# Copyright 2005 Sourcefire, Inc. All Rights Reserved.
# This file is licensed under the GNU General Public License.
# Please see the file LICENSE in this directory for more details.
# Id SID -> MSG map

100000100 || COMMUNITY EXPLOIT Windows Acrobat Reader Activex Overflow Flowbit || cve,2004-0629 || bugtraq,10947
100000101 || COMMUNITY EXPLOIT Windows Acrobat Reader Activex Overflow Exploit || cve,2004-0629 || bugtraq,10947
100000102 || COMMUNITY GAME Halocon Denial of Service Empty UDP Packet || bugtraq,12281
100000103 || COMMUNITY GAME Breed Game Server Denial of Service Empty UDP Packet || bugtraq,12262
100000104 || COMMUNITY GAME Amp II 3D Game Server Denial of Service Empty UDP Packet || bugtraq,12192
100000105 || COMMUNITY INAPPROPRIATE lolita sex
100000106 || COMMUNITY SQL-INJECTION Microsoft BizTalk Server 2002 rawdocdata.asp || bugtraq,7470 || cve,2003-0118 || url,www.microsoft.com/technet/security/bulletin/MS03-016.mspx
100000107 || COMMUNITY SQL-INJECTION Microsoft BizTalk Server 2002 RawCustomSearchField.asp || bugtraq,7470 || cve,2003-0118 || url,www.microsoft.com/technet/security/bulletin/MS03-016.mspx
100000108 || COMMUNITY SQL-INJECTION OpenBB board.php || bugtraq,7404
100000109 || COMMUNITY SQL-INJECTION OpenBB member.php || bugtraq,7404
100000110 || COMMUNITY VIRUS Dabber PORT overflow attempt port 5554 || MCAFEE,125300
100000111 || COMMUNITY VIRUS Dabber PORT overflow attempt port 1023 || MCAFEE,125300
100000112 || COMMUNITY WEB-CGI Readfile.tcl Access || bugtraq,7426
100000113 || COMMUNITY WEB-CGI HappyMall Command Execution member_html.cgi || bugtraq,7530 || cve,2003-0243
100000114 || COMMUNITY WEB-CGI HappyMall Command Execution normal_html.cgi || bugtraq,7530 || cve,2003-0243
100000115 || COMMUNITY WEB-CGI PHP-Nuke Web_Links Path Disclosure Null CID || bugtraq,7589
100000116 || COMMUNITY WEB-CGI PHP-Nuke Web_Links Path Disclosure Non-Numeric CID || bugtraq,7589
100000117 || COMMUNITY WEB-CGI VBulliten Remote Command Execution Attempt || bugtraq,12542
100000118 || COMMUNITY WEB-CLIENT Internet Explorer URLMON.DLL Content-Type Overflow Attempt || bugtraq,7419 || cve,2003-0113 || url,www.microsoft.com/technet/security/bulletin/MS03-015.mspx
100000119 || COMMUNITY WEB-CLIENT Internet Explorer URLMON.DLL Content-Encoding Overflow Attempt || bugtraq,7419 || cve,2003-0113 || url,www.microsoft.com/technet/security/bulletin/MS03-015.mspx
100000121 || COMMUNITY WEB-MISC Test Script Access
100000122 || COMMUNITY WEB-MISC mod_jrun overflow attempt || bugtraq,11245 || cve,2004-0646
100000123 || COMMUNITY INAPPROPRIATE preteen sex
100000124 || COMMUNITY INAPPROPRIATE girls gone wild
100000125 || COMMUNITY MISC Sentinel License Manager overflow attempt || cve,CAN-2005-0353 || bugtraq,12742
100000126 || COMMUNITY MISC GoodTech Telnet Server Buffer Overflow Attempt || cve,2005-0768 || url,unsecure.altervista.org/security/goodtechtelnet.htm
100000127 || COMMUNITY WEB-CGI Stadtaus.com PHP Form Mail Remote Script Include Attack formmail.inc.php || bugtraq,12735
100000128 || COMMUNITY WEB-CGI Stadtaus.com PHP Form Mail Remote Script Include Attack download_center_lite.inc.php || bugtraq,12735
100000129 || COMMUNITY WEB-MISC Cisco IOS HTTP Router Management Service Infinite Loop DoS || bugtraq,10014 || url,www.cisco.com/warp/public/707/ioshttpserverquery-pub.shtml
100000130 || COMMUNITY WEB-MISC PY Software Active Webcam Webserver DoS || bugtraq,12778
100000131 || COMMUNITY WEB-MISC PY Software Active Webcam Webserver DoS - Floppy Access || bugtraq,12778
100000132 || COMMUNITY WEB-MISC Proxy Server Access
100000133 || COMMUNITY WEB-DoS Xeneo Server Question Mark GET Request || bugtraq,7398 || url,www.northernsolutions.com/support/index.php?view=support&cmd=releasenotes&productid=1
100000134 || COMMUNITY DOS Tcpdump rsvp attack || cve,2005-1280 || cve,2005-1281 || bugtraq,13391
100000135 || COMMUNITY IMAP GNU Mailutils request tag format string vulnerability || cve,CAN-2005-1523 || bugtraq,13764
100000136 || COMMUNITY IMAP GNU imapd search format string attempt || url,www.osvdb.org/displayvuln.php?osvdb_id=19306 || cve,2005-2878
100000137 || COMMUNITY MISC BAD-SSL tcp detect
100000138 || COMMUNITY WEB-IIS Remote IIS Server Name spoof attempt localhost || cve,2005-2678
100000139 || COMMUNITY WEB-IIS Remote IIS Server Name spoof attempt loopback IP || cve,2005-2678
100000140 || COMMUNITY WEB-MISC MaxDB Web Tool Remote Stack Overflow || cve,2005-0684 || url,www.idefense.com/application/poi/display?id=234&type=vulnerabilities
100000141 || COMMUNITY WEB-MISC Ipswitch Imail web calendaring .jsp directory traversal attempt || bugtraq,13727 || cve,CAN-2005-1252
100000142 || COMMUNITY WEB-MISC Ipswitch Imail web calendaring .jpg directory traversal attempt || bugtraq,13727 || cve,CAN-2005-1252
100000143 || COMMUNITY WEB-MISC Ipswitch Imail web calendaring .gif directory traversal attempt || bugtraq,13727 || cve,CAN-2005-1252
100000144 || COMMUNITY WEB-MISC Ipswitch Imail web calendaring .wav directory traversal attempt || bugtraq,13727 || cve,CAN-2005-1252
100000145 || COMMUNITY WEB-MISC Ipswitch Imail web calendaring .css directory traversal attempt || bugtraq,13727 || cve,CAN-2005-1252
100000146 || COMMUNITY WEB-MISC Ipswitch Imail web calendaring .htm directory traversal attempt || bugtraq,13727 || cve,CAN-2005-1252
100000148 || COMMUNITY WEB-MISC Barracuda img.pl attempt || bugtraq,14712 || bugtraq,14710 || cve,2005-2848
100000149 || COMMUNITY WEB-MISC Jboss % attempt || bugtraq,13985 || cve,2005-2006 || url,www.osvdb.org/displayvuln.php?osvdb_id=17403
100000150 || COMMUNITY WEB-MISC HTTP Transfer-Content Request Smuggling attempt || bugtraq,13873 || bugtraq,14106 || cve,2005-2088 || cve,2005-2089 || cve,2005-2090 || cve,2005-2091 || cve,2005-2092 || cve,2005-2093 || cve,2005-2094 || url,www.osvdb.org/displayvuln.php?osvdb_id=17738 || nessus,18337
100000151 || COMMUNITY WEB-PHP piranha default passwd attempt || bugtraq,1148 || cve,2000-0248 || nessus,10381
100000152 || COMMUNITY IMAP MDaemon authentication protocol decode
100000153 || COMMUNITY IMAP MDaemon authentication multiple packet overflow attempt || bugtraq,14317
100000154 || COMMUNITY IMAP MDaemon authentication okay protocol decode
100000155 || COMMUNITY IMAP MDaemon authentication overflow single packet attempt || bugtraq,14317
100000156 || COMMUNITY WEB-CGI Twiki shell command execution || bugtraq,14834 || cve,2005-2877 || url,twiki.org/cgi-bin/view/Codev/SecurityAlertExecuteCommandsWithRev
100000157 || COMMUNITY WEB-CGI ATutor password_reminder.php SQL injection attempt || bugtraq,14831
100000158 || COMMUNITY SIP INVITE message flooding
100000159 || COMMUNITY SIP REGISTER message flooding
100000160 || COMMUNITY SIP TCP/IP message flooding directed to SIP proxy
100000161 || COMMUNITY SIP DNS No such name treshold - Abnormaly high count of No such name responses
100000162 || COMMUNITY SIP 401 Unauthorized Flood
100000163 || COMMUNITY SIP 407 Proxy Authentication Required Flood
100000164 || COMMUNITY ICMP Linux DoS sctp Exploit || nessus,19777
100000165 || COMMUNITY EXPLOIT Sentinel LM exploit || bugtraq,12742 || cve,2005-0353 || osvdb,14605 || nessus,17326
100000166 || COMMUNITY ORACLE TNS Listener shutdown via iSQLPlus attempt || bugtraq,15032 || url,www.red-database-security.com/advisory/oracle_isqlplus_shutdown.html
100000167 || COMMUNITY SMTP Hydra Activity Detected || url,www.thc.org/releases.php
100000168 || COMMUNITY WEB-ATTACKS Hydra Activity Detected || url,www.thc.org/releases.php
100000169 || COMMUNITY WEB-ATTACKS Amap fingerprint attempt || url,www.thc.org/releases.php
100000170 || COMMUNITY WEB-ATTACKS GFI MailSecurity Management Host Overflow Attempt Long Host Parameter || bugtraq,15081 || osvdb,19926
100000171 || COMMUNITY WEB-ATTACKS GFI MailSecurity Management Host Overflow Attempt Long Accept Parameter || bugtraq,15081 || osvdb,19926
100000172 || COMMUNITY NNTP Lynx overflow attempt || cve,2005-3120 || bugtraq,15117 || url,www.osvdb.org/displayvuln.php?osvdb_id=20019 || nessus,20035
100000173 || COMMUNITY WEB-IIS RSA WebAgent Redirect Overflow attempt
100000174 || COMMUNITY WEB-IIS RSA WebAgent access || cve,2005-1118 || bugtraq,13168
100000175 || COMMUNITY DOS Ethereal slimp overflow attempt || cve,2005-3243 || url,www.ethereal.com/docs/release-notes/ethereal-0.10.13.html
100000176 || COMMUNITY EXPLOIT HPUX LPD overflow attempt || cve,2005-3277 || bugtraq,15136
100000177 || COMMUNITY WEB-MISC Linksys apply.cgi overflow attempt || bugtraq,14822 || cve,2005-2799 || nessus,20096 || url,www.osvdb.org/displayvuln.php?osvdb_id=19389
100000178 || COMMUNITY WEB-MISC Hasbani-WindWeb GET DoS attempt || bugtraq,15225 || nessus,20097
100000179 || COMMUNITY WEB-MISC SMC TRACE access || url,www.kb.cert.org/vuls/id/867593
100000180 || COMMUNITY EXPLOIT SIP UDP spoof attempt || bid,14174 || cve,2005-2182 || url,www.osvdb.org/displayvuln.php?osvdb_id=17838
100000181 || COMMUNITY GAME FlatFrag game dos exploit || bugtraq,15287 || cve,2005-3492
100000182 || COMMUNITY GAME Battle Carry attempt || cve,2005-3493 || bugtraq,15282
100000183 || COMMUNITY WEB-ATTACKS SAP WAS syscmd access || url,www.cybsec.com/vuln/CYBSEC_Security_Advisory_Multiple_XSS_in_SAP_WAS.pdf
100000184 || COMMUNITY WEB-MISC JBoss JMXInvokerServlet access || url,online.securityfocus.com/archive/1/415707
100000185 || COMMUNITY WEB-MISC apache directory list attempt || bugtraq,3009 || cve,2001-0731
100000186 || COMMUNITY WEB-PHP phpinfo access || bugtraq,5789 || cve,2002-1149 || osvdb,3356
100000187 || COMMUNITY WEB-PHP XSS attempt
100000188 || COMMUNITY WEB-PHP Vubb Path attempt || cve,2005-3513 || url,marc.theaimsgroup.com/?l=bugtraq&m=113087965608496&w=2
100000189 || COMMUNITY MISC streaming RTSP (realpayer) || url,www.rtsp.org
100000190 || COMMUNITY MISC streaming Windows Mediaplayer || url,www.microsoft.com
100000191 || COMMUNITY SMTP Gnu Mailman utf8 attachement access || bugtraq,15408 || cve,2005-3573 || url,www.osvdb.org/displayvuln.php?osvdb_id=20819
100000192 || COMMUNITY SQL-INJECTION WIZZ ForumTopicDetails Sql Injection attempt || bugtraq,15410 || url,www.osvdb.org/displayvuln.php?osvdb_id=20846
100000193 || COMMUNITY SQL-INJECTION WIZZ ForumAuthDetails Sql Injection attempt || bugtraq,15410 || url,www.osvdb.org/displayvuln.php?osvdb_id=20845
100000194 || COMMUNITY SQL-INJECTION WIZZ ForumReply Sql Injection attempt || bugtraq,15410 || url,www.osvdb.org/displayvuln.php?osvdb_id=20847
100000195 || COMMUNITY WEB-PHP _SERVER HTTP_ACCEPT_LANGUAGE access || bugtraq,15414 || cve,2005-3347
100000196 || COMMUNITY IMAP Qualcomm WorldMail SELECT dot dot attempt || cve,2005-3189 || bugtraq,15488