Which may be found at http://www.grotto-group.com/~gulfie/projects... maybe
| ./snortrules-COMM-2.4/rules/sid-msg.map Fri Dec 2 01:24:13 2005 | |
|---|---|
| Filename : line | Rules |
| ./snortrules-COMM-2.4/rules/sid-msg.map : 1 | # Copyright 2005 Sourcefire, Inc. All Rights Reserved.
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 2 | # This file is licensed under the GNU General Public License.
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 3 | # Please see the file LICENSE in this directory for more details.
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 4 | # Id SID -> MSG map
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 5 |
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 6 | 100000100 || COMMUNITY EXPLOIT Windows Acrobat Reader Activex Overflow Flowbit || cve,2004-0629 || bugtraq,10947
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 7 | 100000101 || COMMUNITY EXPLOIT Windows Acrobat Reader Activex Overflow Exploit || cve,2004-0629 || bugtraq,10947
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 8 | 100000102 || COMMUNITY GAME Halocon Denial of Service Empty UDP Packet || bugtraq,12281
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 9 | 100000103 || COMMUNITY GAME Breed Game Server Denial of Service Empty UDP Packet || bugtraq,12262
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 10 | 100000104 || COMMUNITY GAME Amp II 3D Game Server Denial of Service Empty UDP Packet || bugtraq,12192
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 11 | 100000105 || COMMUNITY INAPPROPRIATE lolita sex
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 12 | 100000106 || COMMUNITY SQL-INJECTION Microsoft BizTalk Server 2002 rawdocdata.asp || bugtraq,7470 || cve,2003-0118 || url,www.microsoft.com/technet/security/bulletin/MS03-016.mspx
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 13 | 100000107 || COMMUNITY SQL-INJECTION Microsoft BizTalk Server 2002 RawCustomSearchField.asp || bugtraq,7470 || cve,2003-0118 || url,www.microsoft.com/technet/security/bulletin/MS03-016.mspx
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 14 | 100000108 || COMMUNITY SQL-INJECTION OpenBB board.php || bugtraq,7404
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 15 | 100000109 || COMMUNITY SQL-INJECTION OpenBB member.php || bugtraq,7404
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 16 | 100000110 || COMMUNITY VIRUS Dabber PORT overflow attempt port 5554 || MCAFEE,125300
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 17 | 100000111 || COMMUNITY VIRUS Dabber PORT overflow attempt port 1023 || MCAFEE,125300
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 18 | 100000112 || COMMUNITY WEB-CGI Readfile.tcl Access || bugtraq,7426
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 19 | 100000113 || COMMUNITY WEB-CGI HappyMall Command Execution member_html.cgi || bugtraq,7530 || cve,2003-0243
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 20 | 100000114 || COMMUNITY WEB-CGI HappyMall Command Execution normal_html.cgi || bugtraq,7530 || cve,2003-0243
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 21 | 100000115 || COMMUNITY WEB-CGI PHP-Nuke Web_Links Path Disclosure Null CID || bugtraq,7589
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 22 | 100000116 || COMMUNITY WEB-CGI PHP-Nuke Web_Links Path Disclosure Non-Numeric CID || bugtraq,7589
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 23 | 100000117 || COMMUNITY WEB-CGI VBulliten Remote Command Execution Attempt || bugtraq,12542
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 24 | 100000118 || COMMUNITY WEB-CLIENT Internet Explorer URLMON.DLL Content-Type Overflow Attempt || bugtraq,7419 || cve,2003-0113 || url,www.microsoft.com/technet/security/bulletin/MS03-015.mspx
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 25 | 100000119 || COMMUNITY WEB-CLIENT Internet Explorer URLMON.DLL Content-Encoding Overflow Attempt || bugtraq,7419 || cve,2003-0113 || url,www.microsoft.com/technet/security/bulletin/MS03-015.mspx
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 26 | 100000121 || COMMUNITY WEB-MISC Test Script Access
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 27 | 100000122 || COMMUNITY WEB-MISC mod_jrun overflow attempt || bugtraq,11245 || cve,2004-0646
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 28 | 100000123 || COMMUNITY INAPPROPRIATE preteen sex
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 29 | 100000124 || COMMUNITY INAPPROPRIATE girls gone wild
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 30 | 100000125 || COMMUNITY MISC Sentinel License Manager overflow attempt || cve,CAN-2005-0353 || bugtraq,12742
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 31 | 100000126 || COMMUNITY MISC GoodTech Telnet Server Buffer Overflow Attempt || cve,2005-0768 || url,unsecure.altervista.org/security/goodtechtelnet.htm
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 32 | 100000127 || COMMUNITY WEB-CGI Stadtaus.com PHP Form Mail Remote Script Include Attack formmail.inc.php || bugtraq,12735
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 33 | 100000128 || COMMUNITY WEB-CGI Stadtaus.com PHP Form Mail Remote Script Include Attack download_center_lite.inc.php || bugtraq,12735
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 34 | 100000129 || COMMUNITY WEB-MISC Cisco IOS HTTP Router Management Service Infinite Loop DoS || bugtraq,10014 || url,www.cisco.com/warp/public/707/ioshttpserverquery-pub.shtml
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 35 | 100000130 || COMMUNITY WEB-MISC PY Software Active Webcam Webserver DoS || bugtraq,12778
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 36 | 100000131 || COMMUNITY WEB-MISC PY Software Active Webcam Webserver DoS - Floppy Access || bugtraq,12778
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 37 | 100000132 || COMMUNITY WEB-MISC Proxy Server Access
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 38 | 100000133 || COMMUNITY WEB-DoS Xeneo Server Question Mark GET Request || bugtraq,7398 || url,www.northernsolutions.com/support/index.php?view=support&cmd=releasenotes&productid=1
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 39 | 100000134 || COMMUNITY DOS Tcpdump rsvp attack || cve,2005-1280 || cve,2005-1281 || bugtraq,13391
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 40 | 100000135 || COMMUNITY IMAP GNU Mailutils request tag format string vulnerability || cve,CAN-2005-1523 || bugtraq,13764
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 41 | 100000136 || COMMUNITY IMAP GNU imapd search format string attempt || url,www.osvdb.org/displayvuln.php?osvdb_id=19306 || cve,2005-2878
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 42 | 100000137 || COMMUNITY MISC BAD-SSL tcp detect
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 43 | 100000138 || COMMUNITY WEB-IIS Remote IIS Server Name spoof attempt localhost || cve,2005-2678
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 44 | 100000139 || COMMUNITY WEB-IIS Remote IIS Server Name spoof attempt loopback IP || cve,2005-2678
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 45 | 100000140 || COMMUNITY WEB-MISC MaxDB Web Tool Remote Stack Overflow || cve,2005-0684 || url,www.idefense.com/application/poi/display?id=234&type=vulnerabilities
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 46 | 100000141 || COMMUNITY WEB-MISC Ipswitch Imail web calendaring .jsp directory traversal attempt || bugtraq,13727 || cve,CAN-2005-1252
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 47 | 100000142 || COMMUNITY WEB-MISC Ipswitch Imail web calendaring .jpg directory traversal attempt || bugtraq,13727 || cve,CAN-2005-1252
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 48 | 100000143 || COMMUNITY WEB-MISC Ipswitch Imail web calendaring .gif directory traversal attempt || bugtraq,13727 || cve,CAN-2005-1252
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 49 | 100000144 || COMMUNITY WEB-MISC Ipswitch Imail web calendaring .wav directory traversal attempt || bugtraq,13727 || cve,CAN-2005-1252
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 50 | 100000145 || COMMUNITY WEB-MISC Ipswitch Imail web calendaring .css directory traversal attempt || bugtraq,13727 || cve,CAN-2005-1252
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 51 | 100000146 || COMMUNITY WEB-MISC Ipswitch Imail web calendaring .htm directory traversal attempt || bugtraq,13727 || cve,CAN-2005-1252
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 52 | 100000148 || COMMUNITY WEB-MISC Barracuda img.pl attempt || bugtraq,14712 || bugtraq,14710 || cve,2005-2848
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 53 | 100000149 || COMMUNITY WEB-MISC Jboss % attempt || bugtraq,13985 || cve,2005-2006 || url,www.osvdb.org/displayvuln.php?osvdb_id=17403
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 54 | 100000150 || COMMUNITY WEB-MISC HTTP Transfer-Content Request Smuggling attempt || bugtraq,13873 || bugtraq,14106 || cve,2005-2088 || cve,2005-2089 || cve,2005-2090 || cve,2005-2091 || cve,2005-2092 || cve,2005-2093 || cve,2005-2094 || url,www.osvdb.org/displayvuln.php?osvdb_id=17738 || nessus,18337
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 55 | 100000151 || COMMUNITY WEB-PHP piranha default passwd attempt || bugtraq,1148 || cve,2000-0248 || nessus,10381
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 56 | 100000152 || COMMUNITY IMAP MDaemon authentication protocol decode
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 57 | 100000153 || COMMUNITY IMAP MDaemon authentication multiple packet overflow attempt || bugtraq,14317
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 58 | 100000154 || COMMUNITY IMAP MDaemon authentication okay protocol decode
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 59 | 100000155 || COMMUNITY IMAP MDaemon authentication overflow single packet attempt || bugtraq,14317
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 60 | 100000156 || COMMUNITY WEB-CGI Twiki shell command execution || bugtraq,14834 || cve,2005-2877 || url,twiki.org/cgi-bin/view/Codev/SecurityAlertExecuteCommandsWithRev
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 61 | 100000157 || COMMUNITY WEB-CGI ATutor password_reminder.php SQL injection attempt || bugtraq,14831
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 62 | 100000158 || COMMUNITY SIP INVITE message flooding
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 63 | 100000159 || COMMUNITY SIP REGISTER message flooding
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 64 | 100000160 || COMMUNITY SIP TCP/IP message flooding directed to SIP proxy
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 65 | 100000161 || COMMUNITY SIP DNS No such name treshold - Abnormaly high count of No such name responses
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 66 | 100000162 || COMMUNITY SIP 401 Unauthorized Flood
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 67 | 100000163 || COMMUNITY SIP 407 Proxy Authentication Required Flood
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 68 | 100000164 || COMMUNITY ICMP Linux DoS sctp Exploit || nessus,19777
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 69 | 100000165 || COMMUNITY EXPLOIT Sentinel LM exploit || bugtraq,12742 || cve,2005-0353 || osvdb,14605 || nessus,17326
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 70 | 100000166 || COMMUNITY ORACLE TNS Listener shutdown via iSQLPlus attempt || bugtraq,15032 || url,www.red-database-security.com/advisory/oracle_isqlplus_shutdown.html
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 71 | 100000167 || COMMUNITY SMTP Hydra Activity Detected || url,www.thc.org/releases.php
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 72 | 100000168 || COMMUNITY WEB-ATTACKS Hydra Activity Detected || url,www.thc.org/releases.php
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 73 | 100000169 || COMMUNITY WEB-ATTACKS Amap fingerprint attempt || url,www.thc.org/releases.php
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 74 | 100000170 || COMMUNITY WEB-ATTACKS GFI MailSecurity Management Host Overflow Attempt Long Host Parameter || bugtraq,15081 || osvdb,19926
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 75 | 100000171 || COMMUNITY WEB-ATTACKS GFI MailSecurity Management Host Overflow Attempt Long Accept Parameter || bugtraq,15081 || osvdb,19926
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 76 | 100000172 || COMMUNITY NNTP Lynx overflow attempt || cve,2005-3120 || bugtraq,15117 || url,www.osvdb.org/displayvuln.php?osvdb_id=20019 || nessus,20035
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 77 | 100000173 || COMMUNITY WEB-IIS RSA WebAgent Redirect Overflow attempt
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 78 | 100000174 || COMMUNITY WEB-IIS RSA WebAgent access || cve,2005-1118 || bugtraq,13168
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 79 | 100000175 || COMMUNITY DOS Ethereal slimp overflow attempt || cve,2005-3243 || url,www.ethereal.com/docs/release-notes/ethereal-0.10.13.html
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 80 | 100000176 || COMMUNITY EXPLOIT HPUX LPD overflow attempt || cve,2005-3277 || bugtraq,15136
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 81 | 100000177 || COMMUNITY WEB-MISC Linksys apply.cgi overflow attempt || bugtraq,14822 || cve,2005-2799 || nessus,20096 || url,www.osvdb.org/displayvuln.php?osvdb_id=19389
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 82 | 100000178 || COMMUNITY WEB-MISC Hasbani-WindWeb GET DoS attempt || bugtraq,15225 || nessus,20097
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 83 | 100000179 || COMMUNITY WEB-MISC SMC TRACE access || url,www.kb.cert.org/vuls/id/867593
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 84 | 100000180 || COMMUNITY EXPLOIT SIP UDP spoof attempt || bid,14174 || cve,2005-2182 || url,www.osvdb.org/displayvuln.php?osvdb_id=17838
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 85 | 100000181 || COMMUNITY GAME FlatFrag game dos exploit || bugtraq,15287 || cve,2005-3492
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 86 | 100000182 || COMMUNITY GAME Battle Carry attempt || cve,2005-3493 || bugtraq,15282
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 87 | 100000183 || COMMUNITY WEB-ATTACKS SAP WAS syscmd access || url,www.cybsec.com/vuln/CYBSEC_Security_Advisory_Multiple_XSS_in_SAP_WAS.pdf
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 88 | 100000184 || COMMUNITY WEB-MISC JBoss JMXInvokerServlet access || url,online.securityfocus.com/archive/1/415707
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 89 | 100000185 || COMMUNITY WEB-MISC apache directory list attempt || bugtraq,3009 || cve,2001-0731
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 90 | 100000186 || COMMUNITY WEB-PHP phpinfo access || bugtraq,5789 || cve,2002-1149 || osvdb,3356
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 91 | 100000187 || COMMUNITY WEB-PHP XSS attempt
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 92 | 100000188 || COMMUNITY WEB-PHP Vubb Path attempt || cve,2005-3513 || url,marc.theaimsgroup.com/?l=bugtraq&m=113087965608496&w=2
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 93 | 100000189 || COMMUNITY MISC streaming RTSP (realpayer) || url,www.rtsp.org
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 94 | 100000190 || COMMUNITY MISC streaming Windows Mediaplayer || url,www.microsoft.com
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 95 | 100000191 || COMMUNITY SMTP Gnu Mailman utf8 attachement access || bugtraq,15408 || cve,2005-3573 || url,www.osvdb.org/displayvuln.php?osvdb_id=20819
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 96 | 100000192 || COMMUNITY SQL-INJECTION WIZZ ForumTopicDetails Sql Injection attempt || bugtraq,15410 || url,www.osvdb.org/displayvuln.php?osvdb_id=20846
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 97 | 100000193 || COMMUNITY SQL-INJECTION WIZZ ForumAuthDetails Sql Injection attempt || bugtraq,15410 || url,www.osvdb.org/displayvuln.php?osvdb_id=20845
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 98 | 100000194 || COMMUNITY SQL-INJECTION WIZZ ForumReply Sql Injection attempt || bugtraq,15410 || url,www.osvdb.org/displayvuln.php?osvdb_id=20847
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 99 | 100000195 || COMMUNITY WEB-PHP _SERVER HTTP_ACCEPT_LANGUAGE access || bugtraq,15414 || cve,2005-3347
|
| ./snortrules-COMM-2.4/rules/sid-msg.map : 100 | 100000196 || COMMUNITY IMAP Qualcomm WorldMail SELECT dot dot attempt || cve,2005-3189 || bugtraq,15488
|