysql.rules)
3671 - MYSQL protocol 41 client overflow attempt (mysql.rules)
3672 - MYSQL client overflow attempt (mysql.rules)
3677 - EXPLOIT Ethereal SIP UDP CSeq overflow attempt (exploit.rules)
3678 - EXPLOIT Ethereal SIP UDP CSeq overflow attempt (exploit.rules)
3679 - WEB-CLIENT Firefox IFRAME src javascript code execution (web-client.rules)
3686 - WEB-CLIENT Internet Explorer Content Advisor attempted overflow (web-client.rules)
3689 - WEB-CLIENT Internet Explorer tRNS overflow attempt (web-client.rules)
3690 - WEB-CGI Nucleus CMS action.php itemid SQL injection (web-cgi.rules)
3697 - NETBIOS DCERPC DIRECT veritas alter context attempt (netbios.rules)
3698 - NETBIOS DCERPC DIRECT veritas little endian alter context attempt (netbios.rules)
3699 - NETBIOS DCERPC DIRECT veritas bind attempt (netbios.rules)
3700 - NETBIOS DCERPC DIRECT veritas little endian bind attempt (netbios.rules)
3701 - DELETED NETBIOS DCERPC NCACN-IP-TCP veritas alter context attempt (deleted.rules)
3702 - DELETED NETBIOS DCERPC NCACN-IP-TCP veritas bind attempt (deleted.rules)
3703 - DELETED NETBIOS DCERPC NCACN-IP-TCP veritas little endian alter context attempt (deleted.rules)
3704 - DELETED NETBIOS DCERPC NCACN-IP-TCP veritas little endian bind attempt (deleted.rules)
3705 - DELETED NETBIOS SMB veritas WriteAndX alter context attempt (deleted.rules)
3706 - DELETED NETBIOS SMB veritas WriteAndX andx alter context attempt (deleted.rules)
3707 - DELETED NETBIOS SMB veritas WriteAndX andx bind attempt (deleted.rules)
3708 - DELETED NETBIOS SMB veritas WriteAndX bind attempt (deleted.rules)
3709 - DELETED NETBIOS SMB veritas WriteAndX little endian alter context attempt (deleted.rules)
3710 - DELETED NETBIOS SMB veritas WriteAndX little endian andx alter context attempt (deleted.rules)
3711 - DELETED NETBIOS SMB veritas WriteAndX little endian andx bind attempt (deleted.rules)
3712 - DELETED NETBIOS SMB veritas WriteAndX little endian bind attempt (deleted.rules)
3713 - DELETED NETBIOS SMB veritas WriteAndX unicode alter context attempt (deleted.rules)
3714 - DELETED NETBIOS SMB veritas WriteAndX unicode andx alter context attempt (deleted.rules)
3715 - DELETED NETBIOS SMB veritas WriteAndX unicode andx bind attempt (deleted.rules)
3716 - DELETED NETBIOS SMB veritas WriteAndX unicode bind attempt (deleted.rules)
3717 - DELETED NETBIOS SMB veritas WriteAndX unicode little endian alter context attempt (deleted.rules)
3718 - DELETED NETBIOS SMB veritas WriteAndX unicode little endian andx alter context attempt (deleted.rules)
3719 - DELETED NETBIOS SMB veritas WriteAndX unicode little endian andx bind attempt (deleted.rules)
3720 - DELETED NETBIOS SMB veritas WriteAndX unicode little endian bind attempt (deleted.rules)
3721 - DELETED NETBIOS SMB veritas alter context attempt (deleted.rules)
3722 - DELETED NETBIOS SMB veritas andx alter context attempt (deleted.rules)
3723 - DELETED NETBIOS SMB veritas andx bind attempt (deleted.rules)
3724 - DELETED NETBIOS SMB veritas bind attempt (deleted.rules)
3725 - DELETED NETBIOS SMB veritas little endian alter context attempt (deleted.rules)
3726 - DELETED NETBIOS SMB veritas little endian andx alter context attempt (deleted.rules)
3727 - DELETED NETBIOS SMB veritas little endian andx bind attempt (deleted.rules)
3728 - DELETED NETBIOS SMB veritas little endian bind attempt (deleted.rules)
3729 - DELETED NETBIOS SMB veritas unicode alter context attempt (deleted.rules)
3730 - DELETED NETBIOS SMB veritas unicode andx alter context attempt (deleted.rules)
3731 - DELETED NETBIOS SMB veritas unicode andx bind attempt (deleted.rules)
3732 - DELETED NETBIOS SMB veritas unicode bind attempt (deleted.rules)
3733 - DELETED NETBIOS SMB veritas unicode little endian alter context attempt (deleted.rules)
3734 - DELETED NETBIOS SMB veritas unicode little endian andx alter context attempt (deleted.rules)
3735 - DELETED NETBIOS SMB veritas unicode little endian andx bind attempt (deleted.rules)
3736 - DELETED NETBIOS SMB veritas unicode little endian bind attempt (deleted.rules)
3737 - DELETED NETBIOS SMB-DS veritas WriteAndX alter context attempt (deleted.rules)
3738 - DELETED NETBIOS SMB-DS veritas WriteAndX andx alter context attempt (deleted.rules)
3739 - DELETED NETBIOS SMB-DS veritas WriteAndX andx bind attempt (deleted.rules)
3740 - DELETED NETBIOS SMB-DS veritas WriteAndX bind attempt (deleted.rules)
3741 - DELETED NETBIOS SMB-DS veritas WriteAndX little endian alter context attempt (deleted.rules)
3742 - DELETED NETBIOS SMB-DS veritas WriteAndX little endian andx alter context attempt (deleted.rules)
3743 - DELETED NETBIOS SMB-DS veritas WriteAndX little endian andx bind attempt (deleted.rules)
3744 - DELETED NETBIOS SMB-DS veritas WriteAndX little endian bind attempt (deleted.rules)
3745 - DELETED NETBIOS SMB-DS veritas WriteAndX unicode alter context attempt (deleted.rules)
3746 - DELETED NETBIOS SMB-DS veritas WriteAndX unicode andx alter context attempt (deleted.rules)
3747 - DELETED NETBIOS SMB-DS veritas WriteAndX unicode andx bind attempt (deleted.rules)
3748 - DELETED NETBIOS SMB-DS veritas WriteAndX unicode bind attempt (deleted.rules)
3749 - DELETED NETBIOS SMB-DS veritas WriteAndX unicode little endian alter context attempt (deleted.rules)
3750 - DELETED NETBIOS SMB-DS veritas WriteAndX unicode little endian andx alter context attempt (deleted.rules)
3751 - DELETED NETBIOS SMB-DS veritas WriteAndX unicode little endian andx bind attempt (deleted.rules)
3752 - DELETED NETBIOS SMB-DS veritas WriteAndX unicode little endian bind attempt (deleted.rules)
3753 - DELETED NETBIOS SMB-DS veritas alter context attempt (deleted.rules)
3754 - DELETED NETBIOS SMB-DS veritas andx alter context attempt (deleted.rules)
3755 - DELETED NETBIOS SMB-DS veritas andx bind attempt (deleted.rules)
3756 - DELETED NETBIOS SMB-DS veritas bind attempt (deleted.rules)
3757 - DELETED NETBIOS SMB-DS veritas little endian alter context attempt (deleted.rules)
3758 - DELETED NETBIOS SMB-DS veritas little endian andx alter context attempt (deleted.rules)
3759 - DELETED NETBIOS SMB-DS veritas little endian andx bind attempt (deleted.rules)
3760 - DELETED NETBIOS SMB-DS veritas little endian bind attempt (deleted.rules)
3761 - DELETED NETBIOS SMB-DS veritas unicode alter context attempt (deleted.rules)
3762 - DELETED NETBIOS SMB-DS veritas unicode andx alter context attempt (deleted.rules)
3763 - DELETED NETBIOS SMB-DS veritas unicode andx bind attempt (deleted.rules)
3764 - DELETED NETBIOS SMB-DS veritas unicode bind attempt (deleted.rules)
3765 - DELETED NETBIOS SMB-DS veritas unicode little endian alter context attempt (deleted.rules)
3766 - DELETED NETBIOS SMB-DS veritas unicode little endian andx alter context attempt (deleted.rules)
3767 - DELETED NETBIOS SMB-DS veritas unicode little endian andx bind attempt (deleted.rules)
3768 - DELETED NETBIOS SMB-DS veritas unicode little endian bind attempt (deleted.rules)
3769 - DELETED NETBIOS DCERPC NCACN-HTTP veritas alter context attempt (deleted.rules)
3770 - DELETED NETBIOS DCERPC NCACN-HTTP veritas bind attempt (deleted.rules)
3771 - DELETED NETBIOS DCERPC NCACN-HTTP veritas little endian alter context attempt (deleted.rules)
3772 - DELETED NETBIOS DCERPC NCACN-HTTP veritas little endian bind attempt (deleted.rules)
3773 - DELETED NETBIOS DCERPC DIRECT-UDP veritas alter context attempt (deleted.rules)
3774 - DELETED NETBIOS DCERPC DIRECT-UDP veritas bind attempt (deleted.rules)
3775 - DELETED NETBIOS DCERPC DIRECT-UDP veritas little endian alter context attempt (deleted.rules)
3776 - DELETED NETBIOS DCERPC DIRECT-UDP veritas little endian bind attempt (deleted.rules)
3777 - DELETED NETBIOS DCERPC NCADG-IP-UDP veritas alter context attempt (deleted.rules)
3778 - DELETED NETBIOS DCERPC NCADG-IP-UDP veritas bind attempt (deleted.rules)
3779 - DELETED NETBIOS DCERPC NCADG-IP-UDP veritas little endian alter context attempt (deleted.rules)
3780 - DELETED NETBIOS DCERPC NCADG-IP-UDP veritas little endian bind attempt (deleted.rules)
3781 - DELETED NETBIOS-DG SMB veritas WriteAndX alter context attempt (deleted.rules)
3782 - DELETED NETBIOS-DG SMB veritas WriteAndX andx alter context attempt (deleted.rules)
3783 - DELETED NETBIOS-DG SMB veritas WriteAndX andx bind attempt (deleted.rules)
3784 - DELETED NETBIOS-DG SMB veritas WriteAndX bind attempt (deleted.rules)
3785 - DELETED NETBIOS-DG SMB veritas WriteAndX little endian alter context attempt (deleted.rules)
3786 - DELETED NETBIOS-DG SMB veritas WriteAndX little endian andx alter context attempt (deleted.rules)
3787 - DELETED NETBIOS-DG SMB veritas WriteAndX little endian andx bind attempt (deleted.rules)
3788 - DELETED NETBIOS-DG SMB veritas WriteAndX little endian bind attempt (deleted.rules)
3789 - DELETED NETBIOS-DG SMB veritas WriteAndX unicode alter context attempt (deleted.rules)
3790 - DELETED NETBIOS-DG SMB veritas WriteAndX unicode andx alter context attempt (deleted.rules)
3791 - DELETED NETBIOS-DG SMB veritas WriteAndX unicode andx bind attempt (deleted.rules)
3792 - DELETED NETBIOS-DG SMB veritas WriteAndX unicode bind attempt (deleted.rules)
3793 - DELETED NETBIOS-DG SMB veritas WriteAndX unicode little endian alter context attempt (deleted.rules)
3794 - DELETED NETBIOS-DG SMB veritas WriteAndX unicode little endian andx alter context attempt (deleted.rules)
3795 - DELETED NETBIOS-DG SMB veritas WriteAndX unicode little endian andx bind attempt (deleted.rules)
3796 - DELETED NETBIOS-DG SMB veritas WriteAndX unicode little endian bind attempt (deleted.rules)
3797 - DELETED NETBIOS-DG SMB veritas alter context attempt (deleted.rules)
3798 - DELETED NETBIOS-DG SMB veritas andx alter context attempt (deleted.rules)
3799 - DELETED NETBIOS-DG SMB veritas andx bind attempt (deleted.rules)
3800 - DELETED NETBIOS-DG SMB veritas bind attempt (deleted.rules)
3801 - DELETED NETBIOS-DG SMB veritas little endian alter context attempt (deleted.rules)
3802 - DELETED NETBIOS-DG SMB veritas little endian andx alter context attempt (deleted.rules)
3803 - DELETED NETBIOS-DG SMB veritas little endian andx bind attempt (deleted.rules)
3804 - DELETED NETBIOS-DG SMB veritas little endian bind attempt (deleted.rules)
3805 - DELETED NETBIOS-DG SMB veritas unicode alter context attempt (deleted.rules)
3806 - DELETED NETBIOS-DG SMB veritas unicode andx alter context attempt (deleted.rules)
3807 - DELETED NETBIOS-DG SMB veritas unicode andx bind attempt (deleted.rules)
3808 - DELETED NETBIOS-DG SMB veritas unicode bind attempt (deleted.rules)
3809 - DELETED NETBIOS-DG SMB veritas unicode little endian alter context attempt (deleted.rules)
3810 - DELETED NETBIOS-DG SMB veritas unicode little endian andx alter context attempt (deleted.rules)
3811 - DELETED NETBIOS-DG SMB veritas unicode little endian andx bind attempt (deleted.rules)
3812 - DELETED NETBIOS-DG SMB veritas unicode little endian bind attempt (deleted.rules)
3814 - WEB-CLIENT IE javaprxy.dll COM access (web-client.rules)
3820 - WEB-CLIENT multipacket CHM file transfer attempt (web-client.rules)
3821 - WEB-CLIENT CHM file transfer attempt (web-client.rules)
3823 - WEB-MISC Real Player realtext file bad version buffer overflow attempt (web-misc.rules)
4060 - NEW POLICY RDP attempted Administrator connection request (policy.rules)
4642 - ORACLE sys.pbsde.init buffer overflow attempt (oracle.rules)
4647 - WEB-CLIENT internet explorer javascript onload denial of service attempt (web-client.rules)