unified2 0.1.2 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.rdoc +5 -7
- data/example/connect.rb +20 -0
- data/example/example.rb +59 -28
- data/example/models.rb +196 -0
- data/example/search.rb +14 -0
- data/example/{classification.config → seeds/classification.config} +0 -0
- data/example/{gen-msg.map → seeds/gen-msg.map} +0 -0
- data/example/{sid-msg.map → seeds/sid-msg.map} +1086 -182
- data/example/{unified2 → seeds/unified2} +0 -0
- data/lib/unified2/classification.rb +2 -2
- data/lib/unified2/config_file.rb +80 -0
- data/lib/unified2/event.rb +30 -22
- data/lib/unified2/payload.rb +3 -1
- data/lib/unified2/signature.rb +2 -2
- data/lib/unified2/version.rb +1 -1
- data/lib/unified2.rb +10 -59
- metadata +12 -34
|
@@ -347,23 +347,23 @@
|
|
|
347
347
|
465 || ICMP ISS Pinger || arachnids,158
|
|
348
348
|
466 || ICMP L3retriever Ping || arachnids,311
|
|
349
349
|
467 || ICMP Nemesis v1.1 Echo || arachnids,449
|
|
350
|
-
469 || ICMP PING NMAP || arachnids,162
|
|
351
|
-
471 || ICMP icmpenum v1.1.1 || arachnids,450
|
|
352
|
-
472 || ICMP redirect host || arachnids,135 || cve,1999-0265
|
|
353
|
-
473 || ICMP redirect net || arachnids,199 || cve,1999-0265
|
|
350
|
+
469 || DELETED ICMP PING NMAP || arachnids,162
|
|
351
|
+
471 || DELETED ICMP icmpenum v1.1.1 || arachnids,450
|
|
352
|
+
472 || DELETED ICMP redirect host || arachnids,135 || cve,1999-0265
|
|
353
|
+
473 || DELETED ICMP redirect net || arachnids,199 || cve,1999-0265
|
|
354
354
|
474 || ICMP superscan echo
|
|
355
|
-
475 || ICMP traceroute ipopts || arachnids,238
|
|
355
|
+
475 || DELETED ICMP traceroute ipopts || arachnids,238
|
|
356
356
|
476 || ICMP webtrends scanner || arachnids,307
|
|
357
|
-
477 || ICMP Source Quench
|
|
358
|
-
478 || ICMP Broadscan Smurf Scanner
|
|
357
|
+
477 || DELETED ICMP Source Quench || bugtraq,13124 || cve,2004-0791
|
|
358
|
+
478 || DELETED ICMP Broadscan Smurf Scanner
|
|
359
359
|
480 || ICMP PING speedera
|
|
360
360
|
481 || ICMP TJPingPro1.1Build 2 Windows || arachnids,167
|
|
361
361
|
482 || ICMP PING WhatsupGold Windows || arachnids,168
|
|
362
362
|
483 || ICMP PING CyberKit 2.2 Windows || arachnids,154
|
|
363
363
|
484 || ICMP PING Sniffer Pro/NetXRay network scan
|
|
364
|
-
485 || ICMP Destination Unreachable Communication Administratively Prohibited
|
|
365
|
-
486 || ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited
|
|
366
|
-
487 || ICMP Destination Unreachable Communication with Destination Network is Administratively Prohibited
|
|
364
|
+
485 || DELETED ICMP Destination Unreachable Communication Administratively Prohibited
|
|
365
|
+
486 || DELETED ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited
|
|
366
|
+
487 || DELETED ICMP Destination Unreachable Communication with Destination Network is Administratively Prohibited
|
|
367
367
|
488 || DELETED INFO Connection Closed MSG from Port 80
|
|
368
368
|
489 || FTP no password || arachnids,322
|
|
369
369
|
490 || POLICY battle-mail traffic
|
|
@@ -376,9 +376,9 @@
|
|
|
376
376
|
497 || ATTACK-RESPONSES file copied ok || bugtraq,1806 || cve,2000-0884
|
|
377
377
|
498 || ATTACK-RESPONSES id check returned root
|
|
378
378
|
499 || DELETED ICMP Large ICMP Packet || arachnids,246
|
|
379
|
-
500 || MISC source route lsrr || arachnids,418 || bugtraq,646 || cve,1999-0510 || cve,1999-0909 || url,www.microsoft.com/technet/security/bulletin/MS99-038.mspx
|
|
380
|
-
501 || MISC source route lsrre || arachnids,420 || bugtraq,646 || cve,1999-0909 || url,www.microsoft.com/technet/security/bulletin/MS99-038.mspx
|
|
381
|
-
502 || MISC source route ssrr || cve,1999-0510
|
|
379
|
+
500 || DELETED MISC source route lsrr || arachnids,418 || bugtraq,646 || cve,1999-0510 || cve,1999-0909 || url,www.microsoft.com/technet/security/bulletin/MS99-038.mspx
|
|
380
|
+
501 || DELETED MISC source route lsrre || arachnids,420 || bugtraq,646 || cve,1999-0909 || url,www.microsoft.com/technet/security/bulletin/MS99-038.mspx
|
|
381
|
+
502 || DELETED MISC source route ssrr || cve,1999-0510
|
|
382
382
|
503 || DELETED MISC Source Port 20 to <1024 || arachnids,06
|
|
383
383
|
504 || DELETED MISC source port 53 to <1024 || arachnids,07
|
|
384
384
|
505 || MISC Insecure TIMBUKTU Password || arachnids,229
|
|
@@ -396,11 +396,11 @@
|
|
|
396
396
|
518 || TFTP Put || arachnids,148 || cve,1999-0183
|
|
397
397
|
519 || TFTP parent directory || arachnids,137 || cve,1999-0183 || cve,2002-1209
|
|
398
398
|
520 || TFTP root directory || arachnids,138 || cve,1999-0183
|
|
399
|
-
521 || MISC Large UDP Packet || arachnids,247
|
|
399
|
+
521 || DELETED MISC Large UDP Packet || arachnids,247
|
|
400
400
|
522 || DELETED MISC Tiny Fragments
|
|
401
|
-
523 || BAD-TRAFFIC ip reserved bit set
|
|
402
|
-
524 || BAD-TRAFFIC tcp port 0 traffic
|
|
403
|
-
525 || BAD-TRAFFIC udp port 0 traffic || bugtraq,576 || cve,1999-0675 || nessus,10074
|
|
401
|
+
523 || DELETED BAD-TRAFFIC ip reserved bit set
|
|
402
|
+
524 || DELETED BAD-TRAFFIC tcp port 0 traffic
|
|
403
|
+
525 || DELETED BAD-TRAFFIC udp port 0 traffic || bugtraq,576 || cve,1999-0675 || nessus,10074
|
|
404
404
|
526 || DELETED BAD-TRAFFIC data in TCP SYN packet || url,www.cert.org/incident_notes/IN-99-07.html
|
|
405
405
|
527 || DELETED BAD-TRAFFIC same SRC/DST || bugtraq,2666 || cve,1999-0016 || url,www.cert.org/advisories/CA-1997-28.html
|
|
406
406
|
528 || DELETED BAD-TRAFFIC loopback traffic || url,www.sans.org/reading_room/whitepapers/firewalls/1059.php
|
|
@@ -552,7 +552,7 @@
|
|
|
552
552
|
677 || SQL sp_password password change
|
|
553
553
|
678 || SQL sp_delete_alert log file deletion
|
|
554
554
|
679 || SQL sp_adduser database user creation
|
|
555
|
-
680 || SQL sa login failed || bugtraq,4797 || cve,2000-1209
|
|
555
|
+
680 || DELETED SQL sa login failed || bugtraq,4797 || cve,2000-1209
|
|
556
556
|
681 || SQL xp_cmdshell program execution || bugtraq,5309
|
|
557
557
|
682 || DELETED SQL xp_enumresultset possible buffer overflow || bugtraq,2031 || cve,2000-1082 || url,www.microsoft.com/technet/security/bulletin/MS00-092.mspx
|
|
558
558
|
683 || SQL sp_password - password change
|
|
@@ -1131,7 +1131,7 @@
|
|
|
1131
1131
|
1274 || RPC portmap ttdbserv request TCP || arachnids,24 || bugtraq,122 || bugtraq,3382 || cve,1999-0003 || cve,1999-0687 || cve,1999-1075 || cve,2001-0717 || url,www.cert.org/advisories/CA-2001-05.html
|
|
1132
1132
|
1275 || RPC portmap yppasswd request TCP || arachnids,14
|
|
1133
1133
|
1276 || RPC portmap ypserv request TCP || arachnids,12 || bugtraq,5914 || bugtraq,6016 || cve,2000-1042 || cve,2000-1043 || cve,2002-1232
|
|
1134
|
-
1277 || RPC portmap ypupdated request UDP || bugtraq,1749 || cve,1999-0208
|
|
1134
|
+
1277 || RPC portmap ypupdated request UDP || bugtraq,1749 || bugtraq,28383 || cve,1999-0208
|
|
1135
1135
|
1278 || DELETED RPC rstatd query || arachnids,9
|
|
1136
1136
|
1279 || RPC portmap snmpXdmi request UDP || bugtraq,2417 || cve,2001-0236 || nessus,10659 || url,www.cert.org/advisories/CA-2001-05.html
|
|
1137
1137
|
1280 || RPC portmap listing UDP 111 || arachnids,428
|
|
@@ -1469,13 +1469,13 @@
|
|
|
1469
1469
|
1624 || FTP PWD overflow attempt
|
|
1470
1470
|
1625 || FTP SYST overflow attempt || url,www.faqs.org/rfcs/rfc959.html
|
|
1471
1471
|
1626 || WEB-IIS /StoreCSVS/InstantOrder.asmx request
|
|
1472
|
-
1627 || BAD-TRAFFIC Unassigned/Reserved IP protocol || url,www.iana.org/assignments/protocol-numbers
|
|
1472
|
+
1627 || DELETED BAD-TRAFFIC Unassigned/Reserved IP protocol || url,www.iana.org/assignments/protocol-numbers
|
|
1473
1473
|
1628 || WEB-CGI FormHandler.cgi directory traversal attempt attempt || bugtraq,798 || bugtraq,799 || cve,1999-1050 || nessus,10075
|
|
1474
1474
|
1629 || DELETED SecureNetPro traffic
|
|
1475
1475
|
1631 || CHAT AIM login
|
|
1476
1476
|
1632 || DELETED CHAT AIM send message
|
|
1477
1477
|
1633 || CHAT AIM receive message
|
|
1478
|
-
1634 || POP3 PASS overflow attempt || bugtraq,791 || cve,1999-1511 || nessus,10325
|
|
1478
|
+
1634 || POP3 PASS overflow attempt || bugtraq,21645 || bugtraq,791 || cve,1999-1511 || cve,2006-6605 || nessus,10325
|
|
1479
1479
|
1635 || POP3 APOP overflow attempt || bugtraq,1652 || cve,2000-0840 || cve,2000-0841 || nessus,10559
|
|
1480
1480
|
1636 || MISC Xtramail Username overflow attempt || bugtraq,791 || cve,1999-1511 || nessus,10323
|
|
1481
1481
|
1637 || WEB-CGI yabb access || arachnids,462 || bugtraq,1668 || cve,2000-0853 || nessus,10512
|
|
@@ -1575,7 +1575,7 @@
|
|
|
1575
1575
|
1731 || WEB-CGI a1stats access || bugtraq,2705 || cve,2001-0561 || nessus,10669
|
|
1576
1576
|
1732 || RPC portmap rwalld request UDP || bugtraq,205 || cve,1999-0181
|
|
1577
1577
|
1733 || RPC portmap rwalld request TCP || bugtraq,205 || cve,1999-0181
|
|
1578
|
-
1734 || FTP USER overflow attempt || bugtraq,10078 || bugtraq,10720 || bugtraq,1227 || bugtraq,1504 || bugtraq,1690 || bugtraq,22044 || bugtraq,22045 || bugtraq,4638 || bugtraq,7307 || bugtraq,8376 || cve,1999-1510 || cve,1999-1514 || cve,1999-1519 || cve,1999-1539 || cve,2000-0479 || cve,2000-0656 || cve,2000-0761 || cve,2000-0943 || cve,2000-1035 || cve,2000-1194 || cve,2001-0256 || cve,2001-0794 || cve,2001-0826 || cve,2002-0126 || cve,2002-1522 || cve,2003-0271 || cve,2004-0286
|
|
1578
|
+
1734 || FTP USER overflow attempt || bugtraq,10078 || bugtraq,10720 || bugtraq,1227 || bugtraq,1504 || bugtraq,15352 || bugtraq,1690 || bugtraq,22044 || bugtraq,22045 || bugtraq,4638 || bugtraq,7307 || bugtraq,8376 || cve,1999-1510 || cve,1999-1514 || cve,1999-1519 || cve,1999-1539 || cve,2000-0479 || cve,2000-0656 || cve,2000-0761 || cve,2000-0943 || cve,2000-1035 || cve,2000-1194 || cve,2001-0256 || cve,2001-0794 || cve,2001-0826 || cve,2002-0126 || cve,2002-1522 || cve,2003-0271 || cve,2004-0286 || cve,2005-2123 || cve,2005-3683
|
|
1579
1579
|
1735 || WEB-CLIENT XMLHttpRequest attempt || bugtraq,4628 || cve,2002-0354
|
|
1580
1580
|
1736 || WEB-PHP squirrel mail spell-check arbitrary command attempt || bugtraq,3952
|
|
1581
1581
|
1737 || WEB-PHP squirrel mail theme arbitrary command attempt || bugtraq,4385 || cve,2002-0516
|
|
@@ -1690,7 +1690,7 @@
|
|
|
1690
1690
|
1862 || WEB-CGI mrtg.cgi directory traversal attempt || bugtraq,4017 || cve,2002-0232 || nessus,11001
|
|
1691
1691
|
1864 || FTP SITE NEWER attempt || cve,1999-0880 || nessus,10319
|
|
1692
1692
|
1865 || WEB-CGI webdist.cgi arbitrary command attempt || bugtraq,374 || cve,1999-0039 || nessus,10299
|
|
1693
|
-
1866 || POP3 USER overflow attempt || bugtraq,11256 || bugtraq,789 || cve,1999-0494 || nessus,10311
|
|
1693
|
+
1866 || POP3 USER overflow attempt || bugtraq,11256 || bugtraq,19651 || bugtraq,789 || cve,1999-0494 || cve,2006-4364 || nessus,10311
|
|
1694
1694
|
1867 || MISC xdmcp info query || nessus,10891
|
|
1695
1695
|
1868 || WEB-CGI story.pl arbitrary file read attempt || bugtraq,3028 || cve,2001-0804 || nessus,10817
|
|
1696
1696
|
1869 || WEB-CGI story.pl access || bugtraq,3028 || cve,2001-0804 || nessus,10817
|
|
@@ -1765,7 +1765,7 @@
|
|
|
1765
1765
|
1938 || POP3 XTND overflow attempt
|
|
1766
1766
|
1939 || MISC bootp hardware address length overflow || cve,1999-0798
|
|
1767
1767
|
1940 || MISC bootp invalid hardware type || cve,1999-0798
|
|
1768
|
-
1941 || TFTP GET filename overflow attempt || bugtraq,22923 || bugtraq,5328 || cve,2002-0813 || nessus,18264
|
|
1768
|
+
1941 || TFTP GET filename overflow attempt || bugtraq,22923 || bugtraq,36121 || bugtraq,5328 || cve,2002-0813 || cve,2009-2957 || nessus,18264
|
|
1769
1769
|
1942 || FTP RMDIR overflow attempt || bugtraq,819
|
|
1770
1770
|
1943 || WEB-MISC /Carello/add.exe access || bugtraq,1245 || cve,2000-0396 || nessus,11776
|
|
1771
1771
|
1944 || WEB-MISC /ecscripts/ecware.exe access || bugtraq,6066
|
|
@@ -1796,11 +1796,11 @@
|
|
|
1796
1796
|
1969 || WEB-MISC ion-p access || bugtraq,6091 || cve,2002-1559 || nessus,11729
|
|
1797
1797
|
1970 || WEB-IIS MDAC Content-Type overflow attempt || bugtraq,6214 || cve,2002-1142 || nessus,11161 || url,www.foundstone.com/knowledge/randd-advisories-display.html?id=337 || url,www.microsoft.com/technet/security/bulletin/MS02-065.mspx || url,www.microsoft.com/technet/security/bulletin/MS98-004.mspx
|
|
1798
1798
|
1971 || FTP SITE EXEC format string attempt || bugtraq,1387 || bugtraq,1505
|
|
1799
|
-
1972 || FTP PASS overflow attempt || bugtraq,10078 || bugtraq,10720 || bugtraq,1690 || bugtraq,22045 || bugtraq,3884 || bugtraq,8601 || bugtraq,9285 || cve,1999-1519 || cve,1999-1539 || cve,2000-1035 || cve,2002-0126 || cve,2002-0895
|
|
1800
|
-
1973 || FTP MKD overflow attempt || bugtraq,11772 || bugtraq,39041 || bugtraq,612 || bugtraq,7278 || bugtraq,9872 || cve,1999-0911 || cve,2009-3023 || cve,2010-0625 || nessus,12108 || url,www.kb.cert.org/vuls/id/276653 || url,www.microsoft.com/technet/security/bulletin/MS09-053
|
|
1799
|
+
1972 || FTP PASS overflow attempt || bugtraq,10078 || bugtraq,10720 || bugtraq,15457 || bugtraq,1690 || bugtraq,22045 || bugtraq,3884 || bugtraq,8601 || bugtraq,9285 || cve,1999-1519 || cve,1999-1539 || cve,2000-1035 || cve,2002-0126 || cve,2002-0895 || cve,2005-3683
|
|
1800
|
+
1973 || FTP MKD overflow attempt || bugtraq,11772 || bugtraq,15457 || bugtraq,39041 || bugtraq,612 || bugtraq,7278 || bugtraq,9872 || cve,1999-0911 || cve,2005-3683 || cve,2009-3023 || cve,2010-0625 || nessus,12108 || url,www.kb.cert.org/vuls/id/276653 || url,www.microsoft.com/technet/security/bulletin/MS09-053.mspx
|
|
1801
1801
|
1974 || FTP REST overflow attempt || bugtraq,2972 || cve,2001-0826 || nessus,11755
|
|
1802
|
-
1975 || FTP DELE overflow attempt || bugtraq,2972 || cve,2001-0826 || cve,2001-1021 || nessus,11755
|
|
1803
|
-
1976 || FTP RMD overflow attempt || bugtraq,2972 || bugtraq,39041 || cve,2000-0133 || cve,2001-0826 || cve,2001-1021 || cve,2010-0625
|
|
1802
|
+
1975 || FTP DELE overflow attempt || bugtraq,15457 || bugtraq,2972 || cve,2001-0826 || cve,2001-1021 || cve,2005-3683 || nessus,11755
|
|
1803
|
+
1976 || FTP RMD overflow attempt || bugtraq,15457 || bugtraq,2972 || bugtraq,39041 || cve,2000-0133 || cve,2001-0826 || cve,2001-1021 || cve,2005-3683 || cve,2010-0625
|
|
1804
1804
|
1977 || WEB-MISC xp_regwrite attempt
|
|
1805
1805
|
1978 || WEB-MISC xp_regdeletekey attempt
|
|
1806
1806
|
1979 || WEB-MISC perl post attempt || bugtraq,5520 || cve,2002-1436 || nessus,11158
|
|
@@ -1817,7 +1817,7 @@
|
|
|
1817
1817
|
1990 || CHAT MSN user search
|
|
1818
1818
|
1991 || CHAT MSN login attempt
|
|
1819
1819
|
1992 || FTP LIST directory traversal attempt || bugtraq,2618 || cve,2001-0680 || cve,2002-1054 || nessus,11112
|
|
1820
|
-
1993 || IMAP login literal buffer overflow attempt || bugtraq,21724 || bugtraq,6298 || cve,2002-1580 || cve,2006-6424 || nessus,12532
|
|
1820
|
+
1993 || IMAP login literal buffer overflow attempt || bugtraq,14718 || bugtraq,21724 || bugtraq,6298 || cve,2002-1580 || cve,2005-1758 || cve,2006-6424 || nessus,12532
|
|
1821
1821
|
1994 || WEB-CGI vpasswd.cgi access || bugtraq,6038 || nessus,11165
|
|
1822
1822
|
1995 || WEB-CGI alya.cgi access || nessus,11118
|
|
1823
1823
|
1996 || WEB-CGI viralator.cgi access || bugtraq,3495 || cve,2001-0849 || nessus,11107
|
|
@@ -1912,7 +1912,7 @@
|
|
|
1912
1912
|
2085 || WEB-CGI parse_xml.cgi access || bugtraq,6960 || cve,2003-0054
|
|
1913
1913
|
2086 || WEB-CGI streaming server parse_xml.cgi access || bugtraq,6960 || cve,2003-0054 || nessus,11278
|
|
1914
1914
|
2087 || SMTP From comment overflow attempt || bugtraq,6991 || cve,2002-1337 || url,www.kb.cert.org/vuls/id/398025
|
|
1915
|
-
2088 || RPC ypupdated arbitrary command attempt UDP || bugtraq,1749 || cve,1999-0208
|
|
1915
|
+
2088 || RPC ypupdated arbitrary command attempt UDP || bugtraq,1749 || bugtraq,28383 || cve,1999-0208
|
|
1916
1916
|
2089 || RPC ypupdated arbitrary command attempt TCP || bugtraq,1749 || cve,1999-0208
|
|
1917
1917
|
2090 || WEB-IIS WEBDAV exploit attempt || bugtraq,7116 || bugtraq,7716 || cve,2003-0109 || nessus,11413 || url,www.microsoft.com/technet/security/bulletin/ms03-007.mspx
|
|
1918
1918
|
2091 || WEB-IIS WEBDAV nessus safe scan attempt || bugtraq,7116 || cve,2003-0109 || nessus,11412 || nessus,11413 || url,www.microsoft.com/technet/security/bulletin/ms03-007.mspx
|
|
@@ -1926,7 +1926,7 @@
|
|
|
1926
1926
|
2103 || NETBIOS SMB Trans2 OPEN2 unicode maximum param count overflow attempt || cve,2003-0201
|
|
1927
1927
|
2104 || ATTACK-RESPONSES rexec username too long response || bugtraq,7459 || cve,2003-1097
|
|
1928
1928
|
2105 || IMAP authenticate literal overflow attempt || bugtraq,21724 || cve,1999-0042 || cve,2006-6424 || nessus,10292
|
|
1929
|
-
2106 || IMAP lsub overflow attempt || bugtraq,1110 || cve,2000-0284 || nessus,10374
|
|
1929
|
+
2106 || IMAP lsub overflow attempt || bugtraq,1110 || bugtraq,15006 || cve,2000-0284 || cve,2005-3155 || nessus,10374
|
|
1930
1930
|
2107 || IMAP create buffer overflow attempt || bugtraq,7446
|
|
1931
1931
|
2108 || POP3 CAPA overflow attempt
|
|
1932
1932
|
2109 || POP3 TOP overflow attempt
|
|
@@ -1938,7 +1938,7 @@
|
|
|
1938
1938
|
2115 || WEB-CGI album.pl access || bugtraq,7444 || nessus,11581
|
|
1939
1939
|
2116 || WEB-CGI chipcfg.cgi access || bugtraq,2767 || cve,2001-1341 || url,archives.neohapsis.com/archives/bugtraq/2001-05/0233.html
|
|
1940
1940
|
2117 || WEB-IIS Battleaxe Forum login.asp access || bugtraq,7416 || cve,2003-0215 || nessus,11548
|
|
1941
|
-
2118 || IMAP list overflow attempt || bugtraq,1110 || cve,2000-0284 || nessus,10374
|
|
1941
|
+
2118 || IMAP list overflow attempt || bugtraq,1110 || bugtraq,15006 || cve,2000-0284 || cve,2005-3155 || nessus,10374
|
|
1942
1942
|
2119 || IMAP rename literal overflow attempt || bugtraq,1110 || cve,2000-0284 || nessus,10374
|
|
1943
1943
|
2120 || IMAP create literal buffer overflow attempt || bugtraq,7446
|
|
1944
1944
|
2121 || POP3 DELE negative argument attempt || bugtraq,6053 || bugtraq,7445 || cve,2002-1539 || nessus,11570
|
|
@@ -2006,10 +2006,10 @@
|
|
|
2006
2006
|
2183 || SMTP Content-Transfer-Encoding overflow attempt || cve,2003-0161 || url,www.cert.org/advisories/CA-2003-12.html
|
|
2007
2007
|
2184 || RPC mountd TCP mount path overflow attempt || bugtraq,8179 || cve,2003-0252 || nessus,11800
|
|
2008
2008
|
2185 || RPC mountd UDP mount path overflow attempt || bugtraq,8179 || cve,2003-0252 || nessus,11800
|
|
2009
|
-
2186 || BAD-TRAFFIC IP Proto 53 SWIPE || bugtraq,8211 || cve,2003-0567 || nessus,11791
|
|
2010
|
-
2187 || BAD-TRAFFIC IP Proto 55 IP Mobility || bugtraq,8211 || cve,2003-0567 || nessus,11791
|
|
2011
|
-
2188 || BAD-TRAFFIC IP Proto 77 Sun ND || bugtraq,8211 || cve,2003-0567 || nessus,11791
|
|
2012
|
-
2189 || BAD-TRAFFIC IP Proto 103 PIM || bugtraq,8211 || cve,2003-0567 || nessus,11791
|
|
2009
|
+
2186 || DELETED BAD-TRAFFIC IP Proto 53 SWIPE || bugtraq,8211 || cve,2003-0567 || nessus,11791
|
|
2010
|
+
2187 || DELETED BAD-TRAFFIC IP Proto 55 IP Mobility || bugtraq,8211 || cve,2003-0567 || nessus,11791
|
|
2011
|
+
2188 || DELETED BAD-TRAFFIC IP Proto 77 Sun ND || bugtraq,8211 || cve,2003-0567 || nessus,11791
|
|
2012
|
+
2189 || DELETED BAD-TRAFFIC IP Proto 103 PIM || bugtraq,8211 || cve,2003-0567 || nessus,11791
|
|
2013
2013
|
2190 || NETBIOS DCERPC invalid bind attempt
|
|
2014
2014
|
2191 || NETBIOS SMB DCERPC invalid bind attempt
|
|
2015
2015
|
2192 || DELETED NETBIOS SMB ISystemActivator unicode alter context attempt
|
|
@@ -2098,7 +2098,7 @@
|
|
|
2098
2098
|
2275 || SMTP AUTH LOGON brute force attempt
|
|
2099
2099
|
2276 || WEB-MISC oracle portal demo access || nessus,11918
|
|
2100
2100
|
2277 || WEB-MISC PeopleSoft PeopleBooks psdoccgi access || bugtraq,9037 || bugtraq,9038 || cve,2003-0626 || cve,2003-0627
|
|
2101
|
-
2278 || WEB-MISC client negative Content-Length attempt || bugtraq,17879 || bugtraq,9098 || bugtraq,9476 || bugtraq,9576 || cve,2004-0095 || cve,2006-2162
|
|
2101
|
+
2278 || WEB-MISC client negative Content-Length attempt || bugtraq,16354 || bugtraq,17879 || bugtraq,9098 || bugtraq,9476 || bugtraq,9576 || cve,2004-0095 || cve,2005-3653 || cve,2006-2162
|
|
2102
2102
|
2279 || WEB-PHP UpdateClasses.php access || bugtraq,9057
|
|
2103
2103
|
2280 || WEB-PHP Title.php access || bugtraq,9057
|
|
2104
2104
|
2281 || WEB-PHP Setup.php access || bugtraq,9057 || cve,2009-1151
|
|
@@ -2158,7 +2158,7 @@
|
|
|
2158
2158
|
2335 || FTP RMD / attempt || bugtraq,9159
|
|
2159
2159
|
2336 || DELETED TFTP NULL command attempt || bugtraq,7575
|
|
2160
2160
|
2337 || TFTP PUT filename overflow attempt || bugtraq,22923 || bugtraq,7819 || bugtraq,8505 || cve,2003-0380 || nessus,18264
|
|
2161
|
-
2338 || FTP LIST buffer overflow attempt || bugtraq,10181 || bugtraq,33454 || bugtraq,6869 || bugtraq,7251 || bugtraq,7861 || bugtraq,8486 || bugtraq,9675 || cve,1999-0349 || cve,1999-1510 || cve,2000-0129 || cve,2007-0019 || url,www.microsoft.com/technet/security/bulletin/MS99-003.mspx
|
|
2161
|
+
2338 || FTP LIST buffer overflow attempt || bugtraq,10181 || bugtraq,33454 || bugtraq,6869 || bugtraq,7251 || bugtraq,7861 || bugtraq,8486 || bugtraq,9675 || cve,1999-0349 || cve,1999-1510 || cve,2000-0129 || cve,2007-0019 || cve,2009-0351 || url,www.microsoft.com/technet/security/bulletin/MS99-003.mspx
|
|
2162
2162
|
2339 || TFTP NULL command attempt || bugtraq,7575
|
|
2163
2163
|
2340 || FTP SITE CHMOD overflow attempt || bugtraq,10181 || bugtraq,9483 || bugtraq,9675 || cve,1999-0838 || nessus,12037
|
|
2164
2164
|
2341 || WEB-PHP DCP-Portal remote file include editor script attempt || bugtraq,6525
|
|
@@ -2169,7 +2169,7 @@
|
|
|
2169
2169
|
2346 || WEB-PHP myPHPNuke chatheader.php access || bugtraq,6544
|
|
2170
2170
|
2347 || WEB-PHP myPHPNuke partner.php access || bugtraq,6544
|
|
2171
2171
|
2348 || DELETED NETBIOS SMB-DS DCERPC print spool bind attempt
|
|
2172
|
-
2349 || NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters attempt
|
|
2172
|
+
2349 || NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters attempt || bugtraq,21220 || cve,2006-6114
|
|
2173
2173
|
2350 || DELETED NETBIOS SMB-DS ISystemActivator alter context attempt
|
|
2174
2174
|
2351 || DELETED NETBIOS SMB ISystemActivator RemoteCreateInstance unicode little endian attempt || bugtraq,8205 || cve,2003-0352 || url,www.microsoft.com/technet/security/bulletin/MS03-026.asp
|
|
2175
2175
|
2352 || DELETED NETBIOS SMB-DS v4 ISystemActivator RemoteCreateInstance unicode attempt || bugtraq,8205 || cve,2003-0352 || url,www.microsoft.com/technet/security/bulletin/MS03-026.asp
|
|
@@ -2209,10 +2209,10 @@
|
|
|
2209
2209
|
2386 || WEB-IIS NTLM ASN1 vulnerability scan attempt || bugtraq,9633 || bugtraq,9635 || cve,2003-0818 || nessus,12052 || nessus,12055 || nessus,12065 || url,www.microsoft.com/technet/security/bulletin/MS04-007.mspx
|
|
2210
2210
|
2387 || WEB-CGI view_broadcast.cgi access || bugtraq,8257 || cve,2003-0422
|
|
2211
2211
|
2388 || WEB-CGI streaming server view_broadcast.cgi access || bugtraq,8257 || cve,2003-0422
|
|
2212
|
-
2389 || FTP RNTO overflow attempt || bugtraq,8315 || cve,2000-0133 || cve,2001-1021 || cve,2003-0466
|
|
2212
|
+
2389 || FTP RNTO overflow attempt || bugtraq,15457 || bugtraq,8315 || cve,2000-0133 || cve,2001-1021 || cve,2003-0466 || cve,2005-3683
|
|
2213
2213
|
2390 || FTP STOU overflow attempt || bugtraq,8315 || cve,2003-0466
|
|
2214
2214
|
2391 || FTP APPE overflow attempt || bugtraq,8315 || bugtraq,8542 || cve,2000-0133 || cve,2003-0466 || cve,2003-0772
|
|
2215
|
-
2392 || FTP RETR overflow attempt || bugtraq,23168 || bugtraq,8315 || cve,2003-0466 || cve,2004-0287 || cve,2004-0298
|
|
2215
|
+
2392 || FTP RETR overflow attempt || bugtraq,15457 || bugtraq,23168 || bugtraq,8315 || cve,2003-0466 || cve,2004-0287 || cve,2004-0298 || cve,2005-3683
|
|
2216
2216
|
2393 || WEB-PHP /_admin access || bugtraq,9537 || nessus,12032
|
|
2217
2217
|
2394 || WEB-MISC Compaq web-based management agent denial of service attempt || bugtraq,8014
|
|
2218
2218
|
2395 || WEB-MISC InteractiveQuery.jsp access || bugtraq,8938 || cve,2003-0624
|
|
@@ -2237,7 +2237,7 @@
|
|
|
2237
2237
|
2414 || EXPLOIT ISAKMP initial contact notification without SPI attempt || bugtraq,9416 || bugtraq,9417 || cve,2004-0164
|
|
2238
2238
|
2415 || EXPLOIT ISAKMP second payload initial contact notification without SPI attempt || bugtraq,9416 || bugtraq,9417 || cve,2004-0164
|
|
2239
2239
|
2416 || FTP invalid MDTM command attempt || bugtraq,9751 || cve,2001-1021 || cve,2004-0330
|
|
2240
|
-
2417 || FTP format string attempt || bugtraq,9800 || cve,2002-2074
|
|
2240
|
+
2417 || FTP format string attempt || bugtraq,15352 || bugtraq,30993 || bugtraq,9800 || cve,2002-2074 || cve,2005-2123
|
|
2241
2241
|
2418 || MISC MS Terminal Server no encryption session initiation attempt || url,www.microsoft.com/technet/security/bulletin/MS01-052.mspx
|
|
2242
2242
|
2419 || MULTIMEDIA realplayer .ram playlist download attempt
|
|
2243
2243
|
2420 || MULTIMEDIA realplayer .rmp playlist download attempt
|
|
@@ -2255,12 +2255,12 @@
|
|
|
2255
2255
|
2432 || NNTP article post without path attempt
|
|
2256
2256
|
2433 || WEB-CGI MDaemon form2raw.cgi overflow attempt || bugtraq,9317 || cve,2003-1200 || url,secunia.com/advisories/10512/
|
|
2257
2257
|
2434 || WEB-CGI MDaemon form2raw.cgi access || bugtraq,9317 || cve,2003-1200 || url,secunia.com/advisories/10512/
|
|
2258
|
-
2435 || WEB-CLIENT Microsoft emf metafile access || bugtraq,10120 || bugtraq,9707 || cve,2003-0906 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || url,www.microsoft.com/technet/security/bulletin/MS04-032.mspx || url,www.microsoft.com/technet/security/bulletin/MS05-053.mspx || url,www.microsoft.com/technet/security/bulletin/MS06-001.mspx
|
|
2258
|
+
2435 || WEB-CLIENT Microsoft emf metafile access || bugtraq,10120 || bugtraq,28819 || bugtraq,9707 || cve,2003-0906 || cve,2007-5746 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || url,www.microsoft.com/technet/security/bulletin/MS04-032.mspx || url,www.microsoft.com/technet/security/bulletin/MS05-053.mspx || url,www.microsoft.com/technet/security/bulletin/MS06-001.mspx
|
|
2259
2259
|
2436 || WEB-CLIENT Microsoft wmf metafile access
|
|
2260
2260
|
2437 || DELETED WEB-CLIENT RealPlayer arbitrary javascript commnad attempt || bugtraq,8453 || bugtraq,9378 || cve,2003-0726
|
|
2261
|
-
2438 || WEB-CLIENT RealPlayer playlist file URL overflow attempt || bugtraq,9579 || cve,2004-0258
|
|
2262
|
-
2439 || WEB-CLIENT RealPlayer playlist http URL overflow attempt || bugtraq,9579 || cve,2004-0258
|
|
2263
|
-
2440 || WEB-CLIENT RealPlayer playlist rtsp URL overflow attempt || bugtraq,9579 || cve,2004-0258
|
|
2261
|
+
2438 || WEB-CLIENT RealPlayer playlist file URL overflow attempt || bugtraq,13264 || bugtraq,9579 || cve,2004-0258 || cve,2005-0755
|
|
2262
|
+
2439 || WEB-CLIENT RealPlayer playlist http URL overflow attempt || bugtraq,13264 || bugtraq,9579 || cve,2004-0258 || cve,2005-0755
|
|
2263
|
+
2440 || WEB-CLIENT RealPlayer playlist rtsp URL overflow attempt || bugtraq,13264 || bugtraq,9579 || cve,2004-0258 || cve,2005-0755
|
|
2264
2264
|
2441 || WEB-MISC NetObserve authentication bypass attempt || bugtraq,9319
|
|
2265
2265
|
2442 || WEB-MISC Quicktime User-Agent buffer overflow attempt || bugtraq,9735 || cve,2004-0169
|
|
2266
2266
|
2443 || DELETED EXPLOIT ICQ SRV_MULTI/SRV_META_USER first name overflow attempt || url,www.eeye.com/html/Research/Advisories/AD20040318.html
|
|
@@ -2390,7 +2390,7 @@
|
|
|
2390
2390
|
2567 || WEB-CGI Emumail init.emu access || bugtraq,9861 || nessus,12095
|
|
2391
2391
|
2568 || WEB-CGI Emumail emumail.fcgi access || bugtraq,9861 || nessus,12095
|
|
2392
2392
|
2569 || WEB-MISC cPanel resetpass access || bugtraq,9848 || cve,2004-1769
|
|
2393
|
-
2570 || WEB-MISC Invalid HTTP Version String || bugtraq,9809 || nessus,11593
|
|
2393
|
+
2570 || WEB-MISC Invalid HTTP Version String || bugtraq,34240 || bugtraq,9809 || cve,2009-0478 || nessus,11593
|
|
2394
2394
|
2571 || WEB-IIS SmarterTools SmarterMail frmGetAttachment.aspx access || bugtraq,9805
|
|
2395
2395
|
2572 || WEB-IIS SmarterTools SmarterMail login.aspx buffer overflow attempt || bugtraq,9805
|
|
2396
2396
|
2573 || WEB-IIS SmarterTools SmarterMail frmCompose.asp access || bugtraq,9805
|
|
@@ -2431,7 +2431,7 @@
|
|
|
2431
2431
|
2608 || ORACLE sysdbms_repcat_rgt.check_ddl_text buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck97.html
|
|
2432
2432
|
2609 || ORACLE dbms_repcat.cancel_statistics buffer overflow attempt
|
|
2433
2433
|
2610 || DELETED ORACLE cancel_statistics ordered sname/oname buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck633.html
|
|
2434
|
-
2611 || ORACLE LINK metadata buffer overflow attempt || bugtraq,7453 || cve,2003-0222 || nessus,11563 || url,archives.neohapsis.com/archives/bugtraq/2003-04/0360.html
|
|
2434
|
+
2611 || ORACLE LINK metadata buffer overflow attempt || bugtraq,12296 || bugtraq,7453 || cve,2003-0222 || cve,2005-0297 || nessus,11563 || url,archives.neohapsis.com/archives/bugtraq/2003-04/0360.html
|
|
2435
2435
|
2612 || ORACLE sys.dbms_repcat_auth.revoke_surrogate_repcat buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck97.html
|
|
2436
2436
|
2613 || DELETED ORACLE revoke_surrogate_repcat ordered userid buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck97.html
|
|
2437
2437
|
2614 || ORACLE time_zone buffer overflow attempt || bugtraq,9587 || cve,2003-1208 || nessus,12047 || url,www.nextgenss.com/advisories/ora_time_zone.txt
|
|
@@ -2826,7 +2826,7 @@
|
|
|
2826
2826
|
3004 || NETBIOS SMB-DS Session Setup NTMLSSP andx asn1 overflow attempt || bugtraq,9633 || bugtraq,9635 || cve,2003-0818 || nessus,12052 || nessus,12065 || url,www.microsoft.com/technet/security/bulletin/MS04-007.mspx
|
|
2827
2827
|
3005 || NETBIOS SMB-DS Session Setup NTMLSSP unicode andx asn1 overflow attempt || bugtraq,9633 || bugtraq,9635 || cve,2003-0818 || nessus,12052 || nessus,12065 || url,www.microsoft.com/technet/security/bulletin/MS04-007.mspx
|
|
2828
2828
|
3006 || EXPLOIT Volition Freespace 2 buffer overflow attempt || bugtraq,9785
|
|
2829
|
-
3007 || IMAP delete overflow attempt || bugtraq,11675 || cve,2004-1520 || nessus,15771
|
|
2829
|
+
3007 || IMAP delete overflow attempt || bugtraq,11675 || bugtraq,15006 || cve,2004-1520 || cve,2005-3155 || nessus,15771
|
|
2830
2830
|
3008 || IMAP delete literal overflow attempt || bugtraq,11675 || cve,2004-1520 || nessus,15771
|
|
2831
2831
|
3009 || BACKDOOR NetBus Pro 2.0 connection request
|
|
2832
2832
|
3010 || BACKDOOR RUX the Tick get windows directory attempt
|
|
@@ -2887,13 +2887,13 @@
|
|
|
2887
2887
|
3065 || IMAP append literal overflow attempt || bugtraq,11775 || cve,2004-1211 || nessus,15867
|
|
2888
2888
|
3066 || IMAP append overflow attempt || bugtraq,11775 || bugtraq,21729 || cve,2004-1211 || cve,2006-6425 || nessus,15867
|
|
2889
2889
|
3067 || IMAP examine literal overflow attempt || bugtraq,11775 || cve,2004-1211 || nessus,15867
|
|
2890
|
-
3068 || IMAP examine overflow attempt || bugtraq,11775 || cve,2004-1211 || nessus,15867
|
|
2890
|
+
3068 || IMAP examine overflow attempt || bugtraq,11775 || bugtraq,15006 || cve,2004-1211 || cve,2005-3155 || nessus,15867
|
|
2891
2891
|
3069 || IMAP fetch literal overflow attempt || bugtraq,11775 || cve,2004-1211 || nessus,15867
|
|
2892
2892
|
3070 || IMAP fetch overflow attempt || bugtraq,11775 || cve,2004-1211 || nessus,15867
|
|
2893
2893
|
3071 || IMAP status literal overflow attempt || bugtraq,11775 || bugtraq,15491 || cve,2004-1211 || nessus,15867
|
|
2894
|
-
3072 || IMAP status overflow attempt || bugtraq,11775 || bugtraq,13727 || bugtraq,14243 || bugtraq,15491 || cve,2004-1211 || cve,2005-1256 || cve,2005-2278 || nessus,15867
|
|
2894
|
+
3072 || IMAP status overflow attempt || bugtraq,11775 || bugtraq,13727 || bugtraq,14243 || bugtraq,15491 || cve,2004-1211 || cve,2005-1256 || cve,2005-2278 || cve,2005-3314 || nessus,15867
|
|
2895
2895
|
3073 || IMAP SUBSCRIBE literal overflow attempt || bugtraq,11775 || bugtraq,15488 || bugtraq,23050 || bugtraq,26219 || cve,2004-1211 || cve,2005-3189 || cve,2007-3510 || nessus,15867
|
|
2896
|
-
3074 || IMAP SUBSCRIBE overflow attempt || bugtraq,11775 || bugtraq,15488 || bugtraq,23050 || bugtraq,26219 || cve,2004-1211 || cve,2005-3189 || cve,2007-3510 || nessus,15867
|
|
2896
|
+
3074 || IMAP SUBSCRIBE overflow attempt || bugtraq,11775 || bugtraq,15488 || bugtraq,23050 || bugtraq,26219 || cve,2004-1211 || cve,2005-3189 || cve,2007-1579 || cve,2007-3510 || nessus,15867
|
|
2897
2897
|
3075 || IMAP unsubscribe literal overflow attempt || bugtraq,11775 || cve,2004-1211 || nessus,15867
|
|
2898
2898
|
3076 || IMAP UNSUBSCRIBE overflow attempt || bugtraq,11775 || bugtraq,15488 || cve,2004-1211 || cve,2005-3189 || nessus,15867
|
|
2899
2899
|
3077 || FTP RNFR overflow attempt || bugtraq,14339
|
|
@@ -3236,7 +3236,7 @@
|
|
|
3236
3236
|
3514 || ORACLE utl_file.fopen directory traversal attempt || bugtraq,12749
|
|
3237
3237
|
3515 || ORACLE utl_file.fremove directory traversal attempt || bugtraq,12749
|
|
3238
3238
|
3516 || ORACLE utl_file.frename directory traversal attempt || bugtraq,12749
|
|
3239
|
-
3517 || EXPLOIT Computer Associates license PUTOLF overflow attempt || bugtraq,12705 || cve,2005-
|
|
3239
|
+
3517 || EXPLOIT Computer Associates license PUTOLF overflow attempt || bugtraq,12705 || cve,2005-0582
|
|
3240
3240
|
3518 || WEB-MISC MySQL MaxDB WebSQL wppassword buffer overflow || bugtraq,12265 || cve,2005-0111 || url,www.osvdb.org/displayvuln.php?osvdb_id=12919
|
|
3241
3241
|
3519 || WEB-MISC MySQL MaxDB WebSQL wppassword buffer overflow default port || bugtraq,12265 || cve,2005-0111 || url,www.osvdb.org/displayvuln.php?osvdb_id=12919
|
|
3242
3242
|
3520 || EXPLOIT Computer Associates license GCR NETWORK overflow attempt || bugtraq,12705 || cve,2005-0581
|
|
@@ -3398,14 +3398,14 @@
|
|
|
3398
3398
|
3676 || WEB-MISC newsscript.pl admin attempt || bugtraq,12761 || cve,2005-0735 || nessus,17309
|
|
3399
3399
|
3677 || EXPLOIT Ethereal SIP UDP CSeq overflow attempt || bugtraq,13504 || cve,2005-1461 || nessus,18986 || url,www.ethereal.com/news/item_20050504_01.html
|
|
3400
3400
|
3678 || EXPLOIT Ethereal SIP UDP CSeq overflow attempt || bugtraq,13504 || cve,2005-1461 || nessus,18986 || url,www.ethereal.com/news/item_20050504_01.html
|
|
3401
|
-
3679 || WEB-CLIENT
|
|
3401
|
+
3679 || WEB-CLIENT Web-client IFRAME src javascript code execution || bugtraq,13544 || bugtraq,30560 || cve,2005-1476 || cve,2008-2939 || nessus,18243
|
|
3402
3402
|
3680 || P2P AOL Instant Messenger file send attempt
|
|
3403
3403
|
3681 || P2P AOL Instant Messenger file receive attempt
|
|
3404
3404
|
3682 || SMTP spoofed MIME-Type auto-execution attempt || bugtraq,2524 || cve,2001-0154 || url,www.microsoft.com/technet/security/bulletin/MS01-020.mspx
|
|
3405
3405
|
3683 || WEB-CLIENT spoofed MIME-Type auto-execution attempt || bugtraq,2524 || cve,2001-0154 || url,www.microsoft.com/technet/security/bulletin/MS01-020.mspx
|
|
3406
3406
|
3684 || DELETED WEB-CLIENT Bitmap Transfer
|
|
3407
3407
|
3685 || WEB-CLIENT bitmap BitmapOffset multipacket integer overflow attempt || bugtraq,9663 || cve,2004-0566 || url,www.microsoft.com/technet/security/bulletin/ms04-025.mspx
|
|
3408
|
-
3686 || WEB-CLIENT Microsoft Internet Explorer Content Advisor
|
|
3408
|
+
3686 || WEB-CLIENT Microsoft Internet Explorer Content Advisor memory corruption attempt || cve,2005-0555 || url,www.microsoft.com/technet/security/Bulletin/MS05-020.mspx
|
|
3409
3409
|
3687 || TELNET client ENV OPT USERVAR information disclosure || bugtraq,13940 || cve,2005-1205 || url,www.microsoft.com/technet/Security/bulletin/ms05-033.mspx
|
|
3410
3410
|
3688 || TELNET client ENV OPT VAR information disclosure || bugtraq,13940 || cve,2005-1205 || url,www.microsoft.com/technet/Security/bulletin/ms05-033.mspx
|
|
3411
3411
|
3689 || WEB-CLIENT Internet Explorer tRNS overflow attempt || bugtraq,13941 || cve,2005-1211 || nessus,18490 || url,www.microsoft.com/technet/security/bulletin/MS05-025.mspx
|
|
@@ -3413,7 +3413,7 @@
|
|
|
3413
3413
|
3691 || CHAT Yahoo Messenger Message
|
|
3414
3414
|
3692 || CHAT Yahoo Messenger File Transfer Initiation Request
|
|
3415
3415
|
3693 || WEB-MISC IBM WebSphere j_security_check overflow attempt || bugtraq,13853 || cve,2005-1872
|
|
3416
|
-
3694 || WEB-MISC Squid content length cache poisoning attempt || bugtraq,12412 || cve,2005-0174
|
|
3416
|
+
3694 || WEB-MISC Squid content length cache poisoning attempt || bugtraq,12412 || bugtraq,13956 || cve,2005-0174 || cve,2005-1215
|
|
3417
3417
|
3695 || EXPLOIT Veritas Backup Agent password overflow attempt || cve,2005-0773
|
|
3418
3418
|
3696 || EXPLOIT Veritas Backup Agent DoS attempt || bugtraq,14201 || cve,2005-0772
|
|
3419
3419
|
3697 || NETBIOS DCERPC NCACN-IP-TCP veritas bind attempt || bugtraq,14020 || cve,2005-0771 || url,www.idefense.com/application/poi/display?id=269&type=vulnerabilities
|
|
@@ -3537,7 +3537,7 @@
|
|
|
3537
3537
|
3815 || SMTP eXchange POP3 mail server overflow attempt || bugtraq,10180 || cve,2004-1945
|
|
3538
3538
|
3816 || WEB-MISC BadBlue ext.dll buffer overflow attempt || bugtraq,12673 || cve,2005-0595
|
|
3539
3539
|
3817 || TFTP GET transfer mode overflow attempt || bugtraq,13821 || cve,2005-1812
|
|
3540
|
-
3818 || TFTP PUT transfer mode overflow attempt || bugtraq,13821 || cve,2005-1812
|
|
3540
|
+
3818 || TFTP PUT transfer mode overflow attempt || bugtraq,13821 || bugtraq,21301 || cve,2005-1812 || cve,2006-6183
|
|
3541
3541
|
3819 || WEB-CLIENT multipacket CHM file transfer start
|
|
3542
3542
|
3820 || WEB-CLIENT multipacket CHM file transfer attempt || bugtraq,13953 || cve,2005-1208 || nessus,18482 || url,www.microsoft.com/technet/security/bulletin/ms05-026.mspx
|
|
3543
3543
|
3821 || WEB-CLIENT CHM file transfer attempt || bugtraq,13953 || cve,2005-1208 || nessus,18482 || url,www.microsoft.com/technet/security/bulletin/ms05-026.mspx
|
|
@@ -3845,7 +3845,7 @@
|
|
|
3845
3845
|
4123 || DELETED NETBIOS SMB-DS v4 umpnpmgr PNP_DetectResourceConflict unicode little endian andx attempt || bugtraq,14513 || cve,2005-1983 || url,www.microsoft.com/technet/security/bulletin/ms05-039.mspx
|
|
3846
3846
|
4124 || DELETED NETBIOS SMB-DS v4 umpnpmgr PNP_DetectResourceConflict unicode little endian attempt || bugtraq,14513 || cve,2005-1983 || url,www.microsoft.com/technet/security/bulletin/ms05-039.mspx
|
|
3847
3847
|
4125 || DELETED NETBIOS-DG SMB v4 umpnpmgr PNP_DetectResourceConflict unicode little endian andx attempt || url,www.microsoft.com/technet/security/bulletin/ms05-039.mspx
|
|
3848
|
-
4126 || EXPLOIT Veritas Backup Exec root connection attempt using default password hash || bugtraq,14551
|
|
3848
|
+
4126 || EXPLOIT Veritas Backup Exec root connection attempt using default password hash || bugtraq,14551 || cve,2005-2611
|
|
3849
3849
|
4127 || EXPLOIT Novell eDirectory Server iMonitor overflow attempt || bugtraq,14548 || cve,2005-2551
|
|
3850
3850
|
4128 || WEB-CGI 4DWebstar ShellExample.cgi information disclosure || bugtraq,10721 || url,www.atstake.com/research/advisories/2004/a071304-1.txt
|
|
3851
3851
|
4129 || EXPLOIT Novell ZenWorks Remote Management Agent large login packet DoS attempt || bugtraq,13678 || cve,2005-1543
|
|
@@ -3858,7 +3858,7 @@
|
|
|
3858
3858
|
4136 || WEB-CLIENT IE JPEG heap overflow multipacket attempt || bugtraq,14282 || bugtraq,14284 || cve,2005-1988 || url,www.microsoft.com/technet/security/bulletin/MS05-038.mspx
|
|
3859
3859
|
4140 || DOS tcpdump tcp LDP print zero length message denial of service attempt || bugtraq,13389 || cve,2005-1279 || url,www.frsirt.com/english/advisories/2005/0410
|
|
3860
3860
|
4141 || DOS tcpdump udp LDP print zero length message denial of service attempt || bugtraq,13389 || cve,2005-1279 || url,www.frsirt.com/english/advisories/2005/0410
|
|
3861
|
-
4142 || ORACLE reports servlet command execution attempt || url,www.red-database-security.com/advisory/oracle_forms_run_any_os_command.html || url,www.red-database-security.com/advisory/oracle_reports_run_any_os_command.html
|
|
3861
|
+
4142 || ORACLE reports servlet command execution attempt || bugtraq,14316 || cve,2005-2371 || url,www.red-database-security.com/advisory/oracle_forms_run_any_os_command.html || url,www.red-database-security.com/advisory/oracle_reports_run_any_os_command.html
|
|
3862
3862
|
4143 || EXPLOIT lpd receive printer job cascade adaptor protocol request
|
|
3863
3863
|
4144 || EXPLOIT lpd Solaris control file upload attempt
|
|
3864
3864
|
4145 || WEB-ACTIVEX Windows Trouble Shooter ActiveX Object Access || bugtraq,8833 || cve,2003-0662 || url,www.microsoft.com/technet/security/bulletin/MS03-042.mspx
|
|
@@ -3886,7 +3886,7 @@
|
|
|
3886
3886
|
4167 || WEB-ACTIVEX MSN Heartbeat ActiveX clsid access || bugtraq,11367 || url,www.microsoft.com/technet/security/bulletin/MS04-038.mspx || url,www.microsoft.com/technet/security/bulletin/MS07-069.mspx
|
|
3887
3887
|
4168 || WEB-ACTIVEX Shell Automation Service ActiveX Object Access || bugtraq,9335
|
|
3888
3888
|
4169 || WEB-ACTIVEX Internet Explorer Active Setup ActiveX Object Access || bugtraq,667 || url,www.microsoft.com/technet/security/bulletin/MS99-037.mspx
|
|
3889
|
-
4170 || WEB-ACTIVEX Office 2000 and 2002 Web Components Data Source Control ActiveX clsid access || bugtraq,4449 || cve,2002-0727 || cve,2007-1201 || url,www.microsoft.com/technet/security/Bulletin/MS08-017.mspx || url,www.microsoft.com/technet/security/bulletin/MS02-044.mspx
|
|
3889
|
+
4170 || WEB-ACTIVEX Office 2000 and 2002 Web Components Data Source Control ActiveX clsid access || bugtraq,28136 || bugtraq,4449 || cve,2002-0727 || cve,2007-1201 || url,www.microsoft.com/technet/security/Bulletin/MS08-017.mspx || url,www.microsoft.com/technet/security/bulletin/MS02-044.mspx
|
|
3890
3890
|
4171 || WEB-ACTIVEX Registration Wizard ActiveX Object Access || bugtraq,671 || url,www.microsoft.com/technet/security/bulletin/MS99-037.mspx
|
|
3891
3891
|
4172 || WEB-ACTIVEX Microsoft Agent v1.5 ActiveX clsid access || cve,2005-1214 || cve,2006-3445 || cve,2007-1205 || url,www.microsoft.com/technet/security/bulletin/MS05-032.mspx || url,www.microsoft.com/technet/security/bulletin/MS06-068.mspx || url,www.microsoft.com/technet/security/bulletin/MS07-020.mspx
|
|
3892
3892
|
4173 || WEB-ACTIVEX MsnPUpld ActiveX Object Access || url,www.microsoft.com/technet/security/bulletin/MS05-025.mspx
|
|
@@ -4392,8 +4392,8 @@
|
|
|
4392
4392
|
4673 || NETBIOS-DG SMB NT Trans NT SET SECURITY DESC unicode DACL overflow attempt || cve,2004-1154
|
|
4393
4393
|
4674 || NETBIOS-DG SMB NT Trans NT SET SECURITY DESC unicode andx DACL overflow attempt || cve,2004-1154
|
|
4394
4394
|
4675 || WEB-CLIENT Macromedia swf DOACTION tag overflow attempt || url,www.macromedia.com/devnet/security/security_zone/mpsb05-07.html
|
|
4395
|
-
4676 || ORACLE
|
|
4396
|
-
4677 || ORACLE
|
|
4395
|
+
4676 || ORACLE Enterprise Manager Application Server Control POST Parameter Overflow Attempt || bugtraq,15146 || url,www.oracle.com/technology/deploy/security/pdf/cpuoct2005.html
|
|
4396
|
+
4677 || ORACLE Enterprise Manager Application Server Control GET Parameter Overflow Attempt || bugtraq,15146 || url,www.oracle.com/technology/deploy/security/pdf/cpuoct2005.html
|
|
4397
4397
|
4678 || WEB-CLIENT quicktime movie file transfer
|
|
4398
4398
|
4679 || WEB-CLIENT quicktime movie file component name integer overflow multipacket attempt || bugtraq,15308 || cve,2005-2754 || url,docs.info.apple.com/article.html?artnum=302772
|
|
4399
4399
|
4680 || WEB-CLIENT quicktime movie file component name integer overflow attempt || bugtraq,15308 || cve,2005-2754 || url,docs.info.apple.com/article.html?artnum=302772
|
|
@@ -5420,8 +5420,8 @@
|
|
|
5420
5420
|
5701 || IMAP status directory traversal attempt || bugtraq,15488 || cve,2005-3189
|
|
5421
5421
|
5702 || IMAP SUBSCRIBE directory traversal attempt || bugtraq,11775 || bugtraq,15488 || bugtraq,23050 || bugtraq,26219 || cve,2004-1211 || cve,2005-3189 || cve,2007-3510 || nessus,15867
|
|
5422
5422
|
5703 || IMAP unsubscribe directory traversal attempt || bugtraq,15488 || cve,2005-3189
|
|
5423
|
-
5704 || IMAP SELECT overflow attempt || bugtraq,15006 || cve,2006-1255
|
|
5424
|
-
5705 || IMAP CAPABILITY overflow attempt || bugtraq,15006
|
|
5423
|
+
5704 || IMAP SELECT overflow attempt || bugtraq,15006 || cve,2005-3155 || cve,2006-1255
|
|
5424
|
+
5705 || IMAP CAPABILITY overflow attempt || bugtraq,15006 || cve,2005-3155
|
|
5425
5425
|
5706 || POLICY Namazu incoming namazu.cgi access || url,www.namazu.org/doc/manual.html
|
|
5426
5426
|
5707 || POLICY Namazu outbound namazu.cgi access || url,www.namazu.org/doc/manual.html
|
|
5427
5427
|
5708 || POLICY HTML File upload attempt || url,www.faqs.org/rfcs/rfc1867.html
|
|
@@ -6718,8 +6718,8 @@
|
|
|
6718
6718
|
6999 || DELETED NETBIOS SMB rras RasRpcSetUserPreferences WriteAndX little endian andx callback number overflow attempt || bugtraq,18358 || cve,2006-2371 || url,www.microsoft.com/technet/security/bulletin/MS06-025.mspx
|
|
6719
6719
|
7000 || DELETED NETBIOS SMB-DS rras RasRpcSetUserPreferences WriteAndX unicode little endian andx callback number overflow attempt || bugtraq,18358 || cve,2006-2371 || url,www.microsoft.com/technet/security/bulletin/MS06-025.mspx
|
|
6720
6720
|
7001 || DELETED NETBIOS SMB v4 rras RasRpcSetUserPreferences WriteAndX andx callback number overflow attempt || bugtraq,18358 || cve,2006-2371 || url,www.microsoft.com/technet/security/bulletin/MS06-025.mspx
|
|
6721
|
-
7002 || WEB-CLIENT excel url unicode overflow attempt || bugtraq,18422 || bugtraq,18500 || cve,2006-3059 || url,www.microsoft.com/technet/security/bulletin/ms06-037.mspx
|
|
6722
|
-
7003 || WEB-ACTIVEX ADODB.Recordset ActiveX function call access || url,osvdb.org/26834
|
|
6721
|
+
7002 || WEB-CLIENT excel url unicode overflow attempt || bugtraq,18422 || bugtraq,18500 || cve,2006-3059 || cve,2006-3086 || url,www.microsoft.com/technet/security/bulletin/ms06-037.mspx
|
|
6722
|
+
7003 || WEB-ACTIVEX ADODB.Recordset ActiveX function call access || bugtraq,20704 || cve,2006-5559 || url,osvdb.org/26834
|
|
6723
6723
|
7004 || WEB-ACTIVEX Internet.HHCtrl.1 ActiveX function call access || bugtraq,18769 || cve,2006-3357 || url,osvdb.org/26835 || url,www.microsoft.com/technet/security/bulletin/ms06-046.mspx
|
|
6724
6724
|
7005 || WEB-ACTIVEX OutlookExpress.AddressBook ActiveX function call access
|
|
6725
6725
|
7006 || WEB-ACTIVEX ASControls.InstallEngineCtl ActiveX function call access
|
|
@@ -6735,9 +6735,9 @@
|
|
|
6735
6735
|
7016 || WEB-ACTIVEX Object.Microsoft.DXTFilter ActiveX function call access || bugtraq,18903 || cve,2006-3512
|
|
6736
6736
|
7017 || WEB-ACTIVEX RDS.DataControl ActiveX function call access || bugtraq,18900 || cve,2006-3510
|
|
6737
6737
|
7018 || WEB-ACTIVEX Sysmon ActiveX function call access
|
|
6738
|
-
7020 || WEB-CLIENT isComponentInstalled function buffer overflow || bugtraq,16870
|
|
6738
|
+
7020 || WEB-CLIENT isComponentInstalled function buffer overflow || bugtraq,16870 || cve,2006-1016
|
|
6739
6739
|
7021 || DOS linux kernel SCTP chunkless packet denial of service attempt || bugtraq,18755 || cve,2006-2934
|
|
6740
|
-
7022 || WEB-CLIENT windows explorer invalid url file overflow attempt || bugtraq,18838
|
|
6740
|
+
7022 || WEB-CLIENT windows explorer invalid url file overflow attempt || bugtraq,18838 || cve,2006-3351
|
|
6741
6741
|
7023 || DELETED WEB-CLIENT xls file download || url,sc.openoffice.org/excelfileformat.pdf
|
|
6742
6742
|
7024 || WEB-CLIENT excel style handling overflow attempt || bugtraq,18872 || cve,2006-3431 || url,www.microsoft.com/technet/security/bulletin/ms06-059.mspx
|
|
6743
6743
|
7025 || WEB-CLIENT excel url unicode overflow attempt || bugtraq,18583 || cve,2006-3014 || url,www.microsoft.com/technet/security/bulletin/ms06-069.mspx
|
|
@@ -6913,7 +6913,7 @@
|
|
|
6913
6913
|
7195 || SPYWARE-PUT Hijacker shopprreports runtime detection - track/upgrade/report activities || url,vil.mcafeesecurity.com/vil/content/v_133312.htm
|
|
6914
6914
|
7197 || WEB-CLIENT excel MSO.DLL malformed string parsing single byte buffer over attempt || bugtraq,17252 || cve,2006-1540 || url,www.microsoft.com/technet/security/bulletin/ms06-038.mspx
|
|
6915
6915
|
7198 || WEB-CLIENT excel MSO.DLL malformed string parsing multi byte buffer over attempt || bugtraq,17252 || cve,2006-1540 || url,www.microsoft.com/technet/security/bulletin/ms06-038.mspx
|
|
6916
|
-
7199 || WEB-CLIENT excel label record overflow attempt || cve,2006-1309 || url,www.microsoft.com/technet/security/bulletin/ms06-037.mspx
|
|
6916
|
+
7199 || WEB-CLIENT excel label record overflow attempt || bugtraq,28166 || cve,2006-1309 || cve,2008-0114 || url,www.microsoft.com/technet/security/bulletin/ms06-037.mspx
|
|
6917
6917
|
7200 || WEB-CLIENT microsoft word document summary information null string overflow attempt || cve,2006-1540 || url,www.microsoft.com/technet/security/bulletin/ms06-038.mspx
|
|
6918
6918
|
7201 || WEB-CLIENT microsoft word summary information null string overflow attempt || cve,2006-1540 || url,www.microsoft.com/technet/security/bulletin/ms06-038.mspx
|
|
6919
6919
|
7202 || WEB-CLIENT microsoft word document summary information string overflow attempt || cve,2006-1540 || url,www.microsoft.com/technet/security/bulletin/ms06-038.mspx
|
|
@@ -7149,8 +7149,8 @@
|
|
|
7149
7149
|
7432 || WEB-ACTIVEX DirectFrame.DirectControl.1 ActiveX CLSID unicode access || cve,2006-3638 || url,www.microsoft.com/technet/security/bulletin/MS06-042.mspx
|
|
7150
7150
|
7433 || WEB-ACTIVEX DirectX Transform Wrapper Property Page ActiveX CLSID access || cve,2006-3638 || url,www.microsoft.com/technet/security/bulletin/MS06-042.mspx
|
|
7151
7151
|
7434 || WEB-ACTIVEX DirectX Transform Wrapper Property Page ActiveX CLSID unicode access || cve,2006-3638 || url,www.microsoft.com/technet/security/bulletin/MS06-042.mspx
|
|
7152
|
-
7435 || WEB-ACTIVEX Dynamic Casts ActiveX
|
|
7153
|
-
7436 || WEB-ACTIVEX Dynamic Casts ActiveX
|
|
7152
|
+
7435 || WEB-ACTIVEX Dynamic Casts ActiveX clsid access || cve,2006-3638 || url,www.microsoft.com/technet/security/bulletin/MS06-042.mspx
|
|
7153
|
+
7436 || WEB-ACTIVEX Dynamic Casts ActiveX function call || cve,2006-3638 || url,www.microsoft.com/technet/security/bulletin/MS06-042.mspx
|
|
7154
7154
|
7437 || WEB-ACTIVEX Frame Eater ActiveX CLSID access || cve,2006-3638 || url,www.microsoft.com/technet/security/bulletin/MS06-042.mspx
|
|
7155
7155
|
7438 || WEB-ACTIVEX Frame Eater ActiveX CLSID unicode access || cve,2006-3638 || url,www.microsoft.com/technet/security/bulletin/MS06-042.mspx
|
|
7156
7156
|
7439 || WEB-ACTIVEX HTML Help ActiveX clsid access || cve,2006-3357 || cve,2007-0214 || url,www.microsoft.com/technet/security/bulletin/MS06-046.mspx || url,www.microsoft.com/technet/security/bulletin/MS07-008.mspx
|
|
@@ -7216,8 +7216,8 @@
|
|
|
7216
7216
|
7499 || WEB-ACTIVEX WM TV Out Smooth Picture Filter ActiveX CLSID unicode access || cve,2006-3638 || url,www.microsoft.com/technet/security/bulletin/MS06-042.mspx
|
|
7217
7217
|
7500 || WEB-ACTIVEX WM VIH2 Fix ActiveX CLSID access || cve,2006-3638 || url,www.microsoft.com/technet/security/bulletin/MS06-042.mspx
|
|
7218
7218
|
7501 || WEB-ACTIVEX WM VIH2 Fix ActiveX CLSID unicode access || cve,2006-3638 || url,www.microsoft.com/technet/security/bulletin/MS06-042.mspx
|
|
7219
|
-
7502 || WEB-ACTIVEX tsuserex.ADsTSUserEx.1 ActiveX
|
|
7220
|
-
7503 || WEB-ACTIVEX tsuserex.ADsTSUserEx.1 ActiveX
|
|
7219
|
+
7502 || WEB-ACTIVEX tsuserex.ADsTSUserEx.1 ActiveX clsid access || bugtraq,19570 || cve,2006-4219 || url,www.xsec.org/index.php?module=Releases&act=view&type=1&id=14
|
|
7220
|
+
7503 || WEB-ACTIVEX tsuserex.ADsTSUserEx.1 ActiveX clsid unicode access || bugtraq,19570 || cve,2006-4219 || url,www.xsec.org/index.php?module=Releases&act=view&type=1&id=14
|
|
7221
7221
|
7504 || SPYWARE-PUT Keylogger actualspy runtime detection - ftp-data || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453086496
|
|
7222
7222
|
7505 || SPYWARE-PUT Keylogger actualspy runtime detection - smtp || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453086496
|
|
7223
7223
|
7506 || SPYWARE-PUT Hacker-Tool coma runtime detection - init connection - flowbit set
|
|
@@ -7582,10 +7582,10 @@
|
|
|
7582
7582
|
7865 || WEB-ACTIVEX McSubMgr ActiveX CLSID unicode access || bugtraq,19265 || cve,2006-3961
|
|
7583
7583
|
7866 || WEB-ACTIVEX ADODB.Connection ActiveX clsid access || cve,2006-5559 || url,archives.neohapsis.com/archives/ntbugtraq/2004-q4/0083.html || url,www.microsoft.com/technet/security/bulletin/ms07-009.mspx
|
|
7584
7584
|
7867 || WEB-ACTIVEX ADODB.Connection ActiveX clsid unicode access || cve,2006-5559 || url,archives.neohapsis.com/archives/ntbugtraq/2004-q4/0083.html || url,www.microsoft.com/technet/security/bulletin/ms07-009.mspx
|
|
7585
|
-
7868 || WEB-ACTIVEX ADODB.Recordset ActiveX CLSID access
|
|
7586
|
-
7869 || WEB-ACTIVEX ADODB.Recordset ActiveX CLSID unicode access
|
|
7587
|
-
7870 || WEB-ACTIVEX Microsoft Office Data Source Control 9.0 ActiveX clsid access || cve,2007-1201 || url,www.microsoft.com/technet/prodtechnol/office/office2000/proddocs/opg/part4/ch18.mspx || url,www.microsoft.com/technet/security/Bulletin/MS08-017.mspx
|
|
7588
|
-
7871 || WEB-ACTIVEX Microsoft Office Data Source Control 9.0 ActiveX clsid unicode access || cve,2007-1201 || url,www.microsoft.com/technet/prodtechnol/office/office2000/proddocs/opg/part4/ch18.mspx || url,www.microsoft.com/technet/security/Bulletin/MS08-017.mspx
|
|
7585
|
+
7868 || WEB-ACTIVEX ADODB.Recordset ActiveX CLSID access || bugtraq,20704 || cve,2006-5559
|
|
7586
|
+
7869 || WEB-ACTIVEX ADODB.Recordset ActiveX CLSID unicode access || bugtraq,20704 || cve,2006-5559
|
|
7587
|
+
7870 || WEB-ACTIVEX Microsoft Office Data Source Control 9.0 ActiveX clsid access || bugtraq,28136 || cve,2007-1201 || url,www.microsoft.com/technet/prodtechnol/office/office2000/proddocs/opg/part4/ch18.mspx || url,www.microsoft.com/technet/security/Bulletin/MS08-017.mspx
|
|
7588
|
+
7871 || WEB-ACTIVEX Microsoft Office Data Source Control 9.0 ActiveX clsid unicode access || bugtraq,28136 || cve,2007-1201 || url,www.microsoft.com/technet/prodtechnol/office/office2000/proddocs/opg/part4/ch18.mspx || url,www.microsoft.com/technet/security/Bulletin/MS08-017.mspx
|
|
7589
7589
|
7872 || WEB-ACTIVEX Microsoft Office Spreadsheet 10.0 ActiveX clsid access || cve,2002-0727 || cve,2002-0861 || cve,2009-1136 || url,www.microsoft.com/technet/security/Bulletin/MS02-044.mspx || url,www.microsoft.com/technet/security/Bulletin/MS09-043.mspx
|
|
7590
7590
|
7873 || WEB-ACTIVEX Microsoft Office Spreadsheet 10.0 ActiveX clsid unicode access || cve,2002-0727 || cve,2002-0861 || cve,2009-1136 || url,www.microsoft.com/technet/security/Bulletin/MS02-044.mspx || url,www.microsoft.com/technet/security/Bulletin/MS09-043.mspx
|
|
7591
7591
|
7874 || WEB-ACTIVEX Microsoft Office PivotTable 10.0 ActiveX CLSID access || cve,2002-0727 || cve,2002-0861 || url,www.microsoft.com/technet/security/Bulletin/MS02-044.mspx
|
|
@@ -7699,7 +7699,7 @@
|
|
|
7699
7699
|
7982 || WEB-ACTIVEX Snapshot Viewer General Property Page Object ActiveX clsid unicode access || cve,2008-2463 || url,www.microsoft.com/TechNet/security/advisory/955179.mspx || url,www.microsoft.com/technet/security/bulletin/ms08-041.mspx
|
|
7700
7700
|
7983 || WEB-ACTIVEX SuperBuddy Class ActiveX CLSID access
|
|
7701
7701
|
7984 || WEB-ACTIVEX SuperBuddy Class ActiveX CLSID unicode access
|
|
7702
|
-
7985 || WEB-ACTIVEX WebViewFolderIcon.WebViewFolderIcon.1 ActiveX
|
|
7702
|
+
7985 || WEB-ACTIVEX WebViewFolderIcon.WebViewFolderIcon.1 ActiveX clsid access || bugtraq,19030 || cve,2006-3730 || url,browserfun.blogspot.com/2006/07/mobb-18-webviewfoldericon-setslice.html || url,www.microsoft.com/technet/security/bulletin/ms06-057.mspx
|
|
7703
7703
|
7986 || WEB-ACTIVEX WebViewFolderIcon.WebViewFolderIcon.1 ActiveX CLSID unicode access || bugtraq,19030 || cve,2006-3730 || url,browserfun.blogspot.com/2006/07/mobb-18-webviewfoldericon-setslice.html || url,www.microsoft.com/technet/security/bulletin/ms06-057.mspx
|
|
7704
7704
|
7987 || WEB-ACTIVEX WebViewFolderIcon.WebViewFolderIcon.2 ActiveX CLSID access
|
|
7705
7705
|
7988 || WEB-ACTIVEX WebViewFolderIcon.WebViewFolderIcon.2 ActiveX CLSID unicode access
|
|
@@ -7773,7 +7773,7 @@
|
|
|
7773
7773
|
8056 || DOS ISC DHCP server 2 client_id length denial of service attempt || cve,2006-3122 || url,www.debian.org/security/2006/dsa-1143
|
|
7774
7774
|
8057 || MYSQL Date_Format denial of service attempt || bugtraq,19032 || cve,2006-3469 || url,dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html
|
|
7775
7775
|
8058 || WEB-CLIENT Mozilla javascript navigator object access || bugtraq,19181 || cve,2006-3677 || url,www.mozilla.org/security/announce/2006/mfsa2006-45.html
|
|
7776
|
-
8059 || ORACLE SYS.KUPW-WORKER sql injection attempt || bugtraq,19054 || url,www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2006.html
|
|
7776
|
+
8059 || ORACLE SYS.KUPW-WORKER sql injection attempt || bugtraq,19054 || cve,2006-3698 || url,www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2006.html
|
|
7777
7777
|
8060 || EXPLOIT UltraVNC VNCLog buffer overflow || bugtraq,17378
|
|
7778
7778
|
8061 || DELETED WEB-CLIENT ADODB.Stream ActiveX CLSID access
|
|
7779
7779
|
8062 || WEB-ACTIVEX ADODB.Stream ActiveX CLSID unicode access || bugtraq,10514 || cve,2004-0549 || url,support.microsoft.com/default.aspx?scid=kb\;en-us\;KB870669 || url,www.microsoft.com/technet/security/bulletin/ms04-025.mspx
|
|
@@ -7805,7 +7805,7 @@
|
|
|
7805
7805
|
8088 || WEB-MISC HP Openview NNM connectedNodes.ovpl Unix command execution attempt || bugtraq,14662 || cve,2005-2773
|
|
7806
7806
|
8089 || WEB-MISC HP Openview NNM cdpView.ovpl Unix command execution attempt || bugtraq,14662 || cve,2005-2773
|
|
7807
7807
|
8090 || WEB-MISC HP Openview NNM freeIPaddrs.ovpl Unix command execution attempt || bugtraq,14662 || cve,2005-2773
|
|
7808
|
-
8091 || WEB-CLIENT RealPlayer
|
|
7808
|
+
8091 || WEB-CLIENT RealNetworks RealPlayer error message format string vulnerability attempt || bugtraq,14945 || cve,2005-2710
|
|
7809
7809
|
8093 || DELETED NETBIOS SMB webdav unicode alter context attempt
|
|
7810
7810
|
8094 || DELETED NETBIOS SMB webdav WriteAndX unicode alter context attempt
|
|
7811
7811
|
8095 || DELETED NETBIOS SMB webdav alter context attempt
|
|
@@ -8126,12 +8126,12 @@
|
|
|
8126
8126
|
8411 || WEB-ACTIVEX DocFind Command ActiveX CLSID access
|
|
8127
8127
|
8412 || WEB-ACTIVEX DocFind Command ActiveX CLSID unicode access
|
|
8128
8128
|
8413 || WEB-CLIENT HCP URI uplddrvinfo access || bugtraq,5478 || cve,2002-0974 || url,www.microsoft.com/technet/security/bulletin/ms02-060.mspx
|
|
8129
|
-
8414 || WEB-CLIENT GIF image
|
|
8129
|
+
8414 || WEB-CLIENT GIF image descriptor memory corruption attempt || bugtraq,18915 || bugtraq,22630 || cve,2006-0007 || cve,2007-1071 || url,www.microsoft.com/technet/security/bulletin/ms06-039.mspx
|
|
8130
8130
|
8415 || FTP SIZE overflow attempt || bugtraq,19617 || cve,2006-4318
|
|
8131
8131
|
8416 || WEB-CLIENT VML fill method overflow attempt || bugtraq,20096 || cve,2006-4868 || url,www.microsoft.com/technet/security/bulletin/ms06-055.mspx
|
|
8132
8132
|
8417 || WEB-ACTIVEX TriEditDocument.TriEditDocument ActiveX function call access || bugtraq,18946 || cve,2006-3591 || url,browserfun.blogspot.com/2006/07/mobb-12-trieditdocument-url.html || url,osvdb.org/27056
|
|
8133
8133
|
8418 || WEB-ACTIVEX DXImageTransform.Microsoft.RevealTrans ActiveX function call access || url,browserfun.blogspot.com/2006/07/mobb-13-revealtrans-transition.html || url,osvdb.org/27057
|
|
8134
|
-
8419 || WEB-ACTIVEX WebViewFolderIcon.WebViewFolderIcon.1 ActiveX function call
|
|
8134
|
+
8419 || WEB-ACTIVEX WebViewFolderIcon.WebViewFolderIcon.1 ActiveX function call || bugtraq,19030 || cve,2006-3730 || url,browserfun.blogspot.com/2006/07/mobb-18-webviewfoldericon-setslice.html || url,www.microsoft.com/technet/security/bulletin/ms06-057.mspx
|
|
8135
8135
|
8420 || WEB-ACTIVEX DXImageTransform.Microsoft.Gradient ActiveX function call access || url,browserfun.blogspot.com/2006/07/mobb-17-gradient-startcolorstr.html || url,osvdb.org/27109
|
|
8136
8136
|
8421 || WEB-ACTIVEX OWC11.DataSourceControl.11 ActiveX function call access || url,browserfun.blogspot.com/2006/07/mobb-19-datasourcecontrol.html || url,osvdb.org/27111
|
|
8137
8137
|
8422 || WEB-ACTIVEX Outlook View OVCtl ActiveX clsid access || bugtraq,3025 || bugtraq,3026 || cve,2001-0538 || url,browserfun.blogspot.com/2006/07/mobb-20-ovctl-newdefaultitem.html || url,osvdb.org/27112 || url,www.microsoft.com/technet/security/bulletin/MS01-038.mspx
|
|
@@ -8158,7 +8158,7 @@
|
|
|
8158
8158
|
8443 || WEB-CLIENT Mozilla regular expression heap corruption attempt || bugtraq,20042 || cve,2006-4566
|
|
8159
8159
|
8444 || WEB-MISC Trend Micro atxconsole format string server response attempt || bugtraq,20284 || cve,2006-5157
|
|
8160
8160
|
8445 || WEB-CLIENT RTF file with embedded object package download attempt || cve,2006-4692 || url,www.microsoft.com/technet/security/bulletin/ms06-065.mspx
|
|
8161
|
-
8446 || POLICY IPv6 encapsulated in IPv4 activity
|
|
8161
|
+
8446 || POLICY IPv6 encapsulated in IPv4 activity || bugtraq,29235 || cve,2008-2136
|
|
8162
8162
|
8447 || DELETED WEB-CLIENT Open document file transfer attempt
|
|
8163
8163
|
8448 || WEB-CLIENT Excel colinfo XF record overflow attempt || cve,2006-3875 || url,www.microsoft.com/technet/security/bulletin/ms06-059.mspx
|
|
8164
8164
|
8449 || NETBIOS SMB Rename invalid buffer type andx attempt || cve,2006-4696 || url,www.microsoft.com/technet/security/bulletin/MS06-063.mspx
|
|
@@ -8182,17 +8182,17 @@
|
|
|
8182
8182
|
8467 || SPYWARE-PUT Keylogger netobserve runtime detection - remote login response || url,www.spywareguide.com/product_show.php?id=354 || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453073490
|
|
8183
8183
|
8468 || SPYWARE-PUT Hijacker accoona runtime detection - collect info || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453096478
|
|
8184
8184
|
8469 || SPYWARE-PUT Hijacker accoona runtime detection - open sidebar search url || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453096478
|
|
8185
|
-
8470 || BACKDOOR superspy 2.0 beta runtime detection - get system info
|
|
8186
|
-
8471 || BACKDOOR superspy 2.0 beta runtime detection - get system info 2 || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453083726
|
|
8187
|
-
8472 || BACKDOOR superspy 2.0 beta runtime detection - screen capture 2
|
|
8188
|
-
8473 || BACKDOOR superspy 2.0 beta runtime detection - screen capture || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453083726
|
|
8189
|
-
8474 || BACKDOOR superspy 2.0 beta runtime detection - processes/active windows manage 2
|
|
8190
|
-
8475 || BACKDOOR superspy 2.0 beta runtime detection - processes/active windows manage || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453083726
|
|
8185
|
+
8470 || DELETED BACKDOOR superspy 2.0 beta runtime detection - get system info
|
|
8186
|
+
8471 || DELETED BACKDOOR superspy 2.0 beta runtime detection - get system info 2 || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453083726
|
|
8187
|
+
8472 || DELETED BACKDOOR superspy 2.0 beta runtime detection - screen capture 2
|
|
8188
|
+
8473 || DELETED BACKDOOR superspy 2.0 beta runtime detection - screen capture || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453083726
|
|
8189
|
+
8474 || DELETED BACKDOOR superspy 2.0 beta runtime detection - processes/active windows manage 2
|
|
8190
|
+
8475 || DELETED BACKDOOR superspy 2.0 beta runtime detection - processes/active windows manage || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453083726
|
|
8191
8191
|
8476 || DELETED BACKDOOR superspy 2.0 beta runtime detection - file management
|
|
8192
8192
|
8477 || DELETED BACKDOOR superspy 2.0 beta runtime detection - file management || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453083726
|
|
8193
8193
|
8478 || WEB-CLIENT Microsoft Publisher file download attempt || cve,2006-0001 || url,www.microsoft.com/technet/security/bulletin/ms06-054.mspx
|
|
8194
8194
|
8479 || FTP HELP overflow attempt || bugtraq,2972 || cve,2001-0826
|
|
8195
|
-
8480 || FTP PORT overflow attempt || bugtraq,18711 || cve,2006-2226
|
|
8195
|
+
8480 || FTP PORT overflow attempt || bugtraq,15998 || bugtraq,18711 || cve,2005-4459 || cve,2006-2226
|
|
8196
8196
|
8481 || FTP Microsoft NLST * dos attempt || bugtraq,2717 || cve,2001-0334 || url,www.microsoft.com/technet/security/bulletin/MS01-026.mspx
|
|
8197
8197
|
8482 || POLICY Xfire session initiated || url,www.fryx.ch/xfire/protocol.html
|
|
8198
8198
|
8483 || POLICY Xfire login attempted || url,www.fryx.ch/xfire/protocol.html
|
|
@@ -8253,7 +8253,7 @@
|
|
|
8253
8253
|
8538 || SQL xp_updatecolvbm unicode vulnerable function attempt || bugtraq,2039 || cve,2000-1084 || url,www.microsoft.com/technet/security/bulletin/ms00-092.mspx
|
|
8254
8254
|
8539 || SQL xp_updatecolvbm unicode vulnerable function attempt || bugtraq,2039 || cve,2000-1084 || url,www.microsoft.com/technet/security/bulletin/ms00-092.mspx
|
|
8255
8255
|
8540 || SQL xp_updatecolvbm vulnerable function attempt || bugtraq,2039 || cve,2000-1084 || url,www.microsoft.com/technet/security/bulletin/ms00-092.mspx
|
|
8256
|
-
8541 || ORACLE sdo_cs.transform_layer buffer overflow attempt || bugtraq,20588 || cve,2006-5372 || url,www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2006.html
|
|
8256
|
+
8541 || ORACLE sdo_cs.transform_layer buffer overflow attempt || bugtraq,20588 || cve,2006-5344 || cve,2006-5372 || url,www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2006.html
|
|
8257
8257
|
8542 || SPYWARE-PUT Trackware deluxecommunications runtime detection - collect info || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453099974
|
|
8258
8258
|
8543 || SPYWARE-PUT Trackware deluxecommunications runtime detection - display popup ads || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453099974
|
|
8259
8259
|
8544 || SPYWARE-PUT Keylogger nicespy runtime detection - smtp || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453097309
|
|
@@ -8443,9 +8443,9 @@
|
|
|
8443
8443
|
8728 || WEB-ACTIVEX XMLHTTP 4.0 ActiveX clsid unicode access || bugtraq,20915 || cve,2006-5745 || url,www.microsoft.com/technet/security/bulletin/ms06-071.mspx
|
|
8444
8444
|
8729 || EXPLOIT Shixxnote font buffer overflow attempt || bugtraq,11409 || cve,2004-1595
|
|
8445
8445
|
8730 || DOS record route rr denial of service attempt || bugtraq,870 || cve,1999-0986 || cve,1999-1339 || cve,2001-0752
|
|
8446
|
-
8731 || MISC IP option TS timestamp set
|
|
8447
|
-
8732 || MISC IP option SEC security set
|
|
8448
|
-
8733 || MISC IP option SATID stream_id set
|
|
8446
|
+
8731 || DELETED MISC IP option TS timestamp set
|
|
8447
|
+
8732 || DELETED MISC IP option SEC security set
|
|
8448
|
+
8733 || DELETED MISC IP option SATID stream_id set
|
|
8449
8449
|
8734 || WEB-PHP Pajax arbitrary command execution attempt || bugtraq,17519 || cve,2006-1551 || cve,2006-1789
|
|
8450
8450
|
8735 || WEB-ACTIVEX BOWebAgent.Webagent.1 ActiveX CLSID access
|
|
8451
8451
|
8736 || WEB-ACTIVEX BOWebAgent.Webagent.1 ActiveX CLSID unicode access
|
|
@@ -8841,9 +8841,9 @@
|
|
|
8841
8841
|
9126 || DELETED NETBIOS DCERPC DIRECT wkssvc NetrJoinDomain2 overflow attempt || cve,2006-4691 || nessus,11921 || url,www.microsoft.com/technet/security/Bulletin/MS06-070.mspx
|
|
8842
8842
|
9127 || DELETED NETBIOS DCERPC DIRECT wkssvc NetrJoinDomain2 little endian object call overflow attempt || cve,2006-4691 || nessus,11921 || url,www.microsoft.com/technet/security/Bulletin/MS06-070.mspx
|
|
8843
8843
|
9128 || DELETED NETBIOS DCERPC DIRECT wkssvc NetrJoinDomain2 object call overflow attempt || cve,2006-4691 || nessus,11921 || url,www.microsoft.com/technet/security/Bulletin/MS06-070.mspx
|
|
8844
|
-
9129 || WEB-ACTIVEX WinZip FileView 6.1 ActiveX
|
|
8845
|
-
9130 || WEB-ACTIVEX WinZip FileView 6.1 ActiveX
|
|
8846
|
-
9131 || WEB-ACTIVEX WinZip FileView 6.1 ActiveX function call access || bugtraq,21060 || cve,2006-5198 || url,www.winzip.com/wz7245.htm
|
|
8844
|
+
9129 || WEB-ACTIVEX WinZip FileView 6.1 ActiveX clsid access || bugtraq,21060 || bugtraq,21108 || cve,2006-3890 || cve,2006-5198 || url,www.winzip.com/wz7245.htm
|
|
8845
|
+
9130 || WEB-ACTIVEX WinZip FileView 6.1 ActiveX clsid unicode access || bugtraq,21060 || bugtraq,21108 || cve,2006-3890 || cve,2006-5198 || url,www.winzip.com/wz7245.htm
|
|
8846
|
+
9131 || WEB-ACTIVEX WinZip FileView 6.1 ActiveX function call access || bugtraq,21060 || bugtraq,21108 || cve,2006-3890 || cve,2006-5198 || url,www.winzip.com/wz7245.htm
|
|
8847
8847
|
9132 || NETBIOS DCERPC NCACN-IP-TCP netware_cs NwrOpenEnumNdsStubTrees_Any overflow attempt || cve,2006-4688 || cve,2006-4689 || url,www.microsoft.com/technet/security/bulletin/MS06-066.mspx
|
|
8848
8848
|
9133 || DELETED NETBIOS SMB-DS netware_cs NwrOpenEnumNdsStubTrees_Any unicode overflow attempt || cve,2006-4688 || cve,2006-4689 || url,www.microsoft.com/technet/security/bulletin/MS06-066.mspx
|
|
8849
8849
|
9134 || DELETED NETBIOS SMB-DS netware_cs NwrOpenEnumNdsStubTrees_Any unicode object call overflow attempt || cve,2006-4688 || cve,2006-4689 || url,www.microsoft.com/technet/security/bulletin/MS06-066.mspx
|
|
@@ -9338,14 +9338,14 @@
|
|
|
9338
9338
|
9623 || RPC UNIX authentication machinename string overflow attempt TCP || bugtraq,20941 || cve,2006-5780
|
|
9339
9339
|
9624 || RPC UNIX authentication machinename string overflow attempt UDP || bugtraq,20941 || cve,2006-5780
|
|
9340
9340
|
9625 || WEB-CLIENT Windows Media Player ASX file ref href buffer overflow attempt || bugtraq,21247 || cve,2006-6134 || url,www.microsoft.com/technet/security/bulletin/ms06-078.mspx
|
|
9341
|
-
9626 || WEB-ACTIVEX AcroPDF.PDF ActiveX clsid access || bugtraq,21155 || cve,2006-6027 || url,www.adobe.com/support/security/advisories/apsa06-02.html
|
|
9342
|
-
9627 || WEB-ACTIVEX AcroPDF.PDF ActiveX clsid unicode access || bugtraq,21155 || cve,2006-6027 || url,www.adobe.com/support/security/advisories/apsa06-02.html
|
|
9341
|
+
9626 || WEB-ACTIVEX AcroPDF.PDF ActiveX clsid access || bugtraq,21155 || cve,2005-0035 || cve,2006-6027 || cve,2006-6236 || url,www.adobe.com/support/security/advisories/apsa06-02.html
|
|
9342
|
+
9627 || WEB-ACTIVEX AcroPDF.PDF ActiveX clsid unicode access || bugtraq,21155 || cve,2005-0035 || cve,2006-6027 || cve,2006-6236 || url,www.adobe.com/support/security/advisories/apsa06-02.html
|
|
9343
9343
|
9628 || WEB-ACTIVEX javaprxy.dll ActiveX clsid unicode access || bugtraq,14087 || cve,2005-2087 || url,www.microsoft.com/technet/security/bulletin/ms05-037.mspx || url,www.osvdb.org/displayvuln.php?osvdb_id=17680
|
|
9344
|
-
9629 || WEB-ACTIVEX Citrix.ICAClient ActiveX clsid access || url,
|
|
9345
|
-
9630 || WEB-ACTIVEX Citrix.ICAClient ActiveX clsid unicode access || url,
|
|
9346
|
-
9631 || WEB-ACTIVEX Citrix.ICAClient ActiveX function call access
|
|
9344
|
+
9629 || WEB-ACTIVEX Citrix.ICAClient ActiveX clsid access || bugtraq,23246 || cve,2006-6334 || url,support.citrix.com/article/CTX111827
|
|
9345
|
+
9630 || WEB-ACTIVEX Citrix.ICAClient ActiveX clsid unicode access || bugtraq,23246 || cve,2006-6334 || url,support.citrix.com/article/CTX111827
|
|
9346
|
+
9631 || WEB-ACTIVEX Citrix.ICAClient ActiveX function call access || bugtraq,23246 || cve,2006-6334 || url,support.citrix.com/article/CTX111827
|
|
9347
9347
|
9632 || EXPLOIT Tivoli Storage Manager command request buffer overflow attempt || bugtraq,21440 || cve,2006-5855
|
|
9348
|
-
9633 || EXPLOIT Computer Associates Product Discovery Service type 9B remote buffer overflow attempt TCP || bugtraq,21502 || cve,2006-6379
|
|
9348
|
+
9633 || EXPLOIT Computer Associates Product Discovery Service type 9B remote buffer overflow attempt TCP || bugtraq,12536 || bugtraq,21502 || cve,2005-2535 || cve,2006-6379
|
|
9349
9349
|
9634 || EXPLOIT Computer Associates Product Discovery Service type 9C remote buffer overflow attempt TCP || bugtraq,21502 || cve,2006-6379
|
|
9350
9350
|
9635 || EXPLOIT Computer Associates Product Discovery Service type 9B remote buffer overflow attempt UDP || bugtraq,21502 || cve,2006-6379
|
|
9351
9351
|
9636 || EXPLOIT Computer Associates Product Discovery Service type 9C remote buffer overflow attempt UDP || bugtraq,21502 || cve,2006-6379
|
|
@@ -9532,7 +9532,7 @@
|
|
|
9532
9532
|
9817 || WEB-ACTIVEX CEnroll.CEnroll.2 ActiveX clsid access || url,browserfun.blogspot.com/2006/07/mobb-21-cenroll-stringtobinary.html || url,osvdb.org/27230
|
|
9533
9533
|
9818 || WEB-ACTIVEX CEnroll.CEnroll.2 ActiveX clsid unicode access || url,browserfun.blogspot.com/2006/07/mobb-21-cenroll-stringtobinary.html || url,osvdb.org/27230
|
|
9534
9534
|
9819 || WEB-ACTIVEX Outlook View OVCtl ActiveX clsid unicode access || bugtraq,3025 || bugtraq,3026 || cve,2001-0538 || url,browserfun.blogspot.com/2006/07/mobb-20-ovctl-newdefaultitem.html || url,osvdb.org/27112 || url,www.microsoft.com/technet/security/bulletin/MS01-038.mspx
|
|
9535
|
-
9820 || WEB-ACTIVEX
|
|
9535
|
+
9820 || WEB-ACTIVEX OWC11.DataSourceControl.11 ActiveX function call access || bugtraq,19069 || cve,2006-3729 || url,browserfun.blogspot.com/2006/07/mobb-19-datasourcecontrol.html || url,osvdb.org/27111
|
|
9536
9536
|
9821 || WEB-ACTIVEX TriEditDocument.TriEditDocument ActiveX clsid access || bugtraq,18946 || cve,2006-3591 || url,browserfun.blogspot.com/2006/07/mobb-12-trieditdocument-url.html || url,osvdb.org/27056
|
|
9537
9537
|
9822 || WEB-ACTIVEX TriEditDocument.TriEditDocument ActiveX clsid unicode access || bugtraq,18946 || cve,2006-3591 || url,browserfun.blogspot.com/2006/07/mobb-12-trieditdocument-url.html || url,osvdb.org/27056
|
|
9538
9538
|
9823 || WEB-CLIENT QuickTime RTSP URI overflow attempt || bugtraq,21829 || cve,2007-0015 || url,applefun.blogspot.com/2007/01/moab-01-01-2007-apple-quicktime-rtsp.html
|
|
@@ -9742,7 +9742,7 @@
|
|
|
9742
9742
|
10027 || DELETED NETBIOS DCERPC DIRECT brightstor-arc ClientDBMiniAgentClose little endian attempt || bugtraq,22010 || cve,2007-0168 || url,www.kb.cert.org/vuls/id/662400 || url,www.lssec.com/advisories/LS-20061002.pdf
|
|
9743
9743
|
10028 || DELETED NETBIOS DCERPC DIRECT brightstor-arc ClientDBMiniAgentClose object call attempt || bugtraq,22010 || cve,2007-0168 || url,www.kb.cert.org/vuls/id/662400 || url,www.lssec.com/advisories/LS-20061002.pdf
|
|
9744
9744
|
10029 || DELETED NETBIOS DCERPC DIRECT brightstor-arc ClientDBMiniAgentClose little endian object call attempt || bugtraq,22010 || cve,2007-0168 || url,www.kb.cert.org/vuls/id/662400 || url,www.lssec.com/advisories/LS-20061002.pdf
|
|
9745
|
-
10030 || NETBIOS DCERPC NCACN-IP-TCP brightstor QSIGetQueuePath_Function_45 attempt || bugtraq,20365 || cve,2006-5143
|
|
9745
|
+
10030 || NETBIOS DCERPC NCACN-IP-TCP brightstor QSIGetQueuePath_Function_45 overflow attempt || bugtraq,20365 || cve,2006-5143
|
|
9746
9746
|
10031 || DELETED NETBIOS DCERPC DIRECT brightstor QSIGetQueuePath_Function_45 little endian attempt || bugtraq,20365 || cve,2006-5143 || url,www.lssec.com/advisories/LS-20060330.pdf
|
|
9747
9747
|
10032 || DELETED NETBIOS DCERPC DIRECT brightstor QSIGetQueuePath_Function_45 attempt || bugtraq,20365 || cve,2006-5143 || url,www.lssec.com/advisories/LS-20060330.pdf
|
|
9748
9748
|
10033 || DELETED NETBIOS DCERPC DIRECT v4 brightstor QSIGetQueuePath_Function_45 little endian attempt || bugtraq,20365 || cve,2006-5143 || url,www.lssec.com/advisories/LS-20060330.pdf
|
|
@@ -9924,9 +9924,9 @@
|
|
|
9924
9924
|
10211 || DELETED NETBIOS DCERPC DIRECT v4 trend-serverprotect COMN_NetTestConnection little endian attempt || bugtraq,22639 || cve,2007-1070 || url,esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034290
|
|
9925
9925
|
10212 || DELETED NETBIOS DCERPC DIRECT trend-serverprotect COMN_NetTestConnection object call attempt || bugtraq,22639 || cve,2007-1070 || url,esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034290
|
|
9926
9926
|
10213 || DELETED NETBIOS DCERPC DIRECT trend-serverprotect COMN_NetTestConnection little endian object call attempt || bugtraq,22639 || cve,2007-1070 || url,esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034290
|
|
9927
|
-
10214 || WEB-ACTIVEX Shockwave ActiveX Control ActiveX clsid access || bugtraq,22842
|
|
9928
|
-
10215 || WEB-ACTIVEX Shockwave ActiveX Control ActiveX clsid unicode access || bugtraq,22842
|
|
9929
|
-
10216 || WEB-ACTIVEX Shockwave ActiveX Control ActiveX function call access || bugtraq,22842
|
|
9927
|
+
10214 || WEB-ACTIVEX Shockwave ActiveX Control ActiveX clsid access || bugtraq,22067 || bugtraq,22842 || cve,2006-6885
|
|
9928
|
+
10215 || WEB-ACTIVEX Shockwave ActiveX Control ActiveX clsid unicode access || bugtraq,22067 || bugtraq,22842 || cve,2006-6885
|
|
9929
|
+
10216 || WEB-ACTIVEX Shockwave ActiveX Control ActiveX function call access || bugtraq,22067 || bugtraq,22842 || cve,2006-6885
|
|
9930
9930
|
10217 || DELETED NETBIOS SMB svcctl alter context attempt || url,www.hsc.fr/ressources/articles/win_net_srv/msrpc_svcctl.html
|
|
9931
9931
|
10218 || DELETED NETBIOS SMB svcctl unicode alter context attempt || url,www.hsc.fr/ressources/articles/win_net_srv/msrpc_svcctl.html
|
|
9932
9932
|
10219 || DELETED NETBIOS SMB svcctl WriteAndX alter context attempt || url,www.hsc.fr/ressources/articles/win_net_srv/msrpc_svcctl.html
|
|
@@ -10194,7 +10194,7 @@
|
|
|
10194
10194
|
10483 || RPC portmap CA BrightStor ARCserve udp request || bugtraq,23209 || cve,2007-1785
|
|
10195
10195
|
10484 || RPC portmap CA BrightStor ARCserve tcp procedure 191 attempt || bugtraq,23209 || cve,2007-1785
|
|
10196
10196
|
10485 || RPC portmap CA BrightStor ARCserve udp procedure 191 attempt || bugtraq,23209 || cve,2007-1785
|
|
10197
|
-
10486 || NETBIOS DCERPC NCACN-IP-TCP brightstor-arc function 15,16,17 attempt || bugtraq,22994 || cve,2007-1447 || url,www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=101317
|
|
10197
|
+
10486 || NETBIOS DCERPC NCACN-IP-TCP brightstor-arc function 15,16,17 attempt || bugtraq,22994 || cve,2006-6076 || cve,2007-1447 || url,www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=101317
|
|
10198
10198
|
10487 || DELETED NETBIOS DCERPC DIRECT brightstor-arc function 15 attempt || bugtraq,22994 || cve,2007-1447 || url,www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=101317
|
|
10199
10199
|
10488 || DELETED NETBIOS DCERPC DIRECT v4 brightstor-arc function 15 little endian attempt || bugtraq,22994 || cve,2007-1447 || url,www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=101317
|
|
10200
10200
|
10489 || DELETED NETBIOS DCERPC DIRECT v4 brightstor-arc function 15 attempt || bugtraq,22994 || cve,2007-1447 || url,www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=101317
|
|
@@ -10712,7 +10712,7 @@
|
|
|
10712
10712
|
11001 || ORACLE dbms_snap_internal.delete_refresh_operations buffer overflow attempt || bugtraq,23532 || cve,2007-2126 || url,www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2007.html
|
|
10713
10713
|
11002 || ORACLE dbms_snap_internal.generate_refresh_operations buffer overflow attempt || bugtraq,23532 || cve,2007-2126 || url,www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2007.html
|
|
10714
10714
|
11003 || ORACLE dbms_snap_internal.generate_refresh_operations buffer overflow attempt || bugtraq,23532 || cve,2007-2126 || url,www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2007.html
|
|
10715
|
-
11004 || IMAP CRAM-MD5 authentication method buffer overflow || bugtraq,11675 || bugtraq,23172 || cve,2004-1520 || cve,2007-1675
|
|
10715
|
+
11004 || IMAP CRAM-MD5 authentication method buffer overflow || bugtraq,11675 || bugtraq,14317 || bugtraq,23172 || cve,2004-1520 || cve,2007-1675
|
|
10716
10716
|
11005 || DELETED NETBIOS SMB rpcss alter context attempt
|
|
10717
10717
|
11006 || DELETED NETBIOS SMB rpcss unicode alter context attempt
|
|
10718
10718
|
11007 || DELETED NETBIOS SMB rpcss WriteAndX alter context attempt
|
|
@@ -10889,10 +10889,10 @@
|
|
|
10889
10889
|
11178 || WEB-ACTIVEX PowerPoint Viewer ActiveX function call access || bugtraq,23733 || bugtraq,33238 || bugtraq,33243 || url,moaxb.blogspot.com/2007/05/moaxb-01-powerpointviewerocx-31.html
|
|
10890
10890
|
11179 || WEB-ACTIVEX PowerPoint Viewer ActiveX function call unicode access || bugtraq,23733 || bugtraq,33238 || bugtraq,33243 || url,moaxb.blogspot.com/2007/05/moaxb-01-powerpointviewerocx-31.html
|
|
10891
10891
|
11180 || WEB-CLIENT quicktime movie ftyp buffer underflow || bugtraq,23652 || cve,2007-2296
|
|
10892
|
-
11181 || WEB-ACTIVEX Excel Viewer ActiveX clsid access || bugtraq,23755 || bugtraq,33222 || url,moaxb.blogspot.com/2007/05/moaxb-02-excelviewerocx-v-31-multiple.html
|
|
10893
|
-
11182 || WEB-ACTIVEX Excel Viewer ActiveX clsid unicode access || bugtraq,23755 || bugtraq,33222 || url,moaxb.blogspot.com/2007/05/moaxb-02-excelviewerocx-v-31-multiple.html
|
|
10894
|
-
11183 || WEB-ACTIVEX Excel Viewer ActiveX function call access || bugtraq,23755 || bugtraq,33222 || url,moaxb.blogspot.com/2007/05/moaxb-02-excelviewerocx-v-31-multiple.html
|
|
10895
|
-
11184 || WEB-ACTIVEX Excel Viewer ActiveX function call unicode access || bugtraq,23755 || bugtraq,33222 || url,moaxb.blogspot.com/2007/05/moaxb-02-excelviewerocx-v-31-multiple.html
|
|
10892
|
+
11181 || WEB-ACTIVEX Excel Viewer ActiveX clsid access || bugtraq,23755 || bugtraq,33222 || bugtraq,33243 || url,moaxb.blogspot.com/2007/05/moaxb-02-excelviewerocx-v-31-multiple.html
|
|
10893
|
+
11182 || WEB-ACTIVEX Excel Viewer ActiveX clsid unicode access || bugtraq,23755 || bugtraq,33222 || bugtraq,33243 || url,moaxb.blogspot.com/2007/05/moaxb-02-excelviewerocx-v-31-multiple.html
|
|
10894
|
+
11183 || WEB-ACTIVEX Excel Viewer ActiveX function call access || bugtraq,23755 || bugtraq,33222 || bugtraq,33243 || url,moaxb.blogspot.com/2007/05/moaxb-02-excelviewerocx-v-31-multiple.html
|
|
10895
|
+
11184 || WEB-ACTIVEX Excel Viewer ActiveX function call unicode access || bugtraq,23755 || bugtraq,33222 || bugtraq,33243 || url,moaxb.blogspot.com/2007/05/moaxb-02-excelviewerocx-v-31-multiple.html
|
|
10896
10896
|
11185 || DOS CA eTrust key handling dos -- username || bugtraq,22743 || cve,2007-1005
|
|
10897
10897
|
11186 || DOS CA eTrust key handling dos -- password || bugtraq,22743 || cve,2007-1005
|
|
10898
10898
|
11187 || WEB-ACTIVEX Word Viewer ActiveX clsid access || bugtraq,23784 || bugtraq,33238 || bugtraq,33243 || url,moaxb.blogspot.com/2007/05/moaxb-03-wordviewerocx-32-multiple_03.html
|
|
@@ -11539,7 +11539,7 @@
|
|
|
11539
11539
|
11831 || WEB-ACTIVEX Microsoft Direct Speech Recognition ActiveX clsid unicode access || cve,2007-2222 || url,www.microsoft.com/technet/security/bulletin/ms07-034.mspx
|
|
11540
11540
|
11832 || WEB-ACTIVEX Microsoft Direct Speech Recognition ActiveX function call access || cve,2007-2222 || url,www.microsoft.com/technet/security/bulletin/ms07-034.mspx
|
|
11541
11541
|
11833 || WEB-ACTIVEX Microsoft Direct Speech Recognition ActiveX function call unicode access || cve,2007-2222 || url,www.microsoft.com/technet/security/bulletin/ms07-034.mspx
|
|
11542
|
-
11834 || WEB-MISC Internet Explorer navcancl.htm url spoofing attempt || bugtraq,22966 || cve,2007-1499 || url,www.microsoft.com/technet/security/bulletin/MS07-033.mspx
|
|
11542
|
+
11834 || WEB-MISC Internet Explorer navcancl.htm url spoofing attempt || bugtraq,22966 || cve,2007-1499 || cve,2007-1752 || url,www.microsoft.com/technet/security/bulletin/MS07-033.mspx
|
|
11543
11543
|
11835 || POLICY Visio file download || url,office.microsoft.com/en-us/visio/default.aspx
|
|
11544
11544
|
11836 || MISC Visio version number anomaly || cve,2007-0934 || url,www.microsoft.com/technet/security/bulletin/MS07-030.mspx
|
|
11545
11545
|
11837 || SMTP MS Windows Mail UNC navigation remote command execution || cve,2007-1658 || url,www.microsoft.com/technet/security/bulletin/MS07-034.mspx
|
|
@@ -11959,7 +11959,7 @@
|
|
|
11959
11959
|
12253 || WEB-ACTIVEX Symantec NavComUI AxSysListView32OAA ActiveX function call unicode access || bugtraq,24983 || cve,2007-2955 || url,www.symantec.com/avcenter/security/Content/2007.08.09.html
|
|
11960
11960
|
12254 || DELETED EXPLOIT CA message queuing erroneous length field || bugtraq,25051 || cve,2007-0060
|
|
11961
11961
|
12255 || WEB-CGI CSGuestbook setup attempt || bugtraq,4448 || cve,2002-1750
|
|
11962
|
-
12256 || WEB-CLIENT Excel malformed FBI record || cve,2007-1203 || url,www.microsoft.com/technet/security/bulletin/ms07-023.mspx
|
|
11962
|
+
12256 || WEB-CLIENT Excel malformed FBI record || bugtraq,23826 || cve,2007-1203 || cve,2007-1747 || url,www.microsoft.com/technet/security/bulletin/ms07-023.mspx
|
|
11963
11963
|
12257 || WEB-ACTIVEX Microsoft DirectX Media SDK ActiveX clsid access || bugtraq,25279 || cve,2007-4336
|
|
11964
11964
|
12258 || WEB-ACTIVEX Microsoft DirectX Media SDK ActiveX clsid unicode access || bugtraq,25279 || cve,2007-4336
|
|
11965
11965
|
12259 || WEB-ACTIVEX Microsoft DirectX Media SDK ActiveX function call access || bugtraq,25279 || cve,2007-4336
|
|
@@ -11981,7 +11981,7 @@
|
|
|
11981
11981
|
12275 || WEB-ACTIVEX Microsoft Visual Basic 6 TypeLibInfo ActiveX function call access || cve,2007-2216 || url,www.microsoft.com/technet/security/bulletin/ms07-045.mspx
|
|
11982
11982
|
12276 || WEB-ACTIVEX Microsoft Visual Basic 6 TypeLibInfo ActiveX function call unicode access || cve,2007-2216 || url,www.microsoft.com/technet/security/bulletin/ms07-045.mspx
|
|
11983
11983
|
12277 || EXPLOIT Microsoft IE CSS memory corruption exploit || cve,2007-0943 || url,www.microsoft.com/technet/security/bulletin/ms07-045.mspx
|
|
11984
|
-
12278 || POLICY Microsoft Media Player compressed skin download || url,www.microsoft.com/technet/security/Bulletin/MS07-047.mspx
|
|
11984
|
+
12278 || POLICY Microsoft Media Player compressed skin download - .wmz || bugtraq,25305 || cve,2007-3037 || url,www.microsoft.com/technet/security/Bulletin/MS07-047.mspx
|
|
11985
11985
|
12279 || WEB-CLIENT Microsoft XML substringData integer overflow attempt || cve,2007-2223 || cve,2007-2224 || cve,2008-1442 || url,www.microsoft.com/technet/security/Bulletin/MS07-042.mspx || url,www.microsoft.com/technet/security/Bulletin/MS07-043.mspx || url,www.microsoft.com/technet/security/Bulletin/MS08-031.mspx
|
|
11986
11986
|
12280 || WEB-CLIENT VML source file memory corruption || bugtraq,25310 || cve,2007-1749 || url,www.microsoft.com/technet/security/Bulletin/MS07-050.mspx
|
|
11987
11987
|
12281 || WEB-CLIENT VML source file memory corruption || bugtraq,25310 || cve,2007-1749 || url,www.microsoft.com/technet/security/Bulletin/MS07-050.mspx
|
|
@@ -12486,9 +12486,9 @@
|
|
|
12486
12486
|
12783 || WEB-ACTIVEX Aurigma Image Uploader 4 Vulnerable Methods ActiveX function call unicode access || bugtraq,26537 || bugtraq,27577 || url,blogs.aurigma.com/post/2007/11/Security-issue-in-Image-Uploader.aspx || url,www.microsoft.com/technet/security/advisory/953839.mspx
|
|
12487
12487
|
12784 || EXPLOIT CA ARCserve Backup for Laptops rsxGetBackupLog second argument overflow || bugtraq,24348 || cve,2007-3216
|
|
12488
12488
|
12785 || EXPLOIT CA ARCserve Backup for Laptops rsxGetBackupComplete overflow attemp || bugtraq,24348 || cve,2007-3216
|
|
12489
|
-
12786 || EXPLOIT CA ARCserve Backup for Laptops
|
|
12490
|
-
12787 || EXPLOIT CA ARCserve Backup for Laptops
|
|
12491
|
-
12788 || EXPLOIT CA ARCserve Backup for Laptops
|
|
12489
|
+
12786 || EXPLOIT CA ARCserve Backup for Laptops rxsSetDataGrowthScheduleAndFilter overflow attempt || bugtraq,24348 || cve,2007-3216
|
|
12490
|
+
12787 || EXPLOIT CA ARCserve Backup for Laptops rxsSetDefaultConfigName overflow attempt || bugtraq,24348 || cve,2007-3216
|
|
12491
|
+
12788 || EXPLOIT CA ARCserve Backup for Laptops rxsSetDefaultConfigName overflow attempt || bugtraq,24348 || cve,2007-3216
|
|
12492
12492
|
12789 || SPYWARE-PUT Adware sunshine spy 1.0 runtime detection - check update || url,research.sunbelt-software.com/threatdisplay.aspx?name=Sunshine%20Spy&threatid=171191
|
|
12493
12493
|
12790 || SPYWARE-PUT Trackware partypoker runtime detection || url,research.sunbelt-software.com/threatdisplay.aspx?name=PartyPoker&threatid=44086
|
|
12494
12494
|
12791 || SPYWARE-PUT Adware gophoria toolbar runtime detection || url,spywaresignatures.com/details.php?spyware=gophoria || url,www.360zd.com/spyware/518.html || url,www.spywareguide.com/spydet_3093_gophoria_toolbar.html
|
|
@@ -12507,7 +12507,7 @@
|
|
|
12507
12507
|
12804 || WEB-ACTIVEX VideoLAN VLC ActiveX clsid unicode access || bugtraq,26675 || cve,2007-6262 || url,www.videolan.org/sa0703.html
|
|
12508
12508
|
12805 || WEB-ACTIVEX VideoLAN VLC ActiveX function call access || bugtraq,26675 || cve,2007-6262 || url,www.videolan.org/sa0703.html
|
|
12509
12509
|
12806 || WEB-ACTIVEX VideoLAN VLC ActiveX function call unicode access || bugtraq,26675 || cve,2007-6262 || url,www.videolan.org/sa0703.html
|
|
12510
|
-
12807 || SMTP Lotus 123 file attachment || bugtraq,26200 || cve,2007-4222 || url,www-1.ibm.com/support/docview.wss?uid=swg21285600 || url,www.coresecurity.com/index.php5?action=item&id=2008
|
|
12510
|
+
12807 || SMTP Lotus 123 file attachment || bugtraq,26200 || bugtraq,27835 || cve,2007-4222 || cve,2007-6593 || url,www-1.ibm.com/support/docview.wss?uid=swg21285600 || url,www.coresecurity.com/index.php5?action=item&id=2008
|
|
12511
12511
|
12808 || NETBIOS DCERPC NCACN-IP-TCP spoolss OpenPrinter overflow attempt || bugtraq,21220 || cve,2006-5854
|
|
12512
12512
|
12809 || DELETED NETBIOS SMB spoolss OpenPrinter WriteAndX andx overflow attempt || bugtraq,21220 || cve,2006-5854
|
|
12513
12513
|
12810 || DELETED NETBIOS SMB spoolss OpenPrinter WriteAndX little endian andx object call overflow attempt || bugtraq,21220 || cve,2006-5854
|
|
@@ -12862,7 +12862,7 @@
|
|
|
12862
12862
|
13159 || WEB_CLIENT Microsoft Media Player asf streaming format audio error masking integer overflow attempt || cve,2007-0064 || url,www.microsoft.com/technet/security/Bulletin/MS07-068.mspx
|
|
12863
12863
|
13160 || WEB-CLIENT Microsft Media Player asf streaming audio spread error correction data length integer overflow attempt || cve,2007-0064 || url,www.microsoft.com/technet/security/Bulletin/MS07-068.mspx
|
|
12864
12864
|
13161 || EXPLOIT HP OpenView CGI parameter buffer overflow attempt || bugtraq,26741 || cve,2007-6204 || cve,2008-0067
|
|
12865
|
-
13162 || NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters overflow attempt || bugtraq,21220 || cve,2006-5854
|
|
12865
|
+
13162 || NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters overflow attempt || bugtraq,21220 || cve,2006-5854 || cve,2006-6114
|
|
12866
12866
|
13163 || DELETED NETBIOS SMB v4 spoolss EnumPrinters little endian overflow attempt || bugtraq,21220 || cve,2006-5854
|
|
12867
12867
|
13164 || DELETED NETBIOS SMB v4 spoolss EnumPrinters WriteAndX overflow attempt || bugtraq,21220 || cve,2006-5854
|
|
12868
12868
|
13165 || DELETED NETBIOS SMB v4 spoolss EnumPrinters WriteAndX little endian overflow attempt || bugtraq,21220 || cve,2006-5854
|
|
@@ -12969,10 +12969,10 @@
|
|
|
12969
12969
|
13266 || WEB-ACTIVEX SkyFex Client ActiveX clsid access || bugtraq,27059
|
|
12970
12970
|
13267 || WEB-ACTIVEX SkyFex Client ActiveX clsid unicode access || bugtraq,27059
|
|
12971
12971
|
13268 || RPC MIT Kerberos kadmind rpc library uninitialized pointer arbitrary code execution attempt || bugtraq,24655 || cve,2007-2442 || url,web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt
|
|
12972
|
-
13269 ||
|
|
12973
|
-
13270 ||
|
|
12974
|
-
13271 ||
|
|
12975
|
-
13272 ||
|
|
12972
|
+
13269 || EXPLOIT Multiple product nntp uri handling code execution attempt || bugtraq,25053 || bugtraq,25945 || cve,2007-3845 || cve,2007-3896 || cve,2007-4041 || url,www.microsoft.com/technet/security/advisory/943521.mspx || url,www.microsoft.com/technet/security/bulletin/ms07-057.mspx
|
|
12973
|
+
13270 || EXPLOIT Multiple product news uri handling code execution attempt || bugtraq,25053 || bugtraq,25945 || cve,2007-3845 || cve,2007-3896 || cve,2007-4041 || url,www.microsoft.com/technet/security/advisory/943521.mspx || url,www.microsoft.com/technet/security/bulletin/ms07-057.mspx
|
|
12974
|
+
13271 || EXPLOIT Multiple product telnet uri handling code execution attempt || bugtraq,25053 || bugtraq,25945 || cve,2007-3845 || cve,2007-3896 || cve,2007-4041 || url,www.microsoft.com/technet/security/advisory/943521.mspx || url,www.microsoft.com/technet/security/bulletin/ms07-057.mspx
|
|
12975
|
+
13272 || EXPLOIT Multiple product mailto uri handling code execution attempt || bugtraq,25053 || bugtraq,25945 || cve,2007-3845 || cve,2007-3896 || cve,2007-4041 || url,www.microsoft.com/technet/security/advisory/943521.mspx || url,www.microsoft.com/technet/security/bulletin/ms07-057.mspx
|
|
12976
12976
|
13273 || WEB-ACTIVEX DivX Web Player ActiveX clsid access || bugtraq,27106
|
|
12977
12977
|
13274 || WEB-ACTIVEX DivX Web Player ActiveX clsid unicode access || bugtraq,27106
|
|
12978
12978
|
13275 || WEB-ACTIVEX DivX Web Player ActiveX function call access || bugtraq,27106
|
|
@@ -13012,11 +13012,11 @@
|
|
|
13012
13012
|
13313 || WEB-ACTIVEX StreamAudio ProxyManager ActiveX clsid unicode access || bugtraq,27247 || cve,2008-0248
|
|
13013
13013
|
13314 || WEB-ACTIVEX StreamAudio ProxyManager ActiveX function call access || bugtraq,27247 || cve,2008-0248
|
|
13014
13014
|
13315 || WEB-ACTIVEX StreamAudio ProxyManager ActiveX function call unicode access || bugtraq,27247 || cve,2008-0248
|
|
13015
|
-
13316 || WEB-CLIENT 3ivx MP4 file parsing ART buffer overflow attempt || bugtraq,26773 || cve,2007-6401
|
|
13016
|
-
13317 || WEB-CLIENT 3ivx MP4 file parsing nam buffer overflow attempt || bugtraq,26773 || cve,2007-6401
|
|
13017
|
-
13318 || WEB-CLIENT 3ivx MP4 file parsing cmt buffer overflow attempt || bugtraq,26773 || cve,2007-6401
|
|
13018
|
-
13319 || WEB-CLIENT 3ivx MP4 file parsing des buffer overflow attempt || bugtraq,26773 || cve,2007-6401
|
|
13019
|
-
13320 || WEB-CLIENT 3ivx MP4 file parsing cpy buffer overflow attempt || bugtraq,26773 || cve,2007-6401
|
|
13015
|
+
13316 || WEB-CLIENT 3ivx MP4 file parsing ART buffer overflow attempt || bugtraq,19976 || bugtraq,26773 || cve,2006-4386 || cve,2007-6401
|
|
13016
|
+
13317 || WEB-CLIENT 3ivx MP4 file parsing nam buffer overflow attempt || bugtraq,19976 || bugtraq,26773 || cve,2006-4386 || cve,2007-6401
|
|
13017
|
+
13318 || WEB-CLIENT 3ivx MP4 file parsing cmt buffer overflow attempt || bugtraq,19976 || bugtraq,26773 || cve,2006-4386 || cve,2007-6401
|
|
13018
|
+
13319 || WEB-CLIENT 3ivx MP4 file parsing des buffer overflow attempt || bugtraq,19976 || bugtraq,26773 || cve,2006-4386 || cve,2007-6401
|
|
13019
|
+
13320 || WEB-CLIENT 3ivx MP4 file parsing cpy buffer overflow attempt || bugtraq,19976 || bugtraq,26773 || cve,2006-4386 || cve,2007-6401
|
|
13020
13020
|
13321 || WEB-ACTIVEX Microsoft Package and Deployment Wizard ActiveX clsid access || bugtraq,25295 || cve,2007-3041 || url,www.microsoft.com/technet/security/bulletin/MS07-045.mspx
|
|
13021
13021
|
13322 || WEB-ACTIVEX Microsoft Package and Deployment Wizard ActiveX clsid unicode access || bugtraq,25295 || cve,2007-3041 || url,www.microsoft.com/technet/security/bulletin/MS07-045.mspx
|
|
13022
13022
|
13323 || WEB-ACTIVEX Microsoft Package and Deployment Wizard ActiveX function call access || bugtraq,25295 || cve,2007-3041 || url,www.microsoft.com/technet/security/bulletin/MS07-045.mspx
|
|
@@ -13143,6 +13143,7 @@
|
|
|
13143
13143
|
13465 || WEB-CLIENT Microsoft Works file download request
|
|
13144
13144
|
13467 || WEB-ACTIVEX Office 2000 and 2002 Web Components Spreadsheet ActiveX clsid unicode access || bugtraq,4453 || cve,2002-0860 || cve,2006-4695 || url,www.microsoft.com/technet/security/bulletin/MS02-044.mspx
|
|
13145
13145
|
13468 || WEB-ACTIVEX Office 2000 and 2002 Web Components Data Source Control ActiveX clsid unicode access || bugtraq,4449 || cve,2002-0727 || cve,2007-1201 || url,www.microsoft.com/technet/security/Bulletin/MS08-017.mspx || url,www.microsoft.com/technet/security/bulletin/MS02-044.mspx
|
|
13146
|
+
13472 || EXPLOIT Microsoft Works invalid chunk size || cve,2008-0108 || url,www.microsoft.com/technet/security/bulletin/MS08-011.mspx
|
|
13146
13147
|
13473 || WEB-MISC Microsoft Publisher file download
|
|
13147
13148
|
13477 || SPECIFIC-THREATS Adobe PDF collab.collectEmailInfo exploit attempt - compressed || bugtraq,27641 || cve,2008-0655
|
|
13148
13149
|
13478 || SPECIFIC-THREATS Adobe PDF collab.collectEmailInfo exploit attempt || bugtraq,27641 || cve,2008-0655
|
|
@@ -13188,10 +13189,10 @@
|
|
|
13188
13189
|
13520 || EXPLOIT Winamp Ultravox streaming malicious metadata || cve,2008-0065
|
|
13189
13190
|
13521 || EXPLOIT Winamp Ultravox streaming malicious metadata || cve,2008-0065
|
|
13190
13191
|
13522 || EXPLOIT Firebird Database Server username handling buffer overflow || bugtraq,27467 || cve,2008-0467
|
|
13191
|
-
13523 || WEB-ACTIVEX Novell iPrint ActiveX clsid access || bugtraq,29736 || bugtraq,30813 || bugtraq,30986 || cve,2008-2431 || cve,2008-2432 || cve,2008-2908 || url,secunia.com/advisories/40782 || url,support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5028061.html
|
|
13192
|
-
13524 || WEB-ACTIVEX Novell iPrint ActiveX clsid unicode access || bugtraq,29736 || bugtraq,30813 || bugtraq,30986 || cve,2008-2431 || cve,2008-2432 || cve,2008-2908 || url,secunia.com/advisories/40782 || url,support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5028061.html
|
|
13193
|
-
13525 || WEB-ACTIVEX Novell iPrint ActiveX function call access || bugtraq,29736 || bugtraq,30813 || bugtraq,30986 || cve,2008-2431 || cve,2008-2432 || cve,2008-2908 || url,secunia.com/advisories/40782 || url,support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5028061.html
|
|
13194
|
-
13526 || WEB-ACTIVEX Novell iPrint ActiveX function call unicode access || bugtraq,29736 || bugtraq,30813 || bugtraq,30986 || cve,2008-2431 || cve,2008-2432 || cve,2008-2908 || url,secunia.com/advisories/40782 || url,support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5028061.html
|
|
13192
|
+
13523 || WEB-ACTIVEX Novell iPrint ActiveX clsid access || bugtraq,27939 || bugtraq,29736 || bugtraq,30813 || bugtraq,30986 || bugtraq,31370 || cve,2008-0935 || cve,2008-2431 || cve,2008-2432 || cve,2008-2436 || cve,2008-2908 || url,secunia.com/advisories/40782 || url,support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5028061.html
|
|
13193
|
+
13524 || WEB-ACTIVEX Novell iPrint ActiveX clsid unicode access || bugtraq,27939 || bugtraq,29736 || bugtraq,30813 || bugtraq,30986 || bugtraq,31370 || cve,2008-0935 || cve,2008-2431 || cve,2008-2432 || cve,2008-2436 || cve,2008-2908 || url,secunia.com/advisories/40782 || url,support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5028061.html
|
|
13194
|
+
13525 || WEB-ACTIVEX Novell iPrint ActiveX function call access || bugtraq,27939 || bugtraq,29736 || bugtraq,30813 || bugtraq,30986 || bugtraq,31370 || cve,2008-0935 || cve,2008-2431 || cve,2008-2432 || cve,2008-2436 || cve,2008-2908 || url,secunia.com/advisories/40782 || url,support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5028061.html
|
|
13195
|
+
13526 || WEB-ACTIVEX Novell iPrint ActiveX function call unicode access || bugtraq,27939 || bugtraq,29736 || bugtraq,30813 || bugtraq,30986 || bugtraq,31370 || cve,2008-0935 || cve,2008-2431 || cve,2008-2432 || cve,2008-2436 || cve,2008-2908 || url,secunia.com/advisories/40782 || url,support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5028061.html
|
|
13195
13196
|
13527 || WEB-ACTIVEX D-Link MPEG4 SHM Audio Control ActiveX clsid access || bugtraq,28010
|
|
13196
13197
|
13528 || WEB-ACTIVEX D-Link MPEG4 SHM Audio Control ActiveX clsid unicode access || bugtraq,28010
|
|
13197
13198
|
13529 || WEB-ACTIVEX D-Link MPEG4 SHM Audio Control ActiveX function call access || bugtraq,28010
|
|
@@ -13218,9 +13219,9 @@
|
|
|
13218
13219
|
13550 || WEB-ACTIVEX Sony ImageStation ActiveX function call unicode access || bugtraq,27715 || cve,2008-0748
|
|
13219
13220
|
13551 || ORACLE Oracle XDB.XDB_PITRIG_PKG sql injection attempt || bugtraq,27229 || cve,2008-0339 || url,www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2008.html
|
|
13220
13221
|
13552 || EXPLOIT Symantec VERITAS Storage Foundation Suite buffer overflow attempt || bugtraq,25778 || cve,2008-0638 || url,www.symantec.com/avcenter/security/Content/2008.02.20a.html
|
|
13221
|
-
13553 || EXPLOIT Sybase SQL Anywhere Mobilink username string buffer overflow || bugtraq,27914 || url,aluigi.altervista.org/adv/mobilinkhof-adv.txt
|
|
13222
|
-
13554 || EXPLOIT Sybase SQL Anywhere Mobilink version string buffer overflow || bugtraq,27914 || url,aluigi.altervista.org/adv/mobilinkhof-adv.txt
|
|
13223
|
-
13555 || EXPLOIT Sybase SQL Anywhere Mobilink remoteID string buffer overflow || bugtraq,27914 || url,aluigi.altervista.org/adv/mobilinkhof-adv.txt
|
|
13222
|
+
13553 || EXPLOIT Sybase SQL Anywhere Mobilink username string buffer overflow || bugtraq,27914 || cve,2008-0912 || url,aluigi.altervista.org/adv/mobilinkhof-adv.txt
|
|
13223
|
+
13554 || EXPLOIT Sybase SQL Anywhere Mobilink version string buffer overflow || bugtraq,27914 || cve,2008-0912 || url,aluigi.altervista.org/adv/mobilinkhof-adv.txt
|
|
13224
|
+
13555 || EXPLOIT Sybase SQL Anywhere Mobilink remoteID string buffer overflow || bugtraq,27914 || cve,2008-0912 || url,aluigi.altervista.org/adv/mobilinkhof-adv.txt
|
|
13224
13225
|
13556 || SPYWARE-PUT Hijacker kword interkey runtime detection - search traffic 1 || url,research.sunbelt-software.com/threatdisplay.aspx?name=Kword.InterKey&threatid=46477 || url,www.noadware.net/research/index2.php?item_id=2656&item_name=Kword.InterKey
|
|
13225
13226
|
13557 || SPYWARE-PUT Hijacker kword interkey runtime detection - search traffic 2 || url,research.sunbelt-software.com/threatdisplay.aspx?name=Kword.InterKey&threatid=46477 || url,www.noadware.net/research/index2.php?item_id=2656&item_name=Kword.InterKey
|
|
13226
13227
|
13558 || SPYWARE-PUT Hijacker kword interkey runtime detection - log user info || url,research.sunbelt-software.com/threatdisplay.aspx?name=Kword.InterKey&threatid=46477 || url,www.noadware.net/research/index2.php?item_id=2656&item_name=Kword.InterKey
|
|
@@ -13277,8 +13278,8 @@
|
|
|
13277
13278
|
13623 || WEB-ACTIVEX CA BrightStor ListCtrl ActiveX function call access || bugtraq,28268 || cve,2008-1472
|
|
13278
13279
|
13624 || WEB-ACTIVEX CA BrightStor ListCtrl ActiveX function call unicode access || bugtraq,28268 || cve,2008-1472
|
|
13279
13280
|
13625 || BACKDOOR MBR rootkit HTTP POST activity detected || url,www.sophos.com/security/blog/2008/01/987.html
|
|
13280
|
-
13627 || WEB-CLIENT Microsoft Access file download request || url,support.microsoft.com/kb/925330
|
|
13281
|
-
13628 || WEB-CLIENT Microsoft Access file download request || url,support.microsoft.com/kb/925330
|
|
13281
|
+
13627 || DELETED WEB-CLIENT Microsoft Access file download request || url,support.microsoft.com/kb/925330
|
|
13282
|
+
13628 || DELETED WEB-CLIENT Microsoft Access file download request || url,support.microsoft.com/kb/925330
|
|
13282
13283
|
13631 || MISC McAfee ePolicy Orchestrator Framework Services log handling format string attempt || bugtraq,28228 || cve,2008-1357 || url,knowledge.mcafee.com/article/234/615103_f.sal_public.html
|
|
13283
13284
|
13632 || WEB-CLIENT Zango adware installation request || url,www.ftc.gov/os/caselist/0523130/index.shtm
|
|
13284
13285
|
13635 || SPYWARE-PUT Trickler downloader trojan.gen runtime detection - get malicious link || url,ca.com/us/securityadvisor/pest/pest.aspx?id=453120536 || url,www.prevx.com/filenames/X1895686732762432147-0/LAF4.EXE.html
|
|
@@ -13501,8 +13502,8 @@
|
|
|
13501
13502
|
13910 || DELETED WEB-ACTIVEX Microsoft Access Snapshot Viewer 2 ActiveX function call unicode access || cve,2008-2463 || url,www.microsoft.com/TechNet/security/advisory/955179.mspx || url,www.microsoft.com/technet/security/bulletin/ms08-041.mspx
|
|
13502
13503
|
13911 || WEB-CLIENT Microsoft search file download attempt
|
|
13503
13504
|
13912 || SPECIFIC-THREATS isComponentInstalled Metasploit attack attempt || bugtraq,16870
|
|
13504
|
-
13913 || WEB-ACTIVEX AcroPDF.PDF ActiveX function call access || bugtraq,21155 || cve,2006-6027 || url,www.adobe.com/support/security/advisories/apsa06-02.html
|
|
13505
|
-
13914 || WEB-ACTIVEX AcroPDF.PDF ActiveX function call unicode access || bugtraq,21155 || cve,2006-6027 || url,www.adobe.com/support/security/advisories/apsa06-02.html
|
|
13505
|
+
13913 || WEB-ACTIVEX AcroPDF.PDF ActiveX function call access || bugtraq,21155 || cve,2005-0035 || cve,2006-6027 || cve,2006-6236 || url,www.adobe.com/support/security/advisories/apsa06-02.html
|
|
13506
|
+
13914 || WEB-ACTIVEX AcroPDF.PDF ActiveX function call unicode access || bugtraq,21155 || cve,2005-0035 || cve,2006-6027 || cve,2006-6236 || url,www.adobe.com/support/security/advisories/apsa06-02.html
|
|
13506
13507
|
13915 || WEB-MISC backup file download attempt
|
|
13507
13508
|
13916 || EXPLOIT Alt-N SecurityGateway username buffer overflow attempt || cve,2008-4193 || url,secunia.com/advisories/30497/
|
|
13508
13509
|
13917 || WEB-CLIENT Apple QuickTime MOV file string handling integer overflow attempt || bugtraq,15306 || cve,2005-2753
|
|
@@ -13514,7 +13515,7 @@
|
|
|
13514
13515
|
13925 || FTP Computer Associates eTrust Secure Content Manager PASV stack overflow attempt || cve,2008-2541
|
|
13515
13516
|
13926 || EXPLOIT Novell Groupwise HTTP response message parsing overflow || cve,2008-2703
|
|
13516
13517
|
13927 || TFTP Server log generation buffer overflow attempt || cve,2008-2161
|
|
13517
|
-
13928 ||
|
|
13518
|
+
13928 || SPECIFIC-THREATS Adobe RoboHelp r0 SQL injection attempt || cve,2008-2991
|
|
13518
13519
|
13929 || WEB-MISC Adobe RoboHelp rx SQL injection attempt || cve,2008-2991
|
|
13519
13520
|
13930 || SPYWARE-PUT Trickler pc privacy cleaner runtime detection - order/register request || url,malware-remover.com/pcprivacycleaner-removal-tool-pc-privacy-cleaner/ || url,www.xp-vista.com/spyware-removal/pcprivacycleaner-pc-privacy-cleaner-removal-instructions
|
|
13520
13521
|
13931 || SPYWARE-PUT Trickler pc privacy cleaner runtime detection - auto update || url,malware-remover.com/pcprivacycleaner-removal-tool-pc-privacy-cleaner/ || url,www.xp-vista.com/spyware-removal/pcprivacycleaner-pc-privacy-cleaner-removal-instructions
|
|
@@ -14192,8 +14193,8 @@
|
|
|
14192
14193
|
14762 || WEB-ACTIVEX iseemedia LPViewer ActiveX function call access || bugtraq,31604 || cve,2008-4384
|
|
14193
14194
|
14763 || WEB-ACTIVEX iseemedia LPViewer ActiveX function call unicode access || bugtraq,31604 || cve,2008-4384
|
|
14194
14195
|
14764 || WEB-ACTIVEX Macrovision InstallShield Update Service Agent ActiveX clsid access || bugtraq,31235 || cve,2008-2470
|
|
14195
|
-
14765 || WEB-ACTIVEX Macrovision InstallShield Update Service Agent ActiveX
|
|
14196
|
-
14766 || WEB-ACTIVEX Macrovision InstallShield Update Service Agent ActiveX function call access || bugtraq,31235 || cve,2008-2470
|
|
14196
|
+
14765 || WEB-ACTIVEX Macrovision InstallShield Update Service Agent ActiveX function call || bugtraq,31235 || cve,2008-2470
|
|
14197
|
+
14766 || DELETED WEB-ACTIVEX Macrovision InstallShield Update Service Agent ActiveX function call access || bugtraq,31235 || cve,2008-2470
|
|
14197
14198
|
14767 || WEB-ACTIVEX Macrovision InstallShield Update Service Agent ActiveX function call unicode access || bugtraq,31235 || cve,2008-2470
|
|
14198
14199
|
14768 || MISC Symantec Veritas Storage Scheduler Service NULL Session auth bypass attempt || bugtraq,30596 || cve,2008-3703
|
|
14199
14200
|
14769 || EXPLOIT DATAC RealWin SCADA System FC_INFOTAG/SET_CONTROL buffer overflow attempt || bugtraq,31418 || cve,2008-4322
|
|
@@ -14212,10 +14213,10 @@
|
|
|
14212
14213
|
14897 || WEB-ACTIVEX HP Software Update RulesEngine.dll ActiveX function call access || bugtraq,26950 || cve,2007-6506
|
|
14213
14214
|
14898 || WEB-ACTIVEX HP Software Update RulesEngine.dll ActiveX function call unicode access || bugtraq,26950 || cve,2007-6506
|
|
14214
14215
|
14899 || DELETED NETBIOS SMB netdfs unicode little endian bind attempt
|
|
14215
|
-
14900 || NETBIOS DCERPC NCACN-IP-TCP netdfs NetrDfsEnum attempt || bugtraq,24198 || cve,2007-2446
|
|
14216
|
+
14900 || NETBIOS DCERPC NCACN-IP-TCP netdfs NetrDfsEnum overflow attempt || bugtraq,24198 || cve,2007-2446
|
|
14216
14217
|
14986 || SHELLCODE x86 fldz get eip shellcode
|
|
14217
14218
|
14987 || DELETED NETBIOS SMB netdfs unicode little endian bind attempt
|
|
14218
|
-
14988 || NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum attempt || bugtraq,24198 || cve,2007-2446
|
|
14219
|
+
14988 || NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum overflow attempt || bugtraq,24198 || cve,2007-2446
|
|
14219
14220
|
14989 || WEB-MISC Novell eDirectory SOAP Accept Language header overflow attempt || cve,2008-4479
|
|
14220
14221
|
14990 || WEB-MISC Novell eDirectory SOAP Accept Charset header overflow attempt || cve,2008-4479
|
|
14221
14222
|
14991 || SQL IBM DB2 Universal Database xmlquery buffer overflow attempt || bugtraq,29601 || cve,2008-3854
|
|
@@ -14253,7 +14254,7 @@
|
|
|
14253
14254
|
15080 || MULTIMEDIA VideoLAN VLC Media Player WAV processing integer overflow attempt || bugtraq,30058 || cve,2008-2430
|
|
14254
14255
|
15081 || WEB-CLIENT Sun Java Web Start xml encoding buffer overflow attempt || bugtraq,28083 || cve,2008-1188 || url,sunsolve.sun.com/search/document.do?assetkey=1-66-233323-1
|
|
14255
14256
|
15123 || WEB-CLIENT Rich Text Format file request
|
|
14256
|
-
15126 || WEB-CLIENT Internet Explorer nested
|
|
14257
|
+
15126 || WEB-CLIENT Internet Explorer nested tag memory corruption attempt || bugtraq,32721 || cve,2008-4844 || url,www.microsoft.com/technet/security/bulletin/ms08-078.mspx
|
|
14257
14258
|
15127 || NETBIOS SMB sp_replwritetovarbin vulnerable function WriteAndX andx attempt || bugtraq,32710 || cve,2008-5416 || url,www.microsoft.com/technet/security/bulletin/MS09-004.mspx
|
|
14258
14259
|
15128 || NETBIOS SMB sp_replwritetovarbin vulnerable function WriteAndX attempt || bugtraq,32710 || cve,2008-5416 || url,www.microsoft.com/technet/security/bulletin/MS09-004.mspx
|
|
14259
14260
|
15129 || NETBIOS SMB sp_replwritetovarbin vulnerable function WriteAndX unicode andx attempt || bugtraq,32710 || cve,2008-5416 || url,www.microsoft.com/technet/security/bulletin/MS09-004.mspx
|
|
@@ -14274,15 +14275,15 @@
|
|
|
14274
14275
|
15144 || SQL sp_replwritetovarbin vulnerable function attempt || bugtraq,32710 || cve,2008-5416 || url,www.microsoft.com/technet/security/bulletin/MS09-004.mspx
|
|
14275
14276
|
15145 || EXPLOIT Apple CUPS TrueColor PNG filter overly large image height integer overflow attempt || bugtraq,32518 || cve,2008-5286 || url,www.cups.org/str.php?L2974
|
|
14276
14277
|
15146 || EXPLOIT Apple CUPS RGB+Alpha PNG filter overly large image height integer overflow attempt || bugtraq,32518 || cve,2008-5286 || url,www.cups.org/str.php?L2974
|
|
14277
|
-
15147 ||
|
|
14278
|
+
15147 || WEB-CLIENT Microsoft IE malformed iframe buffer overflow attempt || cve,2004-1050
|
|
14278
14279
|
15150 || CHAT Jive Software Openfire Jabber Server login Authentication bypass attempt || bugtraq,32189
|
|
14279
14280
|
15151 || CHAT Jive Software Openfire Jabber Server logout Authentication bypass attempt || bugtraq,32189
|
|
14280
14281
|
15152 || CHAT Jive Software Openfire Jabber Server setup-index Authentication bypass attempt || bugtraq,32189
|
|
14281
|
-
15153 || CHAT Jive Software Openfire Jabber Server setup Authentication bypass attempt || bugtraq,32189
|
|
14282
|
+
15153 || CHAT Jive Software Openfire Jabber Server setup Authentication bypass attempt || bugtraq,32189 || cve,2008-6509
|
|
14282
14283
|
15154 || CHAT Jive Software Openfire Jabber Server gif Authentication bypass attempt || bugtraq,32189
|
|
14283
14284
|
15155 || CHAT Jive Software Openfire Jabber Server png Authentication bypass attempt || bugtraq,32189
|
|
14284
14285
|
15156 || CHAT Jive Software Openfire Jabber Server serverdown Authentication bypass attempt || bugtraq,32189
|
|
14285
|
-
15157 || WEB-CLIENT VideoLAN VLC Media Player XSPF memory corruption attempt || cve,2008-4558
|
|
14286
|
+
15157 || WEB-CLIENT VideoLAN VLC Media Player XSPF memory corruption attempt TEST || cve,2008-4558
|
|
14286
14287
|
15158 || WEB-MISC XML Shareable Playlist Format file download attempt
|
|
14287
14288
|
15159 || WEB-ACTIVEX Evans FTP ActiveX clsid access || bugtraq,32814
|
|
14288
14289
|
15160 || WEB-ACTIVEX Evans FTP ActiveX clsid unicode access || bugtraq,32814
|
|
@@ -14315,7 +14316,7 @@
|
|
|
14315
14316
|
15187 || MISC Multiple vendors CUPS HPGL filter remote code execution attempt || bugtraq,31688 || cve,2008-3641
|
|
14316
14317
|
15188 || MISC Multiple vendors CUPS HPGL filter remote code execution attempt || bugtraq,31688 || cve,2008-3641 || url,www.cups.org/str.php?L2911
|
|
14317
14318
|
15189 || MISC Multiple vendors CUPS HPGL filter remote code execution attempt || bugtraq,31688 || cve,2008-3641 || url,www.cups.org/str.php?L2911
|
|
14318
|
-
15190 || WEB-MISC Youngzsoft CCProxy CONNECT Request buffer overflow attempt || bugtraq,31416
|
|
14319
|
+
15190 || WEB-MISC Youngzsoft CCProxy CONNECT Request buffer overflow attempt || bugtraq,31416 || cve,2008-6415
|
|
14319
14320
|
15191 || SPECIFIC-THREATS Mozilla Firefox animated PNG processing integer overflow || cve,2008-4064
|
|
14320
14321
|
15192 || WEB-ACTIVEX SizerOne ActiveX clsid access || bugtraq,33148 || cve,2008-4827
|
|
14321
14322
|
15193 || WEB-ACTIVEX SizerOne ActiveX clsid unicode access || bugtraq,33148 || cve,2008-4827
|
|
@@ -14396,10 +14397,10 @@
|
|
|
14396
14397
|
15308 || WEB-ACTIVEX Microsoft Animation Control ActiveX clsid unicode access || url,support.microsoft.com/kb/960715
|
|
14397
14398
|
15309 || WEB-ACTIVEX Microsoft Animation Control ActiveX function call access || url,support.microsoft.com/kb/960715
|
|
14398
14399
|
15310 || WEB-ACTIVEX Microsoft Animation Control ActiveX function call unicode access || url,support.microsoft.com/kb/960715
|
|
14399
|
-
15311 || WEB-ACTIVEX Research In Motion AxLoader ActiveX clsid access || url,support.microsoft.com/kb/960715
|
|
14400
|
-
15312 || WEB-ACTIVEX Research In Motion AxLoader ActiveX clsid unicode access || url,support.microsoft.com/kb/960715
|
|
14401
|
-
15313 || WEB-ACTIVEX Research In Motion AxLoader ActiveX function call access || url,support.microsoft.com/kb/960715
|
|
14402
|
-
15314 || WEB-ACTIVEX Research In Motion AxLoader ActiveX function call unicode access || url,support.microsoft.com/kb/960715
|
|
14400
|
+
15311 || WEB-ACTIVEX Research In Motion AxLoader ActiveX clsid access || bugtraq,33663 || cve,2009-0305 || url,support.microsoft.com/kb/960715
|
|
14401
|
+
15312 || WEB-ACTIVEX Research In Motion AxLoader ActiveX clsid unicode access || bugtraq,33663 || cve,2009-0305 || url,support.microsoft.com/kb/960715
|
|
14402
|
+
15313 || WEB-ACTIVEX Research In Motion AxLoader ActiveX function call access || bugtraq,33663 || cve,2009-0305 || url,support.microsoft.com/kb/960715
|
|
14403
|
+
15314 || WEB-ACTIVEX Research In Motion AxLoader ActiveX function call unicode access || bugtraq,33663 || cve,2009-0305 || url,support.microsoft.com/kb/960715
|
|
14403
14404
|
15315 || WEB-ACTIVEX Akamai DownloadManager ActiveX clsid access || url,support.microsoft.com/kb/960715
|
|
14404
14405
|
15316 || WEB-ACTIVEX Akamai DownloadManager ActiveX clsid unicode access || url,support.microsoft.com/kb/960715
|
|
14405
14406
|
15317 || WEB-ACTIVEX Akamai DownloadManager ActiveX function call access || url,support.microsoft.com/kb/960715
|
|
@@ -14508,9 +14509,9 @@
|
|
|
14508
14509
|
15428 || WEB-CLIENT Mozilla Firefox SVG data processing memory corruption attempt || bugtraq,33990 || cve,2009-0771 || url,www.mozilla.org/security/announce/2009/mfsa2009-07.html
|
|
14509
14510
|
15429 || CONTENT-REPLACE Yahoo Messenger deny outbound login attempt
|
|
14510
14511
|
15430 || WEB-CLIENT Microsoft EMF+ GpFont.SetData buffer overflow attempt || bugtraq,34250 || cve,2009-1217
|
|
14511
|
-
15431 || SPECIFIC-THREATS Firefox 3 xsl parsing heap overflow attempt || bugtraq,34235 || cve,2009-1169
|
|
14512
|
+
15431 || SPECIFIC-THREATS Firefox 3 xsl parsing heap overflow attempt || bugtraq,34235 || cve,2009-1169 || url,www.mozilla.org/security/announce/2009/mfsa2009-12.html
|
|
14512
14513
|
15432 || WEB-PHP wordpress cat parameter arbitrary file execution attempt || bugtraq,28845 || cve,2008-4769
|
|
14513
|
-
15434 || WEB-MISC HP OpenView Network Node Manager OvOSLocale parameter buffer overflow attempt || bugtraq,
|
|
14514
|
+
15434 || WEB-MISC HP OpenView Network Node Manager OvOSLocale parameter buffer overflow attempt || bugtraq,34134 || cve,2009-0920
|
|
14514
14515
|
15435 || EXPLOIT IBM Director CIM server consumer name handling denial of service attempt || bugtraq,34061 || cve,2009-0879
|
|
14515
14516
|
15436 || EXPLOIT IBM Tivoli Storage Manager Express Backup counter heap corruption attempt || bugtraq,34077 || cve,2008-4563 || url,www-01.ibm.com/support/docview.wss?uid=swg21377388
|
|
14516
14517
|
15437 || EXPLOIT IBM Tivoli Storage Manager Express Backup message length heap corruption attempt || bugtraq,34077 || cve,2008-4563 || url,www-01.ibm.com/support/docview.wss?uid=swg21377388
|
|
@@ -14518,18 +14519,18 @@
|
|
|
14518
14519
|
15439 || CONTENT-REPLACE QQ 2009 deny tcp login
|
|
14519
14520
|
15440 || CONTENT-REPLACE QQ 2008 deny udp login
|
|
14520
14521
|
15441 || CONTENT-REPLACE QQ 2009 deny tcp login
|
|
14521
|
-
15442 || MYSQL XML Functions ExtractValue Scalar XPath denial of service attempt || cve,2009-0819 || url,dev.mysql.com/doc/refman/5.1/en/news-5-1-32.html || url,secunia.com/advisories/34115
|
|
14522
|
-
15443 || MYSQL XML Functions UpdateXML Scalar XPath denial of service attempt || cve,2009-0819 || url,dev.mysql.com/doc/refman/5.1/en/news-5-1-32.html || url,secunia.com/advisories/34115
|
|
14522
|
+
15442 || MYSQL XML Functions ExtractValue Scalar XPath denial of service attempt || bugtraq,33972 || cve,2009-0819 || url,dev.mysql.com/doc/refman/5.1/en/news-5-1-32.html || url,secunia.com/advisories/34115
|
|
14523
|
+
15443 || MYSQL XML Functions UpdateXML Scalar XPath denial of service attempt || bugtraq,33972 || cve,2009-0819 || url,dev.mysql.com/doc/refman/5.1/en/news-5-1-32.html || url,secunia.com/advisories/34115
|
|
14523
14524
|
15444 || WEB-MISC Core Audio Format file download attempt
|
|
14524
14525
|
15445 || ORACLE Oracle Application Server BPEL module cross site scripting attempt || cve,2008-4014
|
|
14525
|
-
15446 || WEB-MISC Novell eDirectory management console Accept-Language buffer overflow attempt || cve,2008-5094 || url,download.novell.com/Download?buildid=Cf15mVyA3GI~
|
|
14526
|
+
15446 || WEB-MISC Novell eDirectory management console Accept-Language buffer overflow attempt || bugtraq,31553 || cve,2008-4479 || cve,2008-5094 || url,download.novell.com/Download?buildid=Cf15mVyA3GI~
|
|
14526
14527
|
15447 || DELETED WEB-CLIENT Firefox XML parser memory corruption attempt || cve,2009-1232
|
|
14527
14528
|
15448 || NETBIOS DCERPC NCADG-IP-UDP srvsvc NetrShareEnum null policy handle attempt || arachnids,454
|
|
14528
14529
|
15463 || WEB-CLIENT Microsoft Excel file request
|
|
14529
14530
|
15464 || WEB-CLIENT Microsoft Excel file request
|
|
14530
14531
|
15471 || WEB-CLIENT asp file upload
|
|
14531
14532
|
15472 || WEB-CLIENT Nullsoft Winamp pls file player name handling buffer overflow attempt || bugtraq,16410 || cve,2006-0476
|
|
14532
|
-
15473 || WEB-CLIENT Multiple media players M3U playlist file handling buffer overflow attempt || bugtraq,16410 || bugtraq,21206 || cve,2006-0476 || cve,2006-6063
|
|
14533
|
+
15473 || WEB-CLIENT Multiple media players M3U playlist file handling buffer overflow attempt || bugtraq,16410 || bugtraq,16623 || bugtraq,21206 || cve,2006-0476 || cve,2006-0708 || cve,2006-6063
|
|
14533
14534
|
15476 || SPYWARE-PUT Waledac spam bot HTTP POST request || url,blogs.technet.com/mmpc/archive/2009/04/14/wheres-waledac.aspx
|
|
14534
14535
|
15477 || EXPLOIT Oracle BEA WebLogic overlong JESSIONID buffer overflow attempt || cve,2008-5457
|
|
14535
14536
|
15478 || SPECIFIC-THREATS Adobe Flash Player invalid object reference code execution attempt || bugtraq,33880 || cve,2009-0520
|
|
@@ -14537,7 +14538,7 @@
|
|
|
14537
14538
|
15481 || BOTNET-CNC Zeus/Zbot malware config file download request || url,www.viruslist.com/en/viruses/encyclopedia?virusid=21782783
|
|
14538
14539
|
15482 || EXPLOIT Sun Java System sockd authentication buffer overflow attempt || cve,2007-2881
|
|
14539
14540
|
15483 || WEB-MISC Adobe Shockwave Flash file request
|
|
14540
|
-
15484 || IMAP CRAM-MD5 authentication method buffer overflow || bugtraq,11675 || bugtraq,23172 || cve,2004-1520 || cve,2007-1675
|
|
14541
|
+
15484 || IMAP CRAM-MD5 authentication method buffer overflow || bugtraq,11675 || bugtraq,14317 || bugtraq,23172 || cve,2004-1520 || cve,2007-1675
|
|
14541
14542
|
15485 || SPECIFIC-THREATS IBM Lotus Notes DOC attachment viewer buffer overflow || bugtraq,26146 || cve,2007-5544
|
|
14542
14543
|
15486 || DELETED BACKDOOR Kraken command and control server search attempt || url,www.securityfocus.com/brief/743
|
|
14543
14544
|
15487 || MULTIMEDIA Apple QuickTime SMIL qtnext redirect file execution attempt || bugtraq,29650 || cve,2008-1585
|
|
@@ -14604,7 +14605,7 @@
|
|
|
14604
14605
|
15582 || WEB-MISC ARJ format file download attempt
|
|
14605
14606
|
15583 || WEB-CLIENT F-Secure AntiVirus library heap overflow attempt || bugtraq,12515 || cve,2005-0350
|
|
14606
14607
|
15584 || SQL char and sysobjects - possible sql injection recon attempt || url,isc.sans.org/diary.html?storyid=3823
|
|
14607
|
-
15585 || WEB-CLIENT Excel file download request
|
|
14608
|
+
15585 || DELETED WEB-CLIENT Excel file download request
|
|
14608
14609
|
15586 || WEB-CLIENT Powerpoint file download request
|
|
14609
14610
|
15587 || WEB-CLIENT Word file download request
|
|
14610
14611
|
15588 || WEB-ACTIVEX Microsoft Video 1 ActiveX clsid access || cve,2008-0015 || url,www.microsoft.com/technet/security/Bulletin/MS09-032.mspx || url,www.microsoft.com/technet/security/advisory/972890.mspx
|
|
@@ -14692,14 +14693,14 @@
|
|
|
14692
14693
|
15670 || WEB-ACTIVEX Microsoft Video 6 ActiveX clsid access || bugtraq,35558 || cve,2008-0015 || cve,2009-0901 || url,www.microsoft.com/technet/security/Bulletin/MS09-032.mspx || url,www.microsoft.com/technet/security/Bulletin/MS09-037.mspx || url,www.microsoft.com/technet/security/Bulletin/MS09-060.mspx || url,www.microsoft.com/technet/security/advisory/972890.mspx
|
|
14693
14694
|
15671 || WEB-ACTIVEX Microsoft Video 6 ActiveX clsid unicode access || bugtraq,35558 || cve,2008-0015 || cve,2009-0901 || url,www.microsoft.com/technet/security/Bulletin/MS09-032.mspx || url,www.microsoft.com/technet/security/Bulletin/MS09-037.mspx || url,www.microsoft.com/technet/security/Bulletin/MS09-060.mspx || url,www.microsoft.com/technet/security/advisory/972890.mspx
|
|
14694
14695
|
15672 || WEB-ACTIVEX Microsoft Video 7 ActiveX clsid access || cve,2008-0015 || url,www.microsoft.com/technet/security/Bulletin/MS09-032.mspx || url,www.microsoft.com/technet/security/advisory/972890.mspx
|
|
14695
|
-
15673 || WEB-ACTIVEX Microsoft Video 7 ActiveX clsid unicode access || cve,2008-0015 || url,www.microsoft.com/technet/security/Bulletin/MS09-032.mspx || url,www.microsoft.com/technet/security/advisory/972890.mspx
|
|
14696
|
+
15673 || DELETED WEB-ACTIVEX Microsoft Video 7 ActiveX clsid unicode access || cve,2008-0015 || url,www.microsoft.com/technet/security/Bulletin/MS09-032.mspx || url,www.microsoft.com/technet/security/advisory/972890.mspx
|
|
14696
14697
|
15674 || WEB-ACTIVEX Microsoft Video 8 ActiveX clsid access || cve,2008-0015 || url,www.microsoft.com/technet/security/Bulletin/MS09-032.mspx || url,www.microsoft.com/technet/security/advisory/972890.mspx
|
|
14697
14698
|
15675 || WEB-ACTIVEX Microsoft Video 8 ActiveX clsid unicode access || cve,2008-0015 || url,www.microsoft.com/technet/security/Bulletin/MS09-032.mspx || url,www.microsoft.com/technet/security/advisory/972890.mspx
|
|
14698
14699
|
15676 || WEB-ACTIVEX Microsoft Video 9 ActiveX clsid access || cve,2008-0015 || url,www.microsoft.com/technet/security/Bulletin/MS09-032.mspx || url,www.microsoft.com/technet/security/advisory/972890.mspx
|
|
14699
14700
|
15677 || WEB-ACTIVEX Microsoft Video 9 ActiveX clsid unicode access || cve,2008-0015 || url,www.microsoft.com/technet/security/Bulletin/MS09-032.mspx || url,www.microsoft.com/technet/security/advisory/972890.mspx
|
|
14700
14701
|
15678 || SPECIFIC-THREATS Microsoft DirectShow ActiveX exploit via JavaScript || cve,2008-0015 || url,www.microsoft.com/technet/security/advisory/972890.mspx || url,www.microsoft.com/technet/security/bulletin/ms09-032.mspx
|
|
14701
14702
|
15679 || SPECIFIC-THREATS Microsoft DirectShow ActiveX exploit via JavaScript - unicode encoding || cve,2008-0015 || url,www.microsoft.com/technet/security/advisory/972890.mspx || url,www.microsoft.com/technet/security/bulletin/ms09-032.mspx
|
|
14702
|
-
15684 ||
|
|
14703
|
+
15684 || EXPLOIT Multiple product snews uri handling code execution attempt || bugtraq,25053 || bugtraq,25945 || cve,2007-3845 || cve,2007-3896 || cve,2007-4041 || url,www.microsoft.com/technet/security/advisory/943521.mspx || url,www.microsoft.com/technet/security/bulletin/ms07-057.mspx
|
|
14703
14704
|
15696 || DELETED SPECIFIC-THREATS Mozilla Firefox 3.5 TraceMonkey JavaScript engine uninitialized memory corruption attempt || bugtraq,35660 || cve,2009-2477 || url,www.kb.cert.org/vuls/id/443060
|
|
14704
14705
|
15697 || WEB-CLIENT Generic javascript obfuscation attempt || bugtraq,35660
|
|
14705
14706
|
15698 || WEB-CLIENT Possible generic javascript heap spray attempt || bugtraq,35660
|
|
@@ -14767,7 +14768,7 @@
|
|
|
14767
14768
|
15889 || EXPLOIT SAPLPD 0x32 command buffer overflow attempt || bugtraq,27613 || cve,2008-0621
|
|
14768
14769
|
15890 || EXPLOIT SAPLPD 0x33 command buffer overflow attempt || bugtraq,27613 || cve,2008-0621
|
|
14769
14770
|
15891 || EXPLOIT SAPLPD 0x34 command buffer overflow attempt || bugtraq,27613 || cve,2008-0621
|
|
14770
|
-
15892 ||
|
|
14771
|
+
15892 || DOS SAPLPD 0x53 command denial of service attempt || bugtraq,27613 || cve,2008-0621
|
|
14771
14772
|
15893 || WEB-CLIENT fCreateShellLink function use - potential attack || bugtraq,29792 || cve,2008-2959
|
|
14772
14773
|
15894 || SPECIFIC-THREATS Microsoft Color Management Module remote code execution attempt || cve,2005-1219 || url,www.microsoft.com/technet/security/bulletin/ms05-016.mspx
|
|
14773
14774
|
15895 || DELETED CHAT Pidgin MSN P2P message 64bit integer overflow attempt || bugtraq,35067 || cve,2009-1376 || cve,2009-2694
|
|
@@ -14785,7 +14786,7 @@
|
|
|
14785
14786
|
15907 || EXPLOIT Linux Kernel DCCP Protocol Handler dccp_setsockopt_change integer overflow attempt || bugtraq,30704 || cve,2008-3276
|
|
14786
14787
|
15908 || WEB-MISC Trend Micro OfficeScan multiple CGI modules HTTP form processing buffer overflow attempt || cve,2008-3862
|
|
14787
14788
|
15909 || WEB-CLIENT Apple QuickTime VR Track Header Atom heap corruption attempt || bugtraq,33384 || cve,2009-0002 || url,support.apple.com/kb/HT3403
|
|
14788
|
-
15910 ||
|
|
14789
|
+
15910 || EXPLOIT Microsoft Internet Explorer getElementById object corruption || bugtraq,30614 || cve,2008-2254 || url,www.microsoft.com/technet/security/Bulletin/MS08-045.mspx
|
|
14789
14790
|
15911 || NETBIOS DCERPC NCACN-IP-TCP spoolss RouteRefreshPrinterChangeNotification attempt || cve,2007-2446
|
|
14790
14791
|
15921 || WEB-CLIENT Microsoft media format file download request
|
|
14791
14792
|
15922 || WEB-CLIENT mp3 file download request
|
|
@@ -14825,7 +14826,6 @@
|
|
|
14825
14826
|
15956 || ORACLE http Server mod_access restriction bypass attempt || bugtraq,13418 || cve,2005-1383
|
|
14826
14827
|
15957 || WEB-CLIENT Sophos Anti-Virus zip file handling DoS attempt || bugtraq,14270 || cve,2005-1530
|
|
14827
14828
|
15958 || WEB-MISC Novell ZENworks Remote Management overflow attempt || bugtraq,13678 || cve,2005-1543
|
|
14828
|
-
15959 || SPECIFIC-THREATS Microsoft ASP.NET viewstate DoS attempt || cve,2005-1665
|
|
14829
14829
|
15960 || SPECIFIC-THREATS Novell eDirectory MS-DOS device name DoS attempt || cve,2005-1729
|
|
14830
14830
|
15961 || SPECIFIC-THREATS 3Com Network Supervisor directory traversal attempt || bugtraq,14715 || cve,2005-2020
|
|
14831
14831
|
15962 || SPECIFIC-THREATS Sybase EAServer WebConsole overflow attempt || bugtraq,14287 || cve,2005-2297
|
|
@@ -14851,8 +14851,8 @@
|
|
|
14851
14851
|
15987 || WEB-MISC Microsoft Visio DXF file download request
|
|
14852
14852
|
15988 || SPECIFIC-THREATS Microsoft ISA Server DNS spoofing attempt || bugtraq,11605 || cve,2004-0892
|
|
14853
14853
|
15989 || EXPLOIT Squid ASN.1 header parsing denial of service attempt || bugtraq,11385 || cve,2004-0918
|
|
14854
|
-
15990 || WEB-MISC
|
|
14855
|
-
15991 ||
|
|
14854
|
+
15990 || WEB-MISC Multiple Vendor server file disclosure attempt || bugtraq,11245 || bugtraq,19106 || cve,2004-0928 || cve,2006-3853
|
|
14855
|
+
15991 || DOS Multiple vendor DNS message decompression denial of service attempt || bugtraq,13729 || cve,2005-0036
|
|
14856
14856
|
15992 || SPECIFIC-THREATS Trend Micro Products Antivirus Library overflow attempt || bugtraq,12643 || cve,2005-0533
|
|
14857
14857
|
15993 || SPECIFIC-THREATS Adobe Flash Player ActionScript intrf_count integer overflow attempt || bugtraq,35907 || cve,2009-1869
|
|
14858
14858
|
15994 || SPECIFIC-THREATS Squid strListGetItem denial of service attempt || bugtraq,36091 || cve,2009-2855
|
|
@@ -14868,7 +14868,7 @@
|
|
|
14868
14868
|
16005 || SPECIFIC-THREATS Mozilla browsers JavaScript argument passing code execution attempt || bugtraq,22694 || cve,2007-0777
|
|
14869
14869
|
16006 || SPECIFIC-THREATS Quicktime color table id memory corruption attempt || bugtraq,22839 || cve,2007-0718 || url,docs.info.apple.com/article.html?artnum=305149
|
|
14870
14870
|
16007 || SPECIFIC-THREATS Microsoft Internet Explorer colgroup tag uninitialized memory exploit attempt || bugtraq,23771 || cve,2007-0944 || url,www.microsoft.com/technet/security/bulletin/ms07-027.mspx
|
|
14871
|
-
16008 ||
|
|
14871
|
+
16008 || WEB-MISC Microsoft Internet Explorer 7 html object memory corruption attempt || cve,2007-0947
|
|
14872
14872
|
16009 || SPECIFIC-THREATS Mozilla products overflow event handling memory corruption attempt || bugtraq,24376 || cve,2007-2876
|
|
14873
14873
|
16010 || SPECIFIC-THREATS Microsoft Internet Explorer Javascript Page update race condition attempt || bugtraq,24283 || cve,2007-3091
|
|
14874
14874
|
16011 || SPECIFIC-THREATS Microsoft Internet Explorer CSS property method handling memory corruption attempt || bugtraq,23769 || cve,2007-0945
|
|
@@ -14895,9 +14895,9 @@
|
|
|
14895
14895
|
16032 || WEB-CLIENT Microsoft Internet Explorer HTML Decoding memory corruption attempt || bugtraq,18309 || cve,2006-2382
|
|
14896
14896
|
16033 || SPECIFIC-THREATS Microsoft Internet Explorer compressed content attempt || bugtraq,19987 || cve,2006-3873
|
|
14897
14897
|
16034 || SPECIFIC-THREATS Samba spools RPC smb_io_notify_option_type_data request handling buffer overflow attempt || cve,2007-2446
|
|
14898
|
-
16035 ||
|
|
14899
|
-
16036 ||
|
|
14900
|
-
16037 ||
|
|
14898
|
+
16035 || WEB-CLIENT Microsoft Internet Explorer createTextRange code execution attempt || bugtraq,17196 || cve,2006-1359
|
|
14899
|
+
16036 || WEB-CLIENT Mozilla Products QueryInterface method memory corruption attempt || bugtraq,16476 || cve,2006-0295
|
|
14900
|
+
16037 || WEB-CLIENT Mozilla products graphics and XML features integer overflows attempt || bugtraq,16476 || cve,2006-0297
|
|
14901
14901
|
16038 || MISC Mozilla Thunderbird WYSIWIG engine filtering IFRAME JavaScript execution attempt || bugtraq,16770 || cve,2006-0884
|
|
14902
14902
|
16039 || MISC EMC Dantz Retrospect Backup Agent denial of service attempt || cve,2006-0995
|
|
14903
14903
|
16040 || EXPLOIT SpamAssassin spamd vpopmail and paranoid options code execution attempt || bugtraq,18290 || cve,2006-2447
|
|
@@ -14915,7 +14915,7 @@
|
|
|
14915
14915
|
16052 || WEB-CLIENT Novell iManager Tomcat http post handling DoS attempt || bugtraq,20841 || cve,2006-4517
|
|
14916
14916
|
16053 || WEB-CLIENT GNU tar PAX extended headers handling overflow attempt || bugtraq,16764 || cve,2006-0300
|
|
14917
14917
|
16054 || WEB-CLIENT Quicktime bitmap multiple header overflow || bugtraq,17953 || cve,2006-2238
|
|
14918
|
-
16055 ||
|
|
14918
|
+
16055 || WEB-CLIENT Apple iTunes AAC file handling integer overflow attempt || bugtraq,18730 || cve,2006-1467
|
|
14919
14919
|
16056 || WEB-MISC Symantec Scan Engine authentication bypass attempt || bugtraq,17637 || cve,2006-0230
|
|
14920
14920
|
16057 || SPECIFIC-THREATS sendmail smtp timeout buffer overflow attempt || bugtraq,17192 || cve,2006-0058
|
|
14921
14921
|
16058 || SPECIFIC-THREATS Samba WINS Server Name Registration handling stack buffer overflow attempt || bugtraq,26455 || cve,2007-5398
|
|
@@ -15161,7 +15161,7 @@
|
|
|
15161
15161
|
16406 || WEB-MISC JPEG file download attempt
|
|
15162
15162
|
16407 || WEB-MISC JPEG file download attempt
|
|
15163
15163
|
16424 || WEB-ACTIVEX Windows Script Host Shell Object ActiveX clsid access || url,www.exploit-db.com/exploits/11457
|
|
15164
|
-
16425 || WEB-CLIENT Portable Executable binary file
|
|
15164
|
+
16425 || WEB-CLIENT request for Portable Executable binary file || url,www.microsoft.com/whdc/system/platform/firmware/PECOFF.mspx
|
|
15165
15165
|
16426 || WEB-MISC Sun Java System Web Server 7.0 WebDAV format string exploit attempt - PROPFIND method || bugtraq,37910 || cve,2010-0388
|
|
15166
15166
|
16427 || WEB-MISC Sun Java System Web Server 7.0 WebDAV format string exploit attempt - LOCK method || bugtraq,37910 || cve,2010-0388
|
|
15167
15167
|
16428 || EXPLOIT Microsoft Outlook Express and Windows Mail NNTP handling buffer overflow attempt || cve,2007-3897 || url,www.microsoft.com/technet/security/Bulletin/MS07-056.mspx
|
|
@@ -15180,7 +15180,7 @@
|
|
|
15180
15180
|
16441 || BOTNET-CNC Possible Zeus User-Agent - Download || url,en.wikipedia.org/wiki/Zeus_(trojan_horse)
|
|
15181
15181
|
16442 || BOTNET-CNC Possible Zeus User-Agent - Mozilla || url,en.wikipedia.org/wiki/Zeus_(trojan_horse)
|
|
15182
15182
|
16443 || CHAT deny Gmail chat DNS request
|
|
15183
|
-
16444 || SPECIFIC-
|
|
15183
|
+
16444 || SPECIFIC-THREATS HP StorageWorks storage mirroring double take service code execution attempt || cve,2008-1661 || url,h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01362558
|
|
15184
15184
|
16445 || SPECIFIC-THREATS Digium Asterisk IAX2 ack response denial of service attempt || bugtraq,28901 || cve,2008-1897 || url,downloads.digium.com/pub/security/AST-2008-006.html
|
|
15185
15185
|
16446 || RPC portmap Solaris sadmin tcp request || bugtraq,31751 || cve,2008-4556
|
|
15186
15186
|
16447 || RPC portmap Solaris sadmin udp request || bugtraq,31751 || cve,2008-4556
|
|
@@ -15225,7 +15225,7 @@
|
|
|
15225
15225
|
16500 || NETBIOS DCERPC NCACN-IP-TCP dns R_DnssrvEnumRecords overflow attempt || bugtraq,23470 || cve,2007-1748 || url,www.microsoft.com/technet/security/Bulletin/MS07-029.mspx
|
|
15226
15226
|
16501 || WEB-CLIENT Mozilla Firefox WOFF font processing integer overflow attempt - TrueType || bugtraq,38298 || cve,2010-1028 || url,www.kb.cert.org/vuls/id/964549
|
|
15227
15227
|
16502 || WEB-CLIENT Mozilla Firefox WOFF font processing integer overflow attempt - CFF-based || bugtraq,38298 || cve,2010-1028 || url,www.kb.cert.org/vuls/id/964549
|
|
15228
|
-
16513 || SQL Jive Software Openfire Jabber Server SQL injection attempt || bugtraq,32189 || cve,2008-6509
|
|
15228
|
+
16513 || SQL Jive Software Openfire Jabber Server SQL injection attempt || bugtraq,32189 || cve,2008-6508 || cve,2008-6509 || cve,2008-6510
|
|
15229
15229
|
16514 || CHAT Trillian AIM XML tag handling heap buffer overflow attempt || bugtraq,32645 || cve,2008-5403 || url,dev.aol.com/aim/oscar/
|
|
15230
15230
|
16515 || SMTP Novell Groupwise Internet Agent RCPT command overflow attempt || bugtraq,33560 || cve,2009-0410
|
|
15231
15231
|
16516 || ORACLE Database sys.olapimpl_t package odcitablestart overflow attempt || cve,2008-3974
|
|
@@ -15233,7 +15233,7 @@
|
|
|
15233
15233
|
16518 || WEB-CLIENT Free Download Manager .torrent parsing announce overflow attempt || bugtraq,33555 || cve,2009-0184
|
|
15234
15234
|
16519 || WEB-CLIENT Free Download Manager .torrent parsing name overflow attempt || bugtraq,33555 || cve,2009-0184
|
|
15235
15235
|
16520 || WEB-CLIENT Free Download Manager .torrent parsing path overflow attempt || bugtraq,33555 || cve,2009-0184
|
|
15236
|
-
16521 || WEB-CLIENT Squid Proxy http version number overflow attempt || bugtraq,33604 || cve,2009-
|
|
15236
|
+
16521 || WEB-CLIENT Squid Proxy http version number overflow attempt || bugtraq,33604 || cve,2009-0478
|
|
15237
15237
|
16522 || WEB-CLIENT Novell QuickFinder server cross-site-scripting attempt || cve,2009-0611
|
|
15238
15238
|
16523 || POLICY PDF with click-to-launch executable || url,blog.didierstevens.com/2010/03/29/escape-from-pdf/ || url,blogs.adobe.com/adobereader/2010/04/didier_stevens_launch_function.html
|
|
15239
15239
|
16524 || FTP ProFTPD username sql injection attempt || bugtraq,33722 || cve,2009-0542
|
|
@@ -15748,7 +15748,7 @@
|
|
|
15748
15748
|
17100 || WEB-ACTIVEX CommuniCrypt Mail ANSMTP.dll/AOSMTP.dll ActiveX clsid unicode access || url,osvdb.org/show/osvdb/64839
|
|
15749
15749
|
17101 || WEB-ACTIVEX CommuniCrypt Mail ANSMTP.dll/AOSMTP.dll ActiveX function call access || url,osvdb.org/show/osvdb/64839
|
|
15750
15750
|
17102 || WEB-ACTIVEX CommuniCrypt Mail ANSMTP.dll/AOSMTP.dll ActiveX function call unicode access || url,osvdb.org/show/osvdb/64839
|
|
15751
|
-
17103 || WEB-IIS IIS 5.1 alternate data stream authentication bypass attempt ||
|
|
15751
|
+
17103 || WEB-IIS IIS 5.1 alternate data stream authentication bypass attempt || cve,2010-2731 || url,www.microsoft.com/technet/security/bulletin/MS10-065.mspx
|
|
15752
15752
|
17104 || WEB-CLIENT FeedDemon OPML file handling buffer overflow attempt || bugtraq,33630 || cve,2009-0546
|
|
15753
15753
|
17105 || WEB-CLIENT FeedDemon unicode OPML file handling buffer overflow attempt || bugtraq,33630 || cve,2009-0546
|
|
15754
15754
|
17106 || WEB-MISC download of RMF file - potentially malicious || bugtraq,39077 || cve,2010-0842
|
|
@@ -15803,4 +15803,908 @@
|
|
|
15803
15803
|
17206 || RPC Multiple vendors librpc.dll stack buffer overflow attempt - tcp || bugtraq,38472 || cve,2009-2754
|
|
15804
15804
|
17207 || EXPLOIT IBM Cognos Server backdoor account remote code execution attempt || bugtraq,38084 || cve,2010-0557
|
|
15805
15805
|
17208 || EXPLOIT Squid Proxy HTCP packet processing denial of service attempt || bugtraq,38212 || cve,2010-0639
|
|
15806
|
-
17209 || SQL IBM DB2 DATABASE SERVER SQL REPEAT Buffer Overflow || bugtraq,37976
|
|
15806
|
+
17209 || SQL IBM DB2 DATABASE SERVER SQL REPEAT Buffer Overflow || bugtraq,37976 || cve,2010-0462
|
|
15807
|
+
17210 || POLICY Portable Executable binary file transfer over SMB
|
|
15808
|
+
17211 || WEB-CLIENT Quicktime marshaled punk remote code execution || cve,2010-1818
|
|
15809
|
+
17212 || WEB-CLIENT Mozilla Firefox JavaScript eval arbitrary code execution attempt || cve,2005-1532 || url,secunia.com/advisories/15528/
|
|
15810
|
+
17213 || WEB-CLIENT Mozilla Firefox Chrome Page Loading Restriction Bypass attempt || cve,2005-2706 || url,secunia.com/advisories/16911/
|
|
15811
|
+
17214 || SPECIFIC-THREATS Adobe Reader and Acrobat libtiff TIFFFetchShortPair stack buffer overflow attempt || cve,2006-3459 || cve,2010-0188
|
|
15812
|
+
17215 || SPECIFIC-THREATS Adobe Reader and Acrobat libtiff TIFFFetchShortPair stack buffer overflow attempt || cve,2006-3459 || cve,2010-0188
|
|
15813
|
+
17216 || WEB-CLIENT Apple Safari TABLE tag with large CELLSPACING attribute exploit attempt || bugtraq,17634 || cve,2006-1986
|
|
15814
|
+
17217 || WEB-CLIENT Apple Safari invalid FRAME tag remote code execution attempt || bugtraq,17634 || cve,2006-1987
|
|
15815
|
+
17218 || WEB-CLIENT Apple Safari LI tag with large VALUE attribute exploit attempt || bugtraq,17634 || cve,2006-1988
|
|
15816
|
+
17219 || SPECIFIC-THREATS Firefox domain name handling buffer overflow attempt || bugtraq,14784 || cve,2005-2871
|
|
15817
|
+
17220 || SPECIFIC-THREATS Firefox domain name handling buffer overflow attempt || bugtraq,14784 || cve,2005-2871
|
|
15818
|
+
17221 || SPECIFIC-THREATS Firefox domain name handling buffer overflow attempt || bugtraq,14784 || cve,2005-2871
|
|
15819
|
+
17222 || SPECIFIC-THREATS Firefox domain name handling buffer overflow attempt || bugtraq,14784 || cve,2005-2871
|
|
15820
|
+
17223 || SPECIFIC-THREATS Adobe Flash Player navigateToURL cross-site scripting attempt || bugtraq,26960 || cve,2007-6244
|
|
15821
|
+
17224 || SMTP McAfee WebShield SMTP bounce message format string attempt || bugtraq,16742 || cve,2006-0559
|
|
15822
|
+
17225 || SPECIFIC-THREATS Alt-N MDaemon WorldClient invalid user || cve,2008-2631
|
|
15823
|
+
17226 || WEB-ACTIVEX AXIS Camera ActiveX initialization via script || bugtraq,33408 || cve,2008-5260
|
|
15824
|
+
17227 || WEB-CLIENT Microsoft Excel sheet name memory corruption attempt || bugtraq,24691 || cve,2007-3490
|
|
15825
|
+
17228 || SPECIFIC-THREATS Microsoft Windows Media Player skin decompression code execution attempt || bugtraq,25307 || cve,2007-3035
|
|
15826
|
+
17229 || WEB-CLIENT Tiff file download - little-endian
|
|
15827
|
+
17230 || WEB-CLIENT Tiff file download - big-endian
|
|
15828
|
+
17231 || WEB-CLIENT Microsoft Kodak Imaging small offset malformed tiff - little-endian || cve,2007-2217 || url,www.microsoft.com/technet/security/Bulletin/MS07-055.mspx
|
|
15829
|
+
17232 || WEB-CLIENT Microsoft Kodak Imaging large offset malformed tiff - big-endian || cve,2007-2217 || url,www.microsoft.com/technet/security/Bulletin/MS07-055.mspx
|
|
15830
|
+
17233 || SPECIFIC-THREATS Adobe Reader and Acrobat TTF SING table parsing remote code execution attempt || cve,2010-2883 || url,www.adobe.com/support/security/advisories/apsa10-02.html
|
|
15831
|
+
17234 || SPECIFIC-THREATS VBMania mass mailing worm activity || url,www.virustotal.com/file-scan/report.html?id=fedb7b404754cf85737fb7e50f33324b84eb4c0b98024c7d3302039a901b04b7-1284133892
|
|
15832
|
+
17235 || SPECIFIC-THREATS VBMania mass mailing worm download attempt || url,www.virustotal.com/file-scan/report.html?id=fedb7b404754cf85737fb7e50f33324b84eb4c0b98024c7d3302039a901b04b7-1284133892
|
|
15833
|
+
17236 || WEB-CLIENT Mozilla Firefox nsPropertyTable PropertyList memory corruption attempt || cve,2009-3070 || url,secunia.com/advisories/36671/
|
|
15834
|
+
17237 || DELETED WEB-CLIENT XBM file download
|
|
15835
|
+
17238 || WEB-CLIENT ACD Systems ACDSee Products XBM file handling buffer overflow attempt || bugtraq,37685 || url,osvdb.org/show/osvdb/63643
|
|
15836
|
+
17239 || IMAP Alt-N MDaemon IMAP server CREATE command buffer overflow attempt || bugtraq,14315
|
|
15837
|
+
17240 || IMAP Alt-N MDaemon IMAP server CREATE command buffer overflow attempt || bugtraq,14315
|
|
15838
|
+
17241 || WEB-CLIENT Microsoft wmv file download request
|
|
15839
|
+
17243 || EXPLOIT MIT Kerberos V5 krb5_recvauth double free attempt || bugtraq,14239 || cve,2005-1689
|
|
15840
|
+
17244 || SPECIFIC-THREATS Antivirus ACE file handling buffer overflow attempt || cve,2005-2385 || cve,2005-2720
|
|
15841
|
+
17245 || WEB-CLIENT Mozilla Firefox image dragging exploit attempt || cve,2005-0230
|
|
15842
|
+
17246 || DELETED SPECIFIC-THREATS Multiple vendor Antivirus magic byte detection evasion attempt || cve,2005-3370 || cve,2005-3371 || cve,2005-3372 || cve,2005-3373 || cve,2005-3374 || cve,2005-3375 || cve,2005-3376 || cve,2005-3377 || cve,2005-3378 || cve,2005-3379 || cve,2005-3380 || cve,2005-3381 || cve,2005-3382
|
|
15843
|
+
17247 || DELETED SPECIFIC-THREATS Multiple vendor Antivirus magic byte detection evasion attempt || cve,2005-3370 || cve,2005-3371 || cve,2005-3372 || cve,2005-3373 || cve,2005-3374 || cve,2005-3375 || cve,2005-3376 || cve,2005-3377 || cve,2005-3378 || cve,2005-3379 || cve,2005-3380 || cve,2005-3381 || cve,2005-3382
|
|
15844
|
+
17248 || DELETED SPECIFIC-THREATS Multiple vendor Antivirus magic byte detection evasion attempt || cve,2005-3370 || cve,2005-3371 || cve,2005-3372 || cve,2005-3373 || cve,2005-3374 || cve,2005-3375 || cve,2005-3376 || cve,2005-3377 || cve,2005-3378 || cve,2005-3379 || cve,2005-3380 || cve,2005-3381 || cve,2005-3382
|
|
15845
|
+
17257 || SPECIFIC-THREATS Adobe Flash Player and Reader remote code execution attempt || cve,2010-2884 || url,www.adobe.com/support/security/advisories/apsa10-03.html
|
|
15846
|
+
17258 || WEB-CLIENT Mozilla Firefox XUL tree element code execution attempt || bugtraq,34181 || cve,2009-1044
|
|
15847
|
+
17259 || WEB-CLIENT .mov file request
|
|
15848
|
+
17260 || SPECIFIC-THREATS Mozilla Firefox Javascript contentWindow in an iframe exploit attempt || bugtraq,17671 || cve,2006-1993
|
|
15849
|
+
17261 || WEB-CLIENT Microsoft Internet Explorer createTextRange code execution attempt || bugtraq,17196 || cve,2006-1359
|
|
15850
|
+
17262 || WEB-CLIENT Microsoft Internet Explorer createTextRange code execution attempt || bugtraq,17196 || cve,2006-1359
|
|
15851
|
+
17263 || SPECIFIC-THREATS Microsoft Internet Explorer createTextRange code execution attempt || bugtraq,17196 || cve,2006-1359
|
|
15852
|
+
17264 || ORACLE Permission declaration exploit attempt || bugtraq,38115 || cve,2010-0866
|
|
15853
|
+
17265 || WEB-CLIENT Mozilla Firefox plugin access control bypass attempt || bugtraq,12655 || cve,2005-0527
|
|
15854
|
+
17266 || SPECIFIC-THREATS Multiple vendor malformed ZIP archive Antivirus detection bypass attempt || bugtraq,12793 || url,ftp.aerasec.de/pub/advisories/unfiltered-escape-sequences/unfiltered-escape-sequences.txt || url,lists.grok.org.uk/pipermail/full-disclosure/2005-March/032530.html
|
|
15855
|
+
17267 || SPECIFIC-THREATS Multiple vendor malformed ZIP archive Antivirus detection bypass attempt || bugtraq,12793 || url,ftp.aerasec.de/pub/advisories/unfiltered-escape-sequences/unfiltered-escape-sequences.txt || url,lists.grok.org.uk/pipermail/full-disclosure/2005-March/032530.html
|
|
15856
|
+
17268 || SPECIFIC-THREATS Mozilla Firefox sidebar panel arbitrary code execution attempt || bugtraq,12884 || cve,2005-0402
|
|
15857
|
+
17269 || TELNET Client env_opt_add Buffer Overflow attempt || bugtraq,12919 || cve,2005-0468
|
|
15858
|
+
17270 || ORACLE DBMS_METADATA Package SQL Injection attempt || cve,2005-1197
|
|
15859
|
+
17271 || WEB-CLIENT Microsoft Windows Web View script injection attempt || bugtraq,13248 || cve,2005-1191
|
|
15860
|
+
17272 || WEB-CLIENT RealNetworks RealPlayer AVI parsing buffer overflow attempt || bugtraq,13530 || cve,2005-2052
|
|
15861
|
+
17273 || SPECIFIC-THREATS MIT Kerberos V5 KDC krb5_unparse_name overflow attempt || cve,2005-1174 || url,secunia.com/advisories/16041/
|
|
15862
|
+
17274 || SPECIFIC-THREATS MIT Kerberos V5 KDC krb5_unparse_name overflow attempt || cve,2005-1175 || url,secunia.com/advisories/16041/
|
|
15863
|
+
17275 || SPECIFIC-THREATS Symantec Brightmail AntiSpam nested Zip handling denial of service attempt || bugtraq,14757 || url,ftp.symantec.com/public/english_us_canada/products/sba/sba_60x/updates/release_notes_p157.txt
|
|
15864
|
+
17276 || MISC Multiple vendor Antivirus magic byte detection evasion attempt || cve,2005-3370 || cve,2005-3371 || cve,2005-3372 || cve,2005-3373 || cve,2005-3374 || cve,2005-3375 || cve,2005-3376 || cve,2005-3377 || cve,2005-3378 || cve,2005-3379 || cve,2005-3380 || cve,2005-3381 || cve,2005-3382
|
|
15865
|
+
17277 || WEB-MISC Multiple vendor Antivirus magic byte detection evasion attempt || cve,2005-3370 || cve,2005-3371 || cve,2005-3372 || cve,2005-3373 || cve,2005-3374 || cve,2005-3375 || cve,2005-3376 || cve,2005-3377 || cve,2005-3378 || cve,2005-3379 || cve,2005-3380 || cve,2005-3381 || cve,2005-3382
|
|
15866
|
+
17278 || WEB-MISC Multiple vendor Antivirus magic byte detection evasion attempt || cve,2005-3370 || cve,2005-3371 || cve,2005-3372 || cve,2005-3373 || cve,2005-3374 || cve,2005-3375 || cve,2005-3376 || cve,2005-3377 || cve,2005-3378 || cve,2005-3379 || cve,2005-3380 || cve,2005-3381 || cve,2005-3382
|
|
15867
|
+
17279 || WEB-MISC Ipswitch Whatsup Small Business directory traversal attempt || bugtraq,15291 || cve,2005-1939
|
|
15868
|
+
17280 || WEB-MISC Ipswitch Whatsup Small Business directory traversal attempt || bugtraq,15291 || cve,2005-1939
|
|
15869
|
+
17281 || SPECIFIC-THREATS Panda Antivirus ZOO archive decompression buffer overflow attempt || cve,2005-3922
|
|
15870
|
+
17282 || MISC Panda Antivirus ZOO archive decompression buffer overflow attempt || cve,2005-3922
|
|
15871
|
+
17283 || SMTP Mercury Mail Transport System Buffer Overflow attempt || bugtraq,16396 || cve,2005-4411
|
|
15872
|
+
17284 || WEB-CLIENT Microsoft Office malformed routing slip code execution attempt || bugtraq,17000 || cve,2006-0009
|
|
15873
|
+
17285 || WEB-CLIENT Microsoft Powerpoint PPT file parsing memory corruption attempt || bugtraq,18993 || cve,2006-3656
|
|
15874
|
+
17286 || SPECIFIC-THREATS Microsoft Visual Basic for Applications document properties overflow attempt || bugtraq,19414 || cve,2006-3649
|
|
15875
|
+
17287 || IMAP Cisco IOS HTTP service HTML injection attempt || bugtraq,15602 || cve,2005-3921
|
|
15876
|
+
17288 || SPECIFIC-THREATS Adobe Acrobat font parsing integer overflow attempt || bugtraq,44203 || cve,2010-2862
|
|
15877
|
+
17289 || SPECIFIC-THREATS GNU gzip LZH decompression make_table overflow attempt || cve,2006-4335 || url,secunia.com/advisories/21996/
|
|
15878
|
+
17290 || WEB-CLIENT Quicktime Plug-In Security Bypass || bugtraq,20138 || cve,2006-4965
|
|
15879
|
+
17291 || POLICY base64-encoded uri data object found || url,tools.ietf.org/html/rfc2397
|
|
15880
|
+
17292 || WEB-CLIENT Microsoft Powerpoint malformed data record code execution attempt || bugtraq,20322 || cve,2006-3876
|
|
15881
|
+
17293 || ORACLE sdo_lrs.convert_to_lrs_layer buffer overflow attempt || bugtraq,20588 || cve,2006-5340
|
|
15882
|
+
17294 || DOS Microsoft Windows NAT Helper DNS query denial of service attempt || bugtraq,20804 || cve,2006-5614
|
|
15883
|
+
17295 || WEB-MISC Trend Micro OfficeScan Console authentication buffer overflow attempt || bugtraq,24641 || bugtraq,24935 || cve,2007-3454 || cve,2007-3455
|
|
15884
|
+
17296 || WEB-MISC Outlook Web Access XSRF attempt || cve,2010-3213 || url,www.microsoft.com/technet/security/advisory/2401593.mspx
|
|
15885
|
+
17297 || SPECIFIC-THREATS McAfee VirusScan on-access scanner long unicode filename handling buffer overflow attempt || bugtraq,23543 || url,knowledge.mcafee.com/SupportSite/dynamickc.do?externalId=612750&command=show&forward=nonthreadedKC
|
|
15886
|
+
17298 || MISC IBM Tivoli Monitoring Express Universal Agent Buffer Overflow || bugtraq,23558 || cve,2007-2137
|
|
15887
|
+
17299 || SPECIFIC-THREATS ISC BIND RRSIG query denial of service attempt || bugtraq,23738 || cve,2007-2241
|
|
15888
|
+
17301 || WEB-CLIENT Microsoft Word TextBox sub-document memory corruption attempt || bugtraq,23380 || cve,2007-1910
|
|
15889
|
+
17302 || DOS Linux kernel SCTP Unknown Chunk Types denial of service attempt || bugtraq,24376 || cve,2007-2876
|
|
15890
|
+
17303 || WEB-CLIENT Microsoft Internet Explorer clone object memory corruption attempt || bugtraq,26816 || cve,2007-3903
|
|
15891
|
+
17304 || WEB-CLIENT Microsoft Works file converter file section header index table stack overflow attempt || bugtraq,27658 || cve,2008-0105
|
|
15892
|
+
17305 || SPECIFIC-THREATS ClamAV libclamav PE file handling integer overflow attempt || cve,2008-0318
|
|
15893
|
+
17306 || SPECIFIC-THREATS Microsoft Malware Protection Engine file processing denial of service attempt || cve,2008-1437 || url,www.microsoft.com/technet/security/bulletin/MS08-029.mspx
|
|
15894
|
+
17307 || SPECIFIC-THREATS MS SQL Server INSERT Statement Buffer Overflow attempt || cve,2008-0106
|
|
15895
|
+
17308 || WEB-CLIENT Microsoft Word SmartTag record code execution attempt || bugtraq,30124 || cve,2008-2244
|
|
15896
|
+
17309 || SPECIFIC-THREATS CoolPlayer Playlist File Handling Buffer Overflow || bugtraq,30418 || cve,2008-3408
|
|
15897
|
+
17310 || SPECIFIC-THREATS Microsoft Powerpoint Viewer Memory Allocation Code Execution || bugtraq,30552 || cve,2008-0120
|
|
15898
|
+
17311 || SPECIFIC-THREATS Microsoft Internet Explorer CSS import cross-domain restriction bypass attempt || bugtraq,15660 || cve,2005-4089
|
|
15899
|
+
17312 || SPECIFIC-THREATS Microsoft Internet Explorer CSS import cross-domain restriction bypass attempt || bugtraq,15660 || cve,2005-4089
|
|
15900
|
+
17313 || ORACLE database server crafted view privelege escalation attempt || bugtraq,17246 || cve,2006-1705
|
|
15901
|
+
17314 || WEB-CLIENT OLE Document file download
|
|
15902
|
+
17315 || WEB-CLIENT OpenOffice OLE File Stream Buffer Overflow || bugtraq,28819 || cve,2008-0320
|
|
15903
|
+
17316 || WEB-CLIENT Microsoft Windows Folder GUID Code Execution attempt || bugtraq,19389 || cve,2006-3281
|
|
15904
|
+
17317 || SPECIFIC-THREATS OpenSSH sshd Identical Blocks DOS attempt || bugtraq,20216 || cve,2006-4924
|
|
15905
|
+
17318 || WEB-CLIENT Microsoft Powerpoint MCAtom remote code execution attempt || bugtraq,20495 || cve,2006-5296
|
|
15906
|
+
17319 || WEB-CLIENT Microsoft Powerpoint MCAtom remote code execution attempt || bugtraq,20495 || cve,2006-5296
|
|
15907
|
+
17320 || WEB-CLIENT Microsoft Powerpoint MCAtom remote code execution attempt || bugtraq,20495 || cve,2006-5296
|
|
15908
|
+
17321 || NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters name overflow attempt || bugtraq,25092 || cve,2007-6701 || url,support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5005400.html
|
|
15909
|
+
17322 || SHELLCODE x86 OS agnostic fnstenv geteip dword xor decoder
|
|
15910
|
+
17323 || SHELLCODE x86 OS agnostic fnstenv geteip dword xor decoder unescaped
|
|
15911
|
+
17324 || SHELLCODE x86 Linux reverse connect shellcode
|
|
15912
|
+
17325 || SHELLCODE x86 OS agnostic alpha numeric upper case decoder variant
|
|
15913
|
+
17326 || EXPLOIT Citrix Program Neighborhood Client buffer overflow attempt || bugtraq,15907 || cve,2005-3652
|
|
15914
|
+
17327 || IMAP Qualcomm WorldMail Server Response
|
|
15915
|
+
17328 || IMAP Qualcomm WorldMail IMAP Literal Token Parsing Buffer Overflow || bugtraq,15980 || cve,2005-4267
|
|
15916
|
+
17329 || FTP EPRT overflow attempt || bugtraq,15998 || cve,2005-4459
|
|
15917
|
+
17330 || WEB-CLIENT Microsoft Windows GRE WMF Handling Memory Read Exception attempt || bugtraq,16167 || cve,2006-0143
|
|
15918
|
+
17331 || POP3 Lotus Notes HTML Speed Reader Long URL buffer overflow attempt || bugtraq,16576 || cve,2005-2618
|
|
15919
|
+
17332 || SMTP Content-Disposition attachment
|
|
15920
|
+
17333 || SMTP Lotus Notes Attachment Viewer UUE file buffer overflow attempt || bugtraq,16576 || cve,2005-2618
|
|
15921
|
+
17334 || SPECIFIC-THREATS RealPlayer SWF Flash File buffer overflow attempt || bugtraq,17202 || cve,2006-0323
|
|
15922
|
+
17335 || SHELLCODE x86 OS agnostic fnstenv geteip byte xor decoder
|
|
15923
|
+
17336 || SHELLCODE x86 OS agnostic call geteip byte xor decoder
|
|
15924
|
+
17337 || SHELLCODE x86 Win32 export table enumeration variant
|
|
15925
|
+
17338 || SHELLCODE x86 Windows 32-bit SEH get EIP technique
|
|
15926
|
+
17339 || SHELLCODE x86 generic OS alpha numeric mixed case decoder
|
|
15927
|
+
17340 || SHELLCODE x86 OS agnostic alpha numeric upper case decoder
|
|
15928
|
+
17341 || SHELLCODE x86 OS agnostic alpha UTF8 tolower avoidance decoder
|
|
15929
|
+
17342 || SHELLCODE x86 OS agnostic unicode mixed case decoder
|
|
15930
|
+
17343 || SHELLCODE x86 OS agnostic unicode upper case decoder
|
|
15931
|
+
17344 || SHELLCODE x86 OS agnostic xor dword decoder
|
|
15932
|
+
17345 || SHELLCODE x86 OS agnostic dword additive feedback decoder
|
|
15933
|
+
17346 || SPECIFIC-THREATS IBM Lotus Notes Cross Site Scripting attempt || bugtraq,14164 || cve,2005-2175
|
|
15934
|
+
17347 || WEB-CLIENT Microsoft Windows Color Management Module buffer overflow attempt || bugtraq,14214 || cve,2005-1219
|
|
15935
|
+
17348 || WEB-CLIENT Microsoft Windows Color Management Module buffer overflow attempt || bugtraq,14214 || cve,2005-1219
|
|
15936
|
+
17349 || WEB-CLIENT Microsoft Windows Color Management Module buffer overflow attempt || bugtraq,14214 || cve,2005-1219
|
|
15937
|
+
17350 || ORACLE Application Server Forms Arbitrary System Command Execution Attempt || bugtraq,14319 || cve,2005-2372
|
|
15938
|
+
17351 || WEB-CLIENT Winamp ID3v2 Tag Handling Buffer Overflow attempt || bugtraq,14276 || cve,2005-2310
|
|
15939
|
+
17352 || EXPLOIT ClamAV CHM File Handling Integer Overflow attempt || bugtraq,14359 || cve,2005-2450
|
|
15940
|
+
17353 || EXPLOIT Sun Solaris printd Daemon Arbitrary File Deletion attempt || bugtraq,14510 || cve,2005-4797
|
|
15941
|
+
17354 || SPECIFIC-THREATS Apache Byte-Range Filter denial of service attempt || bugtraq,14660 || cve,2005-2728
|
|
15942
|
+
17355 || WEB-CLIENT Microsoft Internet Explorer JPEG Decoder Vulnerabilities attempt || bugtraq,14282 || cve,2005-2308
|
|
15943
|
+
17356 || EXPLOIT NOD32 Anti-Virus ARJ Archive Handling Buffer Overflow attempt || bugtraq,14773 || cve,2005-2903
|
|
15944
|
+
17357 || CHAT Gaim AIM-ICQ Protocol Handling Buffer Overflow attempt || bugtraq,14531 || cve,2005-2103
|
|
15945
|
+
17358 || EXPLOIT ClamAV UPX File Handling Buffer Overflow attempt || bugtraq,14866 || cve,2005-2920
|
|
15946
|
+
17359 || WEB-CLIENT xbm image file download request
|
|
15947
|
+
17360 || WEB-CLIENT Mozilla Firefox XBM image processing buffer overflow attempt || bugtraq,14916 || cve,2005-2701
|
|
15948
|
+
17361 || SPECIFIC-THREATS Adobe Acrobat Reader PDF Catalog Handling denial of service attempt || bugtraq,21910 || cve,2007-0104 || url,projects.info-pull.com/moab/MOAB-06-01-2007.html
|
|
15949
|
+
17362 || WEB-CLIENT Microsoft Excel IMDATA buffer overflow attempt || bugtraq,21856 || cve,2007-0027
|
|
15950
|
+
17363 || WEB-CLIENT Apple computer finder DMG volume name memory corruption || cve,2007-0197
|
|
15951
|
+
17364 || WEB-CLIENT Microsoft Help Workshop CNT Help contents
|
|
15952
|
+
17365 || WEB-CLIENT Microsoft Help Workshop CNT Help contents buffer overflow attempt || bugtraq,22100 || cve,2007-0352
|
|
15953
|
+
17366 || WEB-CLIENT Microsoft Help Workshop HPJ OPTIONS section buffer overflow attempt || bugtraq,22135 || cve,2007-0427
|
|
15954
|
+
17367 || FTP Microsoft Internet Explorer FTP Response Parsing Memory Corruption || bugtraq,22489 || cve,2007-0217
|
|
15955
|
+
17368 || WEB-CLIENT Microsoft Word document stream handling code execution attempt || bugtraq,25567 || cve,2007-0870
|
|
15956
|
+
17369 || IMAP MailEnable Service APPEND Command Handling Buffer Overflow || bugtraq,22792 || cve,2007-0494
|
|
15957
|
+
17370 || WEB-MISC Squid authentication headers handling denial of service attempt || bugtraq,14977 || cve,2005-2917
|
|
15958
|
+
17371 || WEB-MISC Squid authentication headers handling denial of service attempt || bugtraq,14977 || cve,2005-2917
|
|
15959
|
+
17372 || WEB-CLIENT Apple QuickTime udta atom parsing heap overflow vulnerability || bugtraq,22844 || cve,2007-0714
|
|
15960
|
+
17373 || SPECIFIC-THREATS QuickTime panorama atoms buffer overflow attempt || bugtraq,26342 || cve,2007-4675 || url,docs.info.apple.com/article.html?artnum=306896
|
|
15961
|
+
17374 || SPECIFIC-THREATS Microsoft Windows HLP File Handling heap overflow attempt || bugtraq,23382 || cve,2007-1912
|
|
15962
|
+
17375 || DELETED ORACLE dbms_snap_internal.delete_refresh_operations buffer overflow attempt || bugtraq,23532 || cve,2007-2126 || url,www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2007.html
|
|
15963
|
+
17376 || WEB-MISC IBM Lotus Expeditor cai URI handler command execution attempt || cve,2008-1965 || url,www-01.ibm.com/support/docview.wss?uid=swg21303813
|
|
15964
|
+
17377 || SPECIFIC-THREATS Microsoft excel Malformed Filter Records Handling Code Execution attempt || bugtraq,23780 || cve,2007-1214
|
|
15965
|
+
17378 || WEB-CLIENT Mozilla Firefox Animated PNG Processing integer overflow || cve,2008-4064
|
|
15966
|
+
17379 || WEB-CLIENT Mozilla Firefox Animated PNG Processing integer overflow || cve,2008-4064
|
|
15967
|
+
17380 || WEB-CLIENT PNG file download request
|
|
15968
|
+
17381 || SPECIFIC-THREATS Apple QuickTime PDAT Atom parsing buffer overflow attempt || cve,2008-3625 || url,support.apple.com/kb/HT3027
|
|
15969
|
+
17382 || SPECIFIC-THREATS Microsoft Project Invalid Memory Pointer Code Execution attempt || bugtraq,28607 || cve,2008-1088
|
|
15970
|
+
17383 || SPECIFIC-THREATS Microsoft Publisher Object Handler Validation Code Execution attempted || bugtraq,29158 || cve,2008-0119
|
|
15971
|
+
17384 || WEB-CLIENT Microsoft Internet Explorer setRequestHeader overflow attempt || bugtraq,28379 || cve,2008-1544
|
|
15972
|
+
17385 || WEB-CLIENT Microsoft Internet Explorer setRequestHeader overflow attempt || bugtraq,28379 || cve,2008-1544
|
|
15973
|
+
17386 || SPECIFIC-THREATS Lighttpd mod_fastcgi Extension CGI Variable Overwriting Vulnerability attempt || bugtraq,25622 || cve,2007-4727
|
|
15974
|
+
17387 || WEB-MISC Apache Tomcat allowLinking URIencoding directory traversal attempt || bugtraq,30633 || cve,2008-2938
|
|
15975
|
+
17388 || WEB-CLIENT OpenOffice EMF file EMR record parsing integer overflow attempt || cve,2008-2238 || url,www.openoffice.org/security/cves/CVE-2008-2238.html
|
|
15976
|
+
17389 || SPECIFIC-THREATS mozilla firefox DOMNodeRemoved attack attempt || bugtraq,18228 || cve,2006-2779
|
|
15977
|
+
17390 || DOS ClamAV Antivirus Function Denial of Service attempt || bugtraq,32555 || cve,2008-5314
|
|
15978
|
+
17391 || WEB-MISC Tomcat UNIX platform directory traversal || bugtraq,22960 || cve,2007-0450 || url,tomcat.apache.org/tomcat-6.0-doc/changelog.html
|
|
15979
|
+
17392 || SHELLCODE JavaScript var shellcode
|
|
15980
|
+
17393 || SHELLCODE JavaScript var heapspray
|
|
15981
|
+
17394 || WEB-CLIENT GIF file download request
|
|
15982
|
+
17395 || SPECIFIC-THREATS Sun Java Web Start Splashscreen GIF decoding buffer overflow attempt || cve,2008-2086
|
|
15983
|
+
17396 || EXPLOIT VNC client authentication response
|
|
15984
|
+
17397 || EXPLOIT VNCViewer Authenticate buffer overflow attempt || bugtraq,33568 || cve,2009-0388
|
|
15985
|
+
17398 || WEB-CLIENT Mozilla Firefox Javascript array.splice memory corruption attempt || bugtraq,33990 || cve,2009-0773
|
|
15986
|
+
17399 || WEB-CLIENT Mozilla Firefox Javascript array.splice memory corruption attempt || bugtraq,33990 || cve,2009-0773
|
|
15987
|
+
17400 || WEB-CLIENT rename of JavaScript unescape function - likely malware obfuscation
|
|
15988
|
+
17401 || SPECIFIC-THREATS Internet Explorer nested tag memory corruption attempt - unescaped || bugtraq,32721 || cve,2008-4844 || url,www.microsoft.com/technet/security/bulletin/ms08-078.mspx
|
|
15989
|
+
17402 || SPECIFIC-THREATS Internet Explorer nested tag memory corruption attempt || bugtraq,32721 || cve,2008-4844 || url,www.microsoft.com/technet/security/bulletin/ms08-078.mspx
|
|
15990
|
+
17403 || WEB-CLIENT OpenOffice RTF File parsing heap buffer overflow attempt || bugtraq,24450 || cve,2007-0245
|
|
15991
|
+
17404 || EXPLOIT Microsoft Word Converter XST structure buffer overflow attempt || cve,2008-4841 || url,www.microsoft.com/technet/security/bulletin/ms09-010.mspx
|
|
15992
|
+
17405 || EXPLOIT Microsoft Word Converter XST structure buffer overflow attempt || cve,2008-4841 || url,www.microsoft.com/technet/security/bulletin/ms09-010.mspx
|
|
15993
|
+
17406 || EXPLOIT Microsoft Word Converter XST structure buffer overflow attempt || cve,2008-4841 || url,www.microsoft.com/technet/security/bulletin/ms09-010.mspx
|
|
15994
|
+
17407 || WEB-CLIENT Windows help file download request || cve,2006-3357 || cve,2006-4138
|
|
15995
|
+
17408 || WEB-CLIENT Microsoft DirectX Targa image file heap overflow attempt || bugtraq,24963 || cve,2006-4183
|
|
15996
|
+
17409 || WEB-CLIENT Mozilla Products IDN Spoofing Vulnerability Attempt || bugtraq,12470 || cve,2005-0233
|
|
15997
|
+
17410 || WEB-MISC Generic HyperLink Buffer Overflow attempt || bugtraq,13045 || bugtraq,14195 || cve,2005-0057 || cve,2005-0986
|
|
15998
|
+
17411 || SPECIFIC-THREATS Microsoft Internet Explorer CDF cross-domain scripting attempt || bugtraq,12427 || cve,2005-0056 || url,www.microsoft.com/technet/security/bulletin/ms05-014.mspx
|
|
15999
|
+
17412 || MYSQL CREATE FUNCTION mysql.func Arbitrary Library Injection attempt || bugtraq,12781 || cve,2005-0710
|
|
16000
|
+
17413 || SPECIFIC-THREATS Microsoft Jet DB Engine Buffer Overflow attempt || bugtraq,12960 || cve,2005-0944
|
|
16001
|
+
17414 || SPECIFIC-THREATS Mozilla Firefox Javascript Engine Information Disclosure attempt || bugtraq,12998 || cve,2005-0989
|
|
16002
|
+
17415 || SPECIFIC-THREATS Mozilla Firefox Javascript Engine Information Disclosure attempt || bugtraq,12998 || cve,2005-0989
|
|
16003
|
+
17416 || ORACLE Database Intermedia Denial of Service Attempt || bugtraq,14935
|
|
16004
|
+
17417 || ORACLE Database Intermedia Denial of Service Attempt || bugtraq,14935
|
|
16005
|
+
17418 || ORACLE Oracle connection established
|
|
16006
|
+
17419 || ORACLE Oracle database SQL compiler read-only join auth bypass attempt || cve,2007-3855
|
|
16007
|
+
17420 || WEB-MISC Citrix Program Neighborhood Agent Arbitrary Shortcut Creation attempt || bugtraq,13379 || cve,2004-1077
|
|
16008
|
+
17421 || WEB-CLIENT Microsoft OLE automation string manipulation overflow attempt || bugtraq,25282 || cve,2007-2224
|
|
16009
|
+
17422 || SPECIFIC-THREATS Firefox defineSetter function pointer memory corruption attempt || bugtraq,35758 || cve,2009-2469
|
|
16010
|
+
17423 || WEB-MISC Citrix Program Neighborhood Agent Buffer Overflow attempt || bugtraq,13373 || cve,2004-1078
|
|
16011
|
+
17424 || SPECIFIC-THREATS Mozilla Firefox IconURL Arbitrary Javascript Execution attempt || bugtraq,13544 || cve,2005-1477
|
|
16012
|
+
17425 || SPECIFIC-THREATS RealPlayer ActiveX Import playlist name buffer overflow attempt || bugtraq,26130 || cve,2007-5601
|
|
16013
|
+
17426 || WEB-CLIENT RAT file download request
|
|
16014
|
+
17427 || SPECIFIC-THREATS Oracle database DBMS_Scheduler privilege escalation attempt || bugtraq,13509 || cve,2005-1496
|
|
16015
|
+
17430 || SPECIFIC-THREATS BitDefender Antivirus PDF processing memory corruption attempt || bugtraq,32396 || cve,2008-5409
|
|
16016
|
+
17431 || EXPLOIT Microsoft IIS SChannel improper certificate verification || cve,2009-0085 || url,www.microsoft.com/technet/security/bulletin/ms09-007.mspx
|
|
16017
|
+
17432 || WEB-MISC Squid Gopher protocol handling buffer overflow attempt || bugtraq,12276 || cve,2005-0094
|
|
16018
|
+
17433 || EXPLOIT Sun Solaris DHCP Client Arbitrary Code Execution attempt || bugtraq,14687 || cve,2005-2870
|
|
16019
|
+
17434 || WEB-CLIENT Mozilla Firefox Unicode sequence handling stack corruption attempt || bugtraq,14918 || cve,2005-2702
|
|
16020
|
+
17435 || NETBIOS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceList attempt || bugtraq,15065 || cve,2005-2120 || url,www.microsoft.com/technet/security/bulletin/ms05-047.mspx
|
|
16021
|
+
17436 || NETBIOS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceListSize attempt || bugtraq,15065 || cve,2005-2120 || url,www.microsoft.com/technet/security/bulletin/ms05-047.mspx
|
|
16022
|
+
17437 || NETBIOS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceList attempt || bugtraq,15065 || cve,2005-2120 || url,www.microsoft.com/technet/security/bulletin/ms05-047.mspx
|
|
16023
|
+
17438 || NETBIOS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceListSize attempt || bugtraq,15065 || cve,2005-2120 || url,www.microsoft.com/technet/security/bulletin/ms05-047.mspx
|
|
16024
|
+
17439 || EXPLOIT Microsoft Distributed Transaction Controller TIP DoS attempt || bugtraq,15058 || cve,2005-1979
|
|
16025
|
+
17440 || WEB-MISC RSA authentication agent for web redirect buffer overflow attempt || bugtraq,26424 || cve,2005-4734
|
|
16026
|
+
17441 || WEB-MISC .lnk file download attempt
|
|
16027
|
+
17442 || POLICY download of Windows .lnk file that executes cmd.exe detected || bugtraq,15069 || cve,2005-2122 || url,www.microsoft.com/technet/security/Bulletin/MS05-049.mspx
|
|
16028
|
+
17443 || WEB-CLIENT Microsoft DirectShow AVI decoder buffer overflow attempt || bugtraq,15063 || cve,2005-2128
|
|
16029
|
+
17444 || SPECIFIC-THREATS Firefox 3 xsl parsing heap overflow attempt || bugtraq,34235 || cve,2009-1169 || url,www.mozilla.org/security/announce/2009/mfsa2009-12.html
|
|
16030
|
+
17445 || SPECIFIC-THREATS Symantec Backup Exec System Recovery Manager unauthorized file upload attempt || cve,2008-0457 || url,seer.entsupport.symantec.com/docs/297171.htm
|
|
16031
|
+
17446 || SPECIFIC-THREATS Microsoft Internet Explorer FTP client directory traversal attempt || cve,2004-1376
|
|
16032
|
+
17447 || WEB-MISC 407 Proxy Authentication Required
|
|
16033
|
+
17448 || SPECIFIC-THREATS Microsoft Internet Explorer HTTPS proxy information disclosure vulnerability || cve,2005-2830 || url,www.microsoft.com/technet/security/Bulletin/MS05-054.mspx
|
|
16034
|
+
17449 || WEB-MISC Novell ZENworks patch management SQL injection attempt || bugtraq,15220 || cve,2005-3315
|
|
16035
|
+
17450 || WEB-MISC CommuniGate Systems CommuniGate Pro LDAP Server buffer overflow attempt || bugtraq,16407 || cve,2006-0468 || url,www.gleg.net/cg_advisory.txt
|
|
16036
|
+
17451 || DELETED WEB-MISC Sun Directory Server LDAP denial of service attempt || cve,2006-0647 || url,lists.immunitysec.com/pipermail/dailydave/2006-February/002914.html
|
|
16037
|
+
17452 || DELETED WEB-MISC Sun Directory Server LDAP denial of service attempt || cve,2006-0647 || url,lists.immunitysec.com/pipermail/dailydave/2006-February/002914.html
|
|
16038
|
+
17453 || DELETED WEB-MISC Sun Directory Server LDAP denial of service attempt || cve,2006-0647 || url,lists.immunitysec.com/pipermail/dailydave/2006-February/002914.html
|
|
16039
|
+
17454 || DELETED WEB-MISC Sun Directory Server LDAP denial of service attempt || cve,2006-0647 || url,lists.immunitysec.com/pipermail/dailydave/2006-February/002914.html
|
|
16040
|
+
17455 || DELETED WEB-MISC Sun Directory Server LDAP denial of service attempt || cve,2006-0647 || url,lists.immunitysec.com/pipermail/dailydave/2006-February/002914.html
|
|
16041
|
+
17456 || DELETED WEB-MISC Sun Directory Server LDAP denial of service attempt || cve,2006-0647 || url,lists.immunitysec.com/pipermail/dailydave/2006-February/002914.html
|
|
16042
|
+
17457 || WEB-CLIENT Macromedia Flash ActionDefineFunction memory access vulnerability exploit attempt || bugtraq,15334 || cve,2005-2628
|
|
16043
|
+
17458 || WEB-CLIENT BitDefender Internet Security script code execution attempt || cve,2009-0850
|
|
16044
|
+
17459 || WEB-CLIENT BitDefender Internet Security script code execution attempt || cve,2009-0850
|
|
16045
|
+
17460 || WEB-CLIENT BitDefender Internet Security script code execution attempt || cve,2009-0850
|
|
16046
|
+
17461 || SPECIFIC-THREATS RealNetworks RealPlayer zipped skin file buffer overflow attempt || bugtraq,15382 || cve,2005-2630
|
|
16047
|
+
17462 || WEB-CLIENT Microsoft Internet Explorer marquee object handling memory corruption attempt || cve,2009-0554 || url,www.microsoft.com/technet/security/bulletin/ms09-014.mspx
|
|
16048
|
+
17463 || SPECIFIC-THREATS Internet Explorer File Download Dialog Box Manipulation || bugtraq,15823 || cve,2005-2829 || url,www.microsoft.com/technet/security/Bulletin/MS05-054.mspx
|
|
16049
|
+
17464 || WEB-ACTIVEX AOL Radio AmpX ActiveX clsid access || bugtraq,26396 || cve,2007-5755
|
|
16050
|
+
17465 || WEB-ACTIVEX AOL Radio AmpX ActiveX clsid unicode access || bugtraq,26396 || cve,2007-5755
|
|
16051
|
+
17466 || SPECIFIC-THREATS IBM Lotus Domino Web Access 7 ActiveX exploit attempt || bugtraq,26972 || cve,2007-4474
|
|
16052
|
+
17467 || WEB-CLIENT Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt || bugtraq,25945 || cve,2007-3896 || url,www.microsoft.com/technet/security/advisory/943521.mspx || url,www.microsoft.com/technet/security/bulletin/ms07-057.mspx
|
|
16053
|
+
17468 || WEB-CLIENT Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt || bugtraq,25945 || cve,2007-3896 || url,www.microsoft.com/technet/security/advisory/943521.mspx || url,www.microsoft.com/technet/security/bulletin/ms07-057.mspx
|
|
16054
|
+
17469 || SPECIFIC-THREATS Mplayer Real Demuxer stream_read heap overflow attempt || bugtraq,31473 || cve,2008-3827
|
|
16055
|
+
17470 || SPECIFIC-THREATS Apple QuickTime STSD JPEG atom heap corruption attempt || bugtraq,33390 || cve,2009-0007
|
|
16056
|
+
17471 || SPECIFIC-THREATS Adobe Acrobat JavaScript getIcon method buffer overflow attempt || bugtraq,34169 || cve,2009-0927
|
|
16057
|
+
17472 || SPECIFIC-THREATS Adobe Acrobat JavaScript getIcon method buffer overflow attempt || bugtraq,34169 || cve,2009-0927
|
|
16058
|
+
17473 || ORACLE DBMS_CDC_SUBSCRIBE.EXTEND_WINDOW arbitrary command execution attempt || bugtraq,13236 || cve,2005-1197
|
|
16059
|
+
17474 || ORACLE DBMS_CDC_SUBSCRIBE.CREATE_SUBSCRIPTION arbitrary command execution attempt || bugtraq,13236 || cve,2005-1197
|
|
16060
|
+
17475 || ORACLE DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION arbitrary command execution attempt || bugtraq,13236 || cve,2005-1197
|
|
16061
|
+
17476 || ORACLE DBMS_CDC_SUBSCRIBE.PURGE_WINDOW arbitrary command execution attempt || bugtraq,13236 || cve,2005-1197
|
|
16062
|
+
17477 || ORACLE DBMS_CDC_SUBSCRIBE.DROP_SUBSCRIPTION arbitrary command execution attempt || bugtraq,13236 || cve,2005-1197
|
|
16063
|
+
17478 || ORACLE DBMS_CDC_SUBSCRIBE.SUBSCRIBE arbitrary command execution attempt || bugtraq,13236 || cve,2005-1197
|
|
16064
|
+
17479 || ORACLE DBMS_CDC_ISUBSCRIBE.SUBSCRIBE arbitrary command execution attempt || bugtraq,13236 || cve,2005-1197
|
|
16065
|
+
17480 || ORACLE DBMS_CDC_ISUBSCRIBE.CREATE_SUBSCRIPTION arbitrary command execution attempt || bugtraq,13236 || cve,2005-1197
|
|
16066
|
+
17481 || SPECIFIC-THREATS Microsoft Exchange and Outlook TNEF Decoding Integer Overflow attempt || bugtraq,16197 || cve,2006-0002
|
|
16067
|
+
17482 || WEB-CLIENT Mozilla NNTP URL Handling Buffer Overflow attempt || bugtraq,12131 || cve,2004-1316
|
|
16068
|
+
17483 || DNS squid proxy dns A record response denial of service attempt || bugtraq,12551 || cve,2005-0446
|
|
16069
|
+
17484 || DNS squid proxy dns PTR record response denial of service attempt || bugtraq,12551 || cve,2005-0446
|
|
16070
|
+
17485 || DNS Symantec Gateway products DNS cache poisoning attempt || cve,2005-0817
|
|
16071
|
+
17486 || WEB-MISC Trend Micro Control Manager Chunked overflow attempt || bugtraq,15865 || cve,2005-1929
|
|
16072
|
+
17487 || WEB-CLIENT Microsoft Internet Explorer Script Engine Stack Exhaustion Denial of Service attempt || bugtraq,16687 || cve,2006-0753
|
|
16073
|
+
17488 || SPECIFIC-THREATS Excel Malformed Range Code Execution attempt || bugtraq,15780 || cve,2005-4131
|
|
16074
|
+
17489 || SPECIFIC-THREATS Microsoft Windows Help File Heap Buffer Overflow attempt || bugtraq,17325 || cve,2006-1591
|
|
16075
|
+
17490 || SPECIFIC-THREATS Microsoft Windows itss.dll CHM File Handling Heap Corruption attempt || bugtraq,17926 || cve,2006-2297
|
|
16076
|
+
17491 || SPECIFIC-THREATS Microsoft Word mso.dll LsCreateLine Memory Corruption || bugtraq,18905 || cve,2006-3493
|
|
16077
|
+
17492 || SPECIFIC-THREATS Microsoft Excel Malformed SELECTION Record Code Execution attempt || bugtraq,18853 || cve,2006-1301
|
|
16078
|
+
17493 || SPECIFIC-THREATS ClamAV UPX FileHandling Heap overflow attempt || bugtraq,19381 || cve,2006-4018
|
|
16079
|
+
17494 || WEB-CLIENT Microsoft Internet Explorer Long URL Buffer Overflow attempt || bugtraq,19667 || cve,2006-3869
|
|
16080
|
+
17495 || SPECIFIC-THREATS Squid proxy DNS response spoofing attempt || bugtraq,13592 || cve,2005-1519
|
|
16081
|
+
17496 || WEB-CLIENT Microsoft Powerpoint malformed NamedShows record code execution attempt || bugtraq,20226 || cve,2006-4694
|
|
16082
|
+
17497 || WEB-CLIENT Microsoft Powerpoint malformed NamedShows record code execution attempt || bugtraq,20226 || cve,2006-4694
|
|
16083
|
+
17498 || WEB-MISC Tomcat UNIX platform directory traversal || bugtraq,22960 || cve,2007-0450 || url,tomcat.apache.org/tomcat-6.0-doc/changelog.html
|
|
16084
|
+
17499 || WEB-MISC Tomcat UNIX platform directory traversal || bugtraq,22960 || cve,2007-0450 || url,tomcat.apache.org/tomcat-6.0-doc/changelog.html
|
|
16085
|
+
17500 || WEB-MISC Tomcat UNIX platform directory traversal || bugtraq,22960 || cve,2007-0450 || url,tomcat.apache.org/tomcat-6.0-doc/changelog.html
|
|
16086
|
+
17501 || WEB-MISC Tomcat UNIX platform directory traversal || bugtraq,22960 || cve,2007-0450 || url,tomcat.apache.org/tomcat-6.0-doc/changelog.html
|
|
16087
|
+
17502 || WEB-MISC Tomcat UNIX platform directory traversal || bugtraq,22960 || cve,2007-0450 || url,tomcat.apache.org/tomcat-6.0-doc/changelog.html
|
|
16088
|
+
17503 || IMAP MailEnable IMAP Service Invalid Command Buffer Overlow LOGIN || bugtraq,21252
|
|
16089
|
+
17504 || EXPLOIT Novell ZENworks Asset Management buffer overflow attempt || bugtraq,21395 || cve,2006-6299
|
|
16090
|
+
17505 || WEB-CLIENT Microsoft Word formatted disk pages table memory corruption attempt || bugtraq,21589 || cve,2006-6561
|
|
16091
|
+
17506 || WEB-CLIENT Microsoft Word formatted disk pages table memory corruption attempt || bugtraq,21589 || cve,2006-6561
|
|
16092
|
+
17507 || WEB-CLIENT Microsoft Word formatted disk pages table memory corruption attempt || bugtraq,21589 || cve,2006-6561
|
|
16093
|
+
17508 || WEB-MISC Microsoft .NET Application download attempt || bugtraq,21688 || cve,2006-6696
|
|
16094
|
+
17509 || WEB-MISC Microsoft .NET Manifest download attempt || bugtraq,21688 || cve,2006-6696
|
|
16095
|
+
17510 || WEB-MISC Microsoft .NET Deploy download attempt || bugtraq,21688 || cve,2006-6696
|
|
16096
|
+
17511 || WEB-CLIENT Excel malformed Graphic Code Execution || bugtraq,16181 || cve,2006-0030
|
|
16097
|
+
17512 || WEB-CLIENT Microsoft Internet Explorer Script Action Handler buffer overflow attempt || bugtraq,17131 || cve,2006-1245
|
|
16098
|
+
17513 || WEB-CLIENT Microsoft Internet Explorer Script Action Handler buffer overflow attempt || bugtraq,17131 || cve,2006-1245
|
|
16099
|
+
17514 || WEB-CLIENT Microsoft Internet Explorer Script Action Handler buffer overflow attempt || bugtraq,17131 || cve,2006-1245
|
|
16100
|
+
17515 || WEB-CLIENT Microsoft Internet Explorer Script Action Handler buffer overflow attempt || bugtraq,17131 || cve,2006-1245
|
|
16101
|
+
17516 || WEB-CLIENT Microsoft Internet Explorer Script Action Handler buffer overflow attempt || bugtraq,17131 || cve,2006-1245
|
|
16102
|
+
17517 || WEB-CLIENT excel Malformed Record Code Execution attempt || bugtraq,17101 || cve,2006-0031
|
|
16103
|
+
17518 || FTP FlashGet PWD command stack buffer overflow attempt || bugtraq,30685 || cve,2008-4321
|
|
16104
|
+
17519 || SPECIFIC-THREATS Mozilla Firefox UTF-8 URL Handling Stack Buffer Overflow || bugtraq,31346 || cve,2008-0016
|
|
16105
|
+
17520 || EXPLOIT CA ARCserve Backup DB Engine Denial of Service || bugtraq,31684 || cve,2008-4399
|
|
16106
|
+
17521 || SPECIFIC-THREATS GoodTech SSH Server SFTP Processing Buffer Overflow || bugtraq,31879 || cve,2008-4726
|
|
16107
|
+
17522 || SPECIFIC-THREATS Sun Java Runtime Environment Pack200 Decompression Integer Overflow || bugtraq,31879 || cve,2008-4726
|
|
16108
|
+
17523 || SPECIFIC-THREATS Apple QuickTime H.264 Movie File Buffer Overflow || bugtraq,36328 || cve,2009-2799
|
|
16109
|
+
17524 || SPECIFIC-THREATS Fujitsu SystemcastWizard Lite PXEService UDP Handling Buffer Overflow || bugtraq,33342 || cve,2009-0270
|
|
16110
|
+
17525 || SPECIFIC-THREATS Microsoft IIS 5.0 WebDav Request Directory Security Bypass || bugtraq,35232 || cve,2009-1122
|
|
16111
|
+
17526 || SPECIFIC-THREATS Adobe Acrobat and Adobe Reader U3D RHAdobeMeta Buffer Overflow || bugtraq,35282 || cve,2009-1855
|
|
16112
|
+
17527 || SPECIFIC-THREATS VideoLAN VLC Media Player MP4_BoxDumpStructure Buffer Overflow || bugtraq,35232 || cve,2009-1122
|
|
16113
|
+
17528 || SPECIFIC-THREATS nginx URI parsing buffer overflow attempt || bugtraq,36384 || cve,2009-2629
|
|
16114
|
+
17529 || SPECIFIC-THREATS Adobe RoboHelp Server Arbitrary File Upload and Execute || bugtraq,35282 || cve,2009-1855
|
|
16115
|
+
17530 || SPECIFIC-THREATS HP OpenView Storage Data Protector Stack Buffer Overflow || cve,2007-2280 || cve,2007-2881
|
|
16116
|
+
17531 || SPECIFIC-THREATS Apple Quicktime MOV File JVTCompEncodeFrame Heap Overflow || bugtraq,23650 || cve,2007-2295
|
|
16117
|
+
17532 || SPECIFIC-THREATS Microsoft Excel TXO and OBJ Records Parsing Stack Memory Corruption || bugtraq,32618 || cve,2008-4265
|
|
16118
|
+
17533 || WEB-MISC Apache Struts Information Disclosure Attempt || bugtraq,32104 || cve,2008-6505
|
|
16119
|
+
17534 || MISC IPP Application Content
|
|
16120
|
+
17535 || MISC Apple CUPS Text to PostScript Filter Integer Overflow attempt || bugtraq,31690 || cve,2008-3640
|
|
16121
|
+
17536 || WEB-MISC Free Download Manager Remote Control Server HTTP Auth Header buffer overflow attempt || bugtraq,33554 || cve,2009-0183
|
|
16122
|
+
17537 || SPECIFIC-THREATS Microsoft Excel Unspecified Null Page Name Memory Corruption Attempt || bugtraq,15926 || cve,2006-0031
|
|
16123
|
+
17538 || SPECIFIC-THREATS Microsoft Excel Unspecified Page Name Memory Corruption Attempt || bugtraq,15926 || cve,2006-0031
|
|
16124
|
+
17539 || SPECIFIC-THREATS Microsoft Excel Unspecified Grafic Pointer Memory Corruption Attempt || bugtraq,15926 || cve,2006-0030
|
|
16125
|
+
17540 || WEB-CLIENT LZH file download
|
|
16126
|
+
17541 || SPECIFIC-THREATS Avast! Antivirus Engine Remote LHA buffer overflow attempt || bugtraq,19903 || cve,2006-4626
|
|
16127
|
+
17542 || SPECIFIC-THREATS Excel MalformedPalete Record Memory Corruption attempt || bugtraq,21922 || cve,2007-0031
|
|
16128
|
+
17543 || WEB-CLIENT Excel Column Record Handling Memory Corruption attempt || bugtraq,21925 || cve,2007-0030
|
|
16129
|
+
17544 || SPECIFIC-THREATS Wireshark LWRES Dissector getaddrsbyname buffer overflow attempt || bugtraq,37985 || cve,2010-0304
|
|
16130
|
+
17545 || WEB-ACTIVEX Lotus Domino Web Access ActiveX Controls buffer overflow attempt || bugtraq,38457 || url,www-01.ibm.com/support/docview.wss?uid=swg21421808
|
|
16131
|
+
17546 || POLICY Microsoft Media Player compressed skin download - .wmd || bugtraq,25305 || cve,2007-3037 || url,www.microsoft.com/technet/security/Bulletin/MS07-047.mspx
|
|
16132
|
+
17547 || WEB-CLIENT Apple Quicktime SMIL transfer
|
|
16133
|
+
17548 || WEB-CLIENT Apple Quicktime SMIL File Handling Integer Overflow attempt || bugtraq,24873 || cve,2007-2394
|
|
16134
|
+
17549 || SPECIFIC-THREATS Internet Explorer Error Handling Code Execution || bugtraq,25916 || cve,2007-3892
|
|
16135
|
+
17550 || SPECIFIC-THREATS Microsoft Word Font Parsing Buffer Overflow attempt || bugtraq,14216 || cve,2005-0564
|
|
16136
|
+
17551 || CHAT MSN Messenger and Windows Live Messenger Code Execution attempt || bugtraq,25461 || cve,2007-2931
|
|
16137
|
+
17552 || WEB-CLIENT Adobe Pagemaker file request
|
|
16138
|
+
17553 || SPECIFIC-THREATS Adobe Pagemaker Font Name Buffer Overflow attempt || bugtraq,25989 || cve,2007-5169
|
|
16139
|
+
17554 || SPECIFIC-THREATS Microsoft Internet Explorer DOM object cache management memory corruption attempt || bugtraq,26817 || cve,2007-5344
|
|
16140
|
+
17555 || SPECIFIC-THREATS Macrovision InstallShield Update Service ActiveX exploit attempt || bugtraq,26280 || bugtraq,31235 || cve,2007-5660 || url,support.installshield.com/kb/view.asp?articleid=Q113602
|
|
16141
|
+
17556 || SPECIFIC-THREATS Firebird database invalid state memory corruption || bugtraq,27403 || cve,2008-0387
|
|
16142
|
+
17557 || WEB-ACTIVEX Novell iPrint ActiveX operation parameter overflow || bugtraq,27939 || bugtraq,29736 || bugtraq,30813 || bugtraq,30986 || cve,2008-0935 || cve,2008-2431 || cve,2008-2432 || cve,2008-2908 || url,secunia.com/advisories/40782 || url,support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5028061.html
|
|
16143
|
+
17558 || SPECIFIC-THREATS CUPS Gif Decoding Routine Buffer Overflow attempt || bugtraq,28544 || cve,2008-1373
|
|
16144
|
+
17559 || SPECIFIC-THREATS IBM Lotus Notes Applix Graphics Parsing Buffer Overflow || bugtraq,28454 || cve,2007-5405
|
|
16145
|
+
17560 || SPECIFIC-THREATS Microsoft Word Global Array Index Heap Overflow attempt || bugtraq,32583 || cve,2008-4026
|
|
16146
|
+
17561 || SPECIFIC-THREATS RealNetworks RealPlayer IVR Overly Long Filename Code Execution attempt || bugtraq,33652 || cve,2009-0375
|
|
16147
|
+
17562 || SPECIFIC-THREATS Sun Java Runtime Environment Pack200 Decompression Integer Overflow attempt || bugtraq,32608 || cve,2008-5352
|
|
16148
|
+
17563 || SPECIFIC-THREATS Sun Java Runtime Environment JAR File Processing Stack Buffer Overflow || bugtraq,32608 || cve,2008-5354
|
|
16149
|
+
17564 || WEB-IIS WebDAV Request Directory Security Bypass attempt || bugtraq,34993 || cve,2009-1535
|
|
16150
|
+
17565 || SPECIFIC-THREATS Microsoft Office PowerPoint PP7 File Handling Memory Corruption attempt || bugtraq,34880 || cve,2009-0225
|
|
16151
|
+
17566 || SPECIFIC-THREATS Microsoft Internet Explorer 7 Event Handler Memory Corruption || bugtraq,35224 || cve,2009-1530
|
|
16152
|
+
17567 || SPECIFIC-THREATS LANDesk Management Suite Alerting Service buffer overflow || bugtraq,23483 || cve,2007-1674
|
|
16153
|
+
17568 || WEB-MISC Microsoft Office XP URL Handling Buffer Overflow attempt || bugtraq,12480 || cve,2004-0848
|
|
16154
|
+
17569 || EXPLOIT BEA Weblogic Admin Console Cross Site Scripting Vulnerability attempt || bugtraq,13793 || cve,2005-1747
|
|
16155
|
+
17570 || SPECIFIC-THREATS Mozilla Firefox IFRAME style change handling code execution || bugtraq,28448 || cve,2008-1236 || url,secunia.com/advisories/29526 || url,www.mozilla.org/security/announce/2008/mfsa2008-15.html
|
|
16156
|
+
17571 || WEB-ACTIVEX obfuscated instantiation of ActiveX object - likely malicious || cve,2008-3558
|
|
16157
|
+
17572 || WEB-CLIENT Microsoft XML Core Services cross-site information disclosure attempt || bugtraq,32155 || cve,2008-4029 || url,www.microsoft.com/technet/security/Bulletin/MS08-069.mspx
|
|
16158
|
+
17573 || WEB-CLIENT ffdshow codec URL parsing buffer overflow attempt || bugtraq,32438 || cve,2008-5381
|
|
16159
|
+
17574 || SPECIFIC-THREATS Sophos Anti-Virus Visio File Parsing Buffer Overflow attempt || bugtraq,14362 || cve,2005-2768
|
|
16160
|
+
17575 || WEB-ACTIVEX SizerOne 2 ActiveX clsid access || bugtraq,33148 || cve,2008-4827
|
|
16161
|
+
17576 || WEB-ACTIVEX SizerOne 2 ActiveX clsid unicode access || bugtraq,33148 || cve,2008-4827
|
|
16162
|
+
17577 || POLICY CA BightStor ARCserver Backup possible insecure method attempt || cve,2007-5328 || url,secunia.com/advisories/27192/
|
|
16163
|
+
17578 || SPECIFIC-THREATS Microsoft Word Section Table Array Buffer Overflow attempt || bugtraq,22225 || cve,2007-0515
|
|
16164
|
+
17579 || SPECIFIC-THREATS Microsoft Office Drawing Record msofbtOPT Code Execution attempt || bugtraq,22383 || cve,2007-0671
|
|
16165
|
+
17580 || SPECIFIC-THREATS Microsoft Internet Explorer span tag memory corruption attempt || bugtraq,17468 || cve,2006-1188
|
|
16166
|
+
17581 || SPECIFIC-THREATS Mozilla Firefox tag order memory corruption attempt || bugtraq,17516 || cve,2006-0749
|
|
16167
|
+
17582 || WEB-ACTIVEX Symantec Norton AntiVirus CcErrDisp ActiveX function call access || bugtraq,12175
|
|
16168
|
+
17583 || WEB-ACTIVEX Symantec Norton AntiVirus CcErrDisp ActiveX function call unicode access || bugtraq,12175
|
|
16169
|
+
17584 || ORACLE UTL_FILE directory traversal attempt || bugtraq,12749 || cve,2005-0701
|
|
16170
|
+
17585 || SPECIFIC-THREATS Internet Explorer possible javascript onunload event memory corruption || bugtraq,22678 || cve,2007-1094
|
|
16171
|
+
17586 || WEB-CLIENT Sun Java Web Start malicious parameter value || bugtraq,11726 || cve,2004-1029
|
|
16172
|
+
17587 || SPECIFIC-THREATS AcroPDF.PDF ActiveX exploit attempt || bugtraq,12989 || bugtraq,21155 || cve,2005-0035 || cve,2006-6027 || url,www.adobe.com/support/security/advisories/apsa06-02.html
|
|
16173
|
+
17588 || WEB-ACTIVEX Microsoft Internet Explorer Install Engine ActiveX clsid access || bugtraq,11366 || cve,2004-0216 || url,www.microsoft.com/technet/security/Bulletin/MS04-038.mspx
|
|
16174
|
+
17589 || WEB-ACTIVEX Microsoft Internet Explorer Install Engine ActiveX clsid unicode access || bugtraq,11366 || cve,2004-0216 || url,www.microsoft.com/technet/security/Bulletin/MS04-038.mspx
|
|
16175
|
+
17590 || ORACLE DBMS_ASSERT.simple_sql_name double quote SQL injection attempt || bugtraq,19203
|
|
16176
|
+
17591 || WEB-CLIENT Microsoft Word Crafted Sprm memory corruption attempt || bugtraq,32584 || cve,2008-4837
|
|
16177
|
+
17592 || WEB-ACTIVEX Microsoft MyInfo.dll ActiveX clsid access || bugtraq,19636 || cve,2006-4495 || url,www.xsec.org/index.php?module=Releases&act=view&type=1&id=16
|
|
16178
|
+
17593 || WEB-ACTIVEX Microsoft msdxm.ocx ActiveX clsid access || bugtraq,19636 || cve,2006-4495 || url,www.xsec.org/index.php?module=Releases&act=view&type=1&id=16
|
|
16179
|
+
17594 || WEB-ACTIVEX Microsoft creator.dll 1 ActiveX clsid access || bugtraq,19636 || cve,2006-4495 || url,www.xsec.org/index.php?module=Releases&act=view&type=1&id=16
|
|
16180
|
+
17595 || WEB-ACTIVEX Microsoft creator.dll 2 ActiveX clsid access || bugtraq,19636 || cve,2006-4495 || url,www.xsec.org/index.php?module=Releases&act=view&type=1&id=16
|
|
16181
|
+
17596 || WEB-ACTIVEX Microsoft ciodm.dll ActiveX clsid access || bugtraq,19636 || cve,2006-4495 || url,www.xsec.org/index.php?module=Releases&act=view&type=1&id=16
|
|
16182
|
+
17597 || WEB-PHP TikiWiki jhot.php script file upload attempt || bugtraq,19819 || url,tikiwiki.org/tiki-read_article.php?articleid=136
|
|
16183
|
+
17598 || SPECIFIC-THREATS IBM DB2 Universal Database accsec command without rdbnam || bugtraq,19586 || cve,2006-4257
|
|
16184
|
+
17599 || SPECIFIC-THREATS IBM DB2 Universal Database rdbname denial of service attempt || bugtraq,19586 || cve,2006-4257
|
|
16185
|
+
17600 || WEB-CLIENT .xul document retrieval
|
|
16186
|
+
17601 || WEB-CLIENT Mozilla Firefox file type memory corruption attempt || bugtraq,32281 || cve,2008-5016 || url,www.mozilla.org/security/announce/2008/mfsa2008-52.html
|
|
16187
|
+
17602 || WEB-CLIENT ClamAV antivirus CHM file handling denial of service || bugtraq,30994 || cve,2008-1389 || url,sourceforge.net/project/shownotes.php?group_id=86638&release_id=623661
|
|
16188
|
+
17603 || WEB-CLIENT Mozilla Firefox file type memory corruption attempt || bugtraq,32281 || cve,2008-5021 || url,www.mozilla.org/security/announce/2008/mfsa2008-55.html
|
|
16189
|
+
17604 || SPECIFIC-THREATS Java AWT ConvolveOp memory corruption attempt || bugtraq,21675 || url,sunsolve.sun.com/search/document.do?assetkey=1-26-102729-1
|
|
16190
|
+
17605 || WEB-CGI Trend Micro OfficeScan CGI password decryption buffer overflow attempt || bugtraq,28020 || cve,2008-1365 || url,secunia.com/advisories/29124
|
|
16191
|
+
17606 || SPECIFIC-THREATS Adobe Flash ASnative command execution attempt || bugtraq,32896 || cve,2008-5499 || url,www.adobe.com/support/security/bulletins/apsb08-24.html
|
|
16192
|
+
17607 || SPECIFIC-THREATS Xi Software Net Transport eDonkey Protocol Buffer Overflow attempt || bugtraq,40617
|
|
16193
|
+
17609 || WEB-MISC Sun Java Web Server Webdav Stack Buffer Overflow attempt || bugtraq,37874 || cve,2010-0361
|
|
16194
|
+
17610 || WEB-CLIENT GStreamer QuickTime file parsing multiple heap overflow attempt || bugtraq,33405 || cve,2009-0398
|
|
16195
|
+
17611 || WEB-CLIENT GStreamer QuickTime file parsing multiple heap overflow attempt || bugtraq,33405 || cve,2009-0398
|
|
16196
|
+
17612 || WEB-CLIENT GStreamer QuickTime file parsing multiple heap overflow attempt || bugtraq,33405 || cve,2009-0398
|
|
16197
|
+
17613 || WEB-MISC Mozilla Firefox browser engine memory corruption attempt || bugtraq,35326 || cve,2009-1392
|
|
16198
|
+
17614 || WEB-ACTIVEX SAP GUI SAPBExCommonResources ActiveX clsid access || url,securitytracker.com/alerts/2010/Mar/1023760.html
|
|
16199
|
+
17615 || WEB-ACTIVEX SAP GUI SAPBExCommonResources ActiveX clsid unicode access || url,securitytracker.com/alerts/2010/Mar/1023760.html
|
|
16200
|
+
17616 || WEB-ACTIVEX SAP GUI SAPBExCommonResources ActiveX function call access || url,securitytracker.com/alerts/2010/Mar/1023760.html
|
|
16201
|
+
17617 || WEB-ACTIVEX SAP GUI SAPBExCommonResources ActiveX function call unicode access || url,securitytracker.com/alerts/2010/Mar/1023760.html
|
|
16202
|
+
17618 || SPECIFIC-THREATS Microsoft Windows hraphics engine EMF rendering vulnerability || bugtraq,15352 || cve,2005-2123
|
|
16203
|
+
17619 || ORACLE database server crafted view privelege escalation attempt || bugtraq,17246 || cve,2006-1705
|
|
16204
|
+
17620 || SPECIFIC-THREATS Products Discovery Service Buffer Overflow || bugtraq,20364 || cve,2006-5143
|
|
16205
|
+
17621 || SPECIFIC-THREATS Products Discovery Service Buffer Overflow || bugtraq,20364 || cve,2006-5143
|
|
16206
|
+
17622 || SPECIFIC-THREATS Microsoft Internet Explorer object reference memory corruption attempt || cve,2007-3902 || url,www.securityfocus.com/bid/26506
|
|
16207
|
+
17623 || SPECIFIC-THREATS Sun Java Runtime Environment Type1 Font parsing integer overflow attempt || bugtraq,34240 || cve,2009-1099
|
|
16208
|
+
17624 || SPECIFIC-THREATS Sun Java Runtime Environment Type1 Font parsing integer overflow attempt || bugtraq,34240 || cve,2009-1099
|
|
16209
|
+
17625 || ORACLE Oracle Database Core RDBMS component denial of service attempt || bugtraq,26108 || cve,2007-5530
|
|
16210
|
+
17626 || SPECIFIC-THREATS Microsoft Windows embedded web font handling buffer overflow attempt || bugtraq,16194 || cve,2006-0010
|
|
16211
|
+
17627 || DELETED POLICY Possible Microsoft telnet NTLM reflection attempt || cve,2000-0834 || cve,2009-1930 || url,secunia.com/advisories/36222/
|
|
16212
|
+
17628 || SPECIFIC-THREATS Sun Microsystems Java gif handling memory corruption attempt || bugtraq,22085 || cve,2007-0243
|
|
16213
|
+
17629 || WEB-CLIENT Mozilla Firefox Chrome Page Loading Restriction Bypass attempt || bugtraq,14920 || cve,2005-2706
|
|
16214
|
+
17630 || WEB-CLIENT Mozilla multiple products CSSValue array memory corruption attempt || bugtraq,29802 || cve,2008-2785
|
|
16215
|
+
17631 || WEB-CLIENT Sun Java Web Start JNLP java-vm-args buffer overflow attempt || bugtraq,30148 || cve,2008-3111
|
|
16216
|
+
17633 || WEB-CLIENT RealNetworks RealPlayer SWF frame handling buffer overflow attempt || bugtraq,30370 || cve,2007-5400
|
|
16217
|
+
17634 || NETBIOS DCERPC NCACN-IP-TCPbrightstor-arc function 0 little endian object call overflow attempt || cve,2008-4398 || url,support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143
|
|
16218
|
+
17635 || NETBIOS DCERPC NCACN-IP-TCPbrightstor-arc function 0 little endian overflow attempt || cve,2008-4398 || url,support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143
|
|
16219
|
+
17636 || NETBIOS DCERPC NCACN-IP-TCPbrightstor-arc function 0 object call overflow attempt || cve,2008-4398 || url,support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143
|
|
16220
|
+
17637 || NETBIOS DCERPC NCACN-IP-TCPbrightstor-arc function 0 overflow attempt || cve,2008-4398 || url,support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143
|
|
16221
|
+
17638 || Oracle Secure Backup Administration Server login.php Cookies Command Injection attempt || bugtraq,33177 || cve,2008-4006
|
|
16222
|
+
17639 || NETBIOS Samba Root File System access bypass attempt || bugtraq,33118 || cve,2009-0022
|
|
16223
|
+
17640 || NETBIOS DCERPC NCACN-IP-TCP brightstor opnum 43 overflow attempt || bugtraq,22005 || cve,2007-0169 || url,www.kb.cert.org/vuls/id/180336
|
|
16224
|
+
17641 || SPECIFIC-THREATS CUPS and Xpdf JBIG2 symbol dictionary buffer overflow attempt || cve,2009-0195 || url,www.cups.org/str.php?L3129
|
|
16225
|
+
17642 || WEB-CLIENT Mozilla Firefox ConstructFrame with floating first-letter memory corruption attempt || bugtraq,35765 || cve,2009-2462
|
|
16226
|
+
17643 || EXPLOIT CA BrightStor ARCServe logger servie null-pointer dereference attempt || cve,2007-2772
|
|
16227
|
+
17644 || SPECIFIC-THREATS Internet Explorer object clone deletion memory corruption attempt || cve,2009-0075 || url,www.microsoft.com/technet/security/bulletin/MS09-002.mspx
|
|
16228
|
+
17645 || WEB-CLIENT Microsoft Internet Explorer CSS strings parsing memory corruption attempt || cve,2007-0943 || url,www.microsoft.com/technet/security/bulletin/ms07-045.mspx
|
|
16229
|
+
17646 || WEB-CLIENT Microsoft Powerpoint Legacy file format picture object code execution attempt || bugtraq,34834 || cve,2009-0223
|
|
16230
|
+
17648 || WEB-IIS source code disclosure attempt || bugtraq,14764
|
|
16231
|
+
17649 || WEB-CLIENT Microsoft Word array data handling buffer overflow attempt || bugtraq,23804 || cve,2007-0035
|
|
16232
|
+
17650 || SPECIFIC-THREATS Adobe Pagemaker Key Strings Stack Buffer Overflow attempt || bugtraq,31999 || cve,2007-6432
|
|
16233
|
+
17651 || SPECIFIC-THREATS Multiple AV vendor invalid archive checksum bypass attempt || bugtraq,12771 || url,archives.neohapsis.com/archives/fulldisclosure/2005-03/0207.html
|
|
16234
|
+
17652 || WEB-MISC Microsoft IIS source code disclosure attempt || cve,2005-2678 || url,secunia.com/advisories/16548
|
|
16235
|
+
17653 || WEB-MISC Microsoft IIS source code disclosure attempt || cve,2005-2678 || url,secunia.com/advisories/16548
|
|
16236
|
+
17654 || SPECIFIC-THREATS Facebook Photo Uploader ActiveX exploit attempt || bugtraq,27534 || bugtraq,27756 || cve,2008-5711 || url,www.microsoft.com/technet/security/advisory/953839.mspx
|
|
16237
|
+
17656 || WEB-MISC Apache HTTP server mod_rewrite module LDAP scheme handling buffer overflow attempt || cve,2006-3747
|
|
16238
|
+
17657 || EXPLOIT Symantec NetBackup BPCD Daemon exploit attempt || bugtraq,21565 || cve,2006-6222
|
|
16239
|
+
17658 || SPECIFIC-THREATS Adobe Flash frame type identifier memory corruption attempt || bugtraq,15332 || cve,2005-2628
|
|
16240
|
+
17659 || ORACLE xdb.dbms_xmlschema buffer overflow attempt || bugtraq,16287 || cve,2006-0272
|
|
16241
|
+
17660 || SPECIFIC-THREATS Java Web Start arbitrary command execution attempt || bugtraq,39346 || cve,2010-0886 || cve,2010-1423
|
|
16242
|
+
17661 || EXPLOIT Samba send_mailslot buffer overflow attempt || bugtraq,26791 || cve,2007-6015
|
|
16243
|
+
17662 || DELETEC SPECIFIC-THREAT Sun Solaris DHCP Client Arbitrary Code Execution attempt || bugtraq,14687 || cve,2005-2870
|
|
16244
|
+
17664 || WEB-CLIENT GIF image descriptor memory corruption attempt || bugtraq,18915 || bugtraq,22630 || cve,2006-0007 || cve,2007-1071 || url,www.microsoft.com/technet/security/bulletin/ms06-039.mspx
|
|
16245
|
+
17666 || WEB-CLIENT RealNetworks RealPlayer invalid chunk size heap overflow attempt || bugtraq,17202 || cve,2005-2922
|
|
16246
|
+
17668 || POLICY attempted download of a PDF with embedded JavaScript || url,www.adobe.com/devnet/acrobat/javascript.html
|
|
16247
|
+
17669 || SPECIFIC-THREATS Oracle Application Server 10g OPMN service format string vulnerability exploit attempt || bugtraq,34461 || cve,2009-0993 || url,www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html
|
|
16248
|
+
17670 || WEB-ACTIVEX BigAnt Office Manager ActiveX clsid access || bugtraq,39721
|
|
16249
|
+
17671 || WEB-ACTIVEX BigAnt Office Manager ActiveX clsid unicode access || bugtraq,39721
|
|
16250
|
+
17672 || WEB-ACTIVEX BigAnt Office Manager ActiveX function call access || bugtraq,39721
|
|
16251
|
+
17673 || WEB-ACTIVEX BigAnt Office Manager ActiveX function call unicode access || bugtraq,39721
|
|
16252
|
+
17674 || WEB-ACTIVEX Skype Extras Manager ActiveX clsid access || bugtraq,36459 || cve,2009-4741
|
|
16253
|
+
17675 || WEB-ACTIVEX Skype Extras Manager ActiveX clsid unicode access || bugtraq,36459 || cve,2009-4741
|
|
16254
|
+
17676 || WEB-ACTIVEX Skype Extras Manager ActiveX function call access || bugtraq,36459 || cve,2009-4741
|
|
16255
|
+
17677 || WEB-ACTIVEX Skype Extras Manager ActiveX function call unicode access || bugtraq,36459 || cve,2009-4741
|
|
16256
|
+
17678 || WEB-CLIENT Adobe BMP image handler buffer overflow attempt || bugtraq,28874 || cve,2008-1765
|
|
16257
|
+
17679 || WEB-MISC Apple disk image download request
|
|
16258
|
+
17680 || SPECIFIC-THREATS ISC BIND DNSSEC Validation Multiple RRsets DoS || bugtraq,22231 || cve,2007-0494
|
|
16259
|
+
17698 || SPECIFIC-THREATS RealNetworks RealPlayer wav chunk string overflow attempt in email || bugtraq,12697 || cve,2005-0611
|
|
16260
|
+
17701 || SPECIFIC-THREATS Office Viewer ActiveX arbitrary command execution attempt || bugtraq,23811 || bugtraq,33238 || bugtraq,33243 || bugtraq,33245 || cve,2007-2588 || url,moaxb.blogspot.com/2007/05/moaxb-04-office-viewer-oaocx-v-32.html
|
|
16261
|
+
17702 || NETBIOS DCERPC NCACN-IP-TCP srvsvc NetrDfsCreateExitPoint dos attempt || bugtraq,15460 || cve,2005-3644 || url,www.microsoft.com/technet/security/advisory/911052.mspx
|
|
16262
|
+
17703 || SPECIFIC-THREATS Internet Explorer popup title bar spoofing attempt || bugtraq,12602 || cve,2005-0500
|
|
16263
|
+
17704 || SPECIFIC-THREATS McAfee LHA file parsing buffer overflow attempt || bugtraq,10243 || cve,2005-0643
|
|
16264
|
+
17705 || WEB-IIS web agent chunked encoding overflow attempt || bugtraq,13524 || cve,2005-1471
|
|
16265
|
+
17706 || MISC Veritas NetBackup java user interface service format string attack attempt || cve,2005-2715
|
|
16266
|
+
17707 || NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect trend_req_num buffer overflow attempt || bugtraq,22639 || cve,2007-1070 || url,esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034290
|
|
16267
|
+
17708 || EXPLOIT VNC password request URL buffer overflow attempt || bugtraq,17378 || cve,2006-1652
|
|
16268
|
+
17710 || EXPLOIT Veritas NetBackup vmd shared library buffer overflow attempt || bugtraq,15353 || cve,2005-3116
|
|
16269
|
+
17711 || WEB-CLIENT Microsoft Windows ASF parsing memory corruption attempt || cve,2007-0064 || url,www.microsoft.com/technet/security/bulletin/ms07-068.mspx
|
|
16270
|
+
17712 || SPECIFIC-THREATS TFTP PUT Microsoft RIS filename overwrite attempt || cve,2006-5584 || url,www.microsoft.com/technet/security/bulletin/ms06-077.mspx
|
|
16271
|
+
17713 || EXPLOIT Novell NetMail NMAP STOR buffer overflow attempt || bugtraq,21725 || cve,2006-6424
|
|
16272
|
+
17714 || NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect CMON_ActiveUpdate attempt || bugtraq,22639 || cve,2007-1070 || url,esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034290
|
|
16273
|
+
17715 || NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect CMON_ActiveUpdate attempt || bugtraq,22639 || cve,2007-1070 || url,esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034290
|
|
16274
|
+
17716 || SPECIFIC-THREATS IBM Lotus Notes DOC attachment viewer buffer overflow || bugtraq,26146 || cve,2007-5544
|
|
16275
|
+
17717 || SMTP IBM Lotus Notes HTML input tag buffer overflow attempt || bugtraq,26200 || cve,2007-4222 || url,www-1.ibm.com/support/docview.wss?rs=477&uid=swg21272930
|
|
16276
|
+
17718 || SPECIFIC-THREATS Oracle MDSYS drop table trigger injection attempt || bugtraq,33177 || cve,2008-3979
|
|
16277
|
+
17719 || SPECIFIC-THREATS Mozilla Firefox ClearTextRun exploit attempt || bugtraq,34743 || cve,2009-1313
|
|
16278
|
+
17722 || ORACLE Oracle XDB.XDB_PITRIG_PKG buffer overflow attempt || bugtraq,27229 || cve,2008-0339 || url,www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2008.html
|
|
16279
|
+
17724 || SPECIFIC-THREATS malicious ASP file upload attempt || bugtraq,18858 || cve,2006-0026 || url,www.microsoft.com/technet/security/bulletin/ms06-034.mspx
|
|
16280
|
+
17725 || WEB-CLIENT Opera file URI handling buffer overflow || bugtraq,32323 || cve,2008-5178
|
|
16281
|
+
17726 || SPECIFIC-THREATS Internet Explorer address bar spoofing attempt || bugtraq,17404 || cve,2006-1626
|
|
16282
|
+
17727 || SPECIFIC-THREATS Sun JDK image parsing library ICC buffer overflow attempt || bugtraq,24004 || cve,2007-2788 || url,scary.beasts.org/security/CESA-2006-004.html
|
|
16283
|
+
17728 || MISC Panda Antivirus ZOO archive decompression buffer overflow attempt || cve,2005-3922
|
|
16284
|
+
17729 || SPECIFIC-THREATS Microsoft Internet Explorer EMBED element memory corruption attempt || bugtraq,34424 || cve,2009-0553 || url,www.microsoft.com/technet/security/Bulletin/MS09-014.mspx
|
|
16285
|
+
17730 || WEB-CLIENT Microsoft XML Core Services MIME Viewer memory corruption attempt || cve,2007-0099 || url,www.microsoft.com/technet/security/bulletin/MS08-069.mspx
|
|
16286
|
+
17732 || WEB-CLIENT TIFF file request
|
|
16287
|
+
17733 || WEB-MISC XML file download request
|
|
16288
|
+
17734 || WEB-MISC Excel REPT integer underflow attempt || bugtraq,31706 || cve,2008-4019
|
|
16289
|
+
17735 || SPECIFIC-THREATS Adobe Pagemaker Font Name Buffer Overflow attempt || bugtraq,25989 || cve,2007-5169
|
|
16290
|
+
17736 || SPECIFIC-THREATS McAfee LHA Type-2 file handling overflow attempt || bugtraq,12832 || cve,2005-0644
|
|
16291
|
+
17737 || SPECIFIC-THREATS Microsoft collaboration data objects buffer overflow attempt || bugtraq,15067 || cve,2005-1987
|
|
16292
|
+
17738 || SPECIFIC-THREATS Linux Kernel SNMP Netfilter Memory Corruption attempt || bugtraq,18081 || cve,2006-2444
|
|
16293
|
+
17739 || POLICY FlashPix file download request
|
|
16294
|
+
17740 || SPECIFIC-THREATS Apple Quicktime FlashPix processing overflow attempt || bugtraq,36328 || cve,2009-2798
|
|
16295
|
+
17745 || NETBIOS SMB TRANS2 Find_First2 request attempt
|
|
16296
|
+
17746 || NETBIOS SMB client TRANS response Find_First2 filesize overflow attempt || cve,2005-0045 || url,www.microsoft.com/technet/security/bulletin/MS05-011.mspx
|
|
16297
|
+
17748 || WEB-MISC TLSv1 Client_Certificate handshake
|
|
16298
|
+
17749 || RPC Linux Kernel nfsd v4 CAP_MKNOD security bypass attempt || bugtraq,34205 || cve,2009-1072
|
|
16299
|
+
17751 || WEB-CLIENT OpenType Font file download request
|
|
16300
|
+
17776 || WEB-CLIENT Sun Java HsbParser.getSoundBank stack buffer overflow attempt || bugtraq,36881 || cve,2009-3867
|
|
16301
|
+
17777 || SPECIFIC-THREATS IBM Lotus Notes WPD attachment handling buffer overflow || bugtraq,34086 || cve,2008-4564
|
|
16302
|
+
17778 || SPECIFIC-THREATS BitDefender Internet Security script code execution attempt || cve,2009-0850
|
|
16303
|
+
17779 || DELETED SPECIFIC-THREATS Adobe RoboHelp r0 SQL injection attempt || cve,2008-2991
|
|
16304
|
+
17780 || SPECIFIC-THREATS CBO CBL CBM buffer overflow attempt || bugtraq,13944 || cve,2005-1212 || cve,2006-3448 || nessus,18492 || url,www.microsoft.com/technet/security/Bulletin/MS07-005.mspx || url,www.microsoft.com/technet/security/bulletin/MS05-031.mspx
|
|
16305
|
+
17781 || SPECIFIC-THREATS Microsoft Internet Explorer createTextRange code execution attempt || bugtraq,17196 || cve,2006-1359
|
|
16306
|
+
17782 || SCADA Modbus write multiple registers from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
|
16307
|
+
17783 || SCADA Modbus write single register from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
|
16308
|
+
17784 || SCADA Modbus write single coil from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
|
16309
|
+
17785 || SCADA Modbus write multiple coils from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
|
16310
|
+
17786 || SCADA Modbus write file record from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
|
16311
|
+
17787 || SCADA Modbus read discrete inputs from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
|
16312
|
+
17788 || SCADA Modbus read coils from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
|
16313
|
+
17789 || SCADA Modbus read input register from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
|
16314
|
+
17790 || SCADA Modbus read holding registers from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
|
16315
|
+
17791 || SCADA Modbus read/write multiple registers from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
|
16316
|
+
17792 || SCADA Modbus read fifo queue from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
|
16317
|
+
17793 || SCADA Modbus read file record from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
|
16318
|
+
17794 || SCADA Modbus read exception status from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
|
16319
|
+
17795 || SCADA Modbus initiate diagnostic from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
|
16320
|
+
17796 || SCADA Modbus get com event counter from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
|
16321
|
+
17797 || SCADA Modbus get com event log from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
|
16322
|
+
17798 || SCADA Modbus report slave id from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
|
16323
|
+
17799 || SCADA Modbus read device identification from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
|
16324
|
+
17800 || SCADA Modbus mask write register from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
|
16325
|
+
17801 || WEB-CLIENT Director Movie File Embeded
|
|
16326
|
+
17802 || WEB-CLIENT Director Movie File Download
|
|
16327
|
+
17803 || WEB-CLIENT Adobe Shockwave Director rcsL chunk memory corruption attempt || bugtraq,42682 || cve,2010-2873 || url,www.adobe.com/support/security/bulletins/apsb10-20.html
|
|
16328
|
+
17804 || WEB-CLIENT Mozilla Firefox html tag attributes memory corruption || cve,2010-3765
|
|
16329
|
+
17805 || SPYWARE-PUT Worm.Win32.Neeris.BF contact to server attempt || url,www.virustotal.com/latest-report.html?resource=968470dd871f3047cf48b23f0c83985f
|
|
16330
|
+
17806 || SPECIFIC-THREATS Adobe Shockwave Director rcsL chunk remote code execution attempt || bugtraq,44291 || cve,2010-3653
|
|
16331
|
+
17807 || SPECIFIC-THREATS Adobe Shockwave Director rcsL chunk remote code execution attempt || bugtraq,44291 || cve,2010-3653
|
|
16332
|
+
17808 || SPECIFIC-THREATS Adobe Flash authplay.dll memory corruption attempt || cve,2010-3654 || url,www.adobe.com/support/security/advisories/apsa10-05.html
|
|
16333
|
+
17809 || WEB-CLIENT quicktime movie file transfer
|
|
16334
|
+
17810 || WEB-MISC potential malware - download of server32.exe || url,en.wikipedia.org/wiki/Zeus_(trojan_horse)
|
|
16335
|
+
17811 || WEB-MISC potential malware - download of svchost.exe
|
|
16336
|
+
17812 || WEB-MISC potential malware - download of iexplore.exe
|
|
16337
|
+
17813 || WEB-MISC potential malware - download of iprinp.dll
|
|
16338
|
+
17814 || WEB-MISC potential malware - download of winzf32.dll
|
|
16339
|
+
17815 || SPYWARE-PUT Thinkpoint fake antivirus - user display || url,www.symantec.com/security_response/writeup.jsp?docid=2010-090610-2408-99
|
|
16340
|
+
17816 || SPYWARE-PUT Thinkpoint fake antivirus - credit card submission || url,www.symantec.com/security_response/writeup.jsp?docid=2010-090610-2408-99
|
|
16341
|
+
17817 || SPECIFIC-THREATS Thinkpoint fake antivirus binary download || url,www.symantec.com/security_response/writeup.jsp?docid=2010-090610-2408-99
|
|
16342
|
+
17818 || BLACKLIST DNS request for known malware domain ktr.t134.net || url,labs.snort.org/docs/17818.html
|
|
16343
|
+
17819 || BLACKLIST DNS request for known malware domain motuh.com || url,labs.snort.org/docs/17819.html
|
|
16344
|
+
17820 || BLACKLIST DNS request for known malware domain myanimalclips.com || url,labs.snort.org/docs/17820.html
|
|
16345
|
+
17821 || BLACKLIST DNS request for known malware domain ketsymbol.com || url,labs.snort.org/docs/17821.html
|
|
16346
|
+
17822 || BLACKLIST DNS request for known malware domain ics.hotbar.com || url,labs.snort.org/docs/17822.html
|
|
16347
|
+
17823 || BLACKLIST DNS request for known malware domain www.myroitracking.com || url,labs.snort.org/docs/17823.html
|
|
16348
|
+
17824 || BLACKLIST DNS request for known malware domain teenxmovs.net || url,labs.snort.org/docs/17824.html
|
|
16349
|
+
17825 || BLACKLIST DNS request for known malware domain px.smowtion.com || url,labs.snort.org/docs/17825.html
|
|
16350
|
+
17826 || BLACKLIST DNS request for known malware domain cheaps1.info || url,labs.snort.org/docs/17826.html
|
|
16351
|
+
17827 || BLACKLIST DNS request for known malware domain sexmoviesland.net || url,labs.snort.org/docs/17827.html
|
|
16352
|
+
17828 || BLACKLIST DNS request for known malware domain 67.201.36.16 || url,labs.snort.org/docs/17828.html
|
|
16353
|
+
17829 || BLACKLIST DNS request for known malware domain c7.zxxds.net || url,labs.snort.org/docs/17829.html
|
|
16354
|
+
17830 || BLACKLIST DNS request for known malware domain dickvsclit.net || url,labs.snort.org/docs/17830.html
|
|
16355
|
+
17831 || BLACKLIST DNS request for known malware domain edrichfinearts.com || url,labs.snort.org/docs/17831.html
|
|
16356
|
+
17832 || BLACKLIST DNS request for known malware domain img100.xvideos.com || url,labs.snort.org/docs/17832.html
|
|
16357
|
+
17833 || BLACKLIST DNS request for known malware domain www.dsnextgen.com || url,labs.snort.org/docs/17833.html
|
|
16358
|
+
17834 || BLACKLIST DNS request for known malware domain 343.boolans.com || url,labs.snort.org/docs/17834.html
|
|
16359
|
+
17835 || BLACKLIST DNS request for known malware domain xpresdnet.com || url,labs.snort.org/docs/17835.html
|
|
16360
|
+
17836 || BLACKLIST DNS request for known malware domain gbsup.com || url,labs.snort.org/docs/17836.html
|
|
16361
|
+
17837 || BLACKLIST DNS request for known malware domain xxsmovies.com || url,labs.snort.org/docs/17837.html
|
|
16362
|
+
17838 || BLACKLIST DNS request for known malware domain vc.iwriteweb.com || url,labs.snort.org/docs/17838.html
|
|
16363
|
+
17839 || BLACKLIST DNS request for known malware domain js.222233.com || url,labs.snort.org/docs/17839.html
|
|
16364
|
+
17840 || BLACKLIST DNS request for known malware domain www.grannyplanet.com || url,labs.snort.org/docs/17840.html
|
|
16365
|
+
17841 || BLACKLIST DNS request for known malware domain coop.crwdcntrl.net || url,labs.snort.org/docs/17841.html
|
|
16366
|
+
17842 || BLACKLIST DNS request for known malware domain extrahotx.net || url,labs.snort.org/docs/17842.html
|
|
16367
|
+
17843 || BLACKLIST DNS request for known malware domain extralargevideos.com || url,labs.snort.org/docs/17843.html
|
|
16368
|
+
17844 || BLACKLIST DNS request for known malware domain www.derquda.com || url,labs.snort.org/docs/17844.html
|
|
16369
|
+
17845 || BLACKLIST DNS request for known malware domain aahydrogen.com || url,labs.snort.org/docs/17845.html
|
|
16370
|
+
17846 || BLACKLIST DNS request for known malware domain trumpetlicks.com || url,labs.snort.org/docs/17846.html
|
|
16371
|
+
17847 || BLACKLIST DNS request for known malware domain mskla.com || url,labs.snort.org/docs/17847.html
|
|
16372
|
+
17848 || BLACKLIST DNS request for known malware domain play.unionsky.cn || url,labs.snort.org/docs/17848.html
|
|
16373
|
+
17849 || BLACKLIST DNS request for known malware domain fuckersucker.com || url,labs.snort.org/docs/17849.html
|
|
16374
|
+
17850 || BLACKLIST DNS request for known malware domain pornfucklist.com || url,labs.snort.org/docs/17850.html
|
|
16375
|
+
17851 || BLACKLIST DNS request for known malware domain game.685faiudeme.com || url,labs.snort.org/docs/17851.html
|
|
16376
|
+
17852 || BLACKLIST DNS request for known malware domain 447.cc || url,labs.snort.org/docs/17852.html
|
|
16377
|
+
17853 || BLACKLIST DNS request for known malware domain dommonview.com || url,labs.snort.org/docs/17853.html
|
|
16378
|
+
17854 || BLACKLIST DNS request for known malware domain www.lamiaexragazza.com || url,labs.snort.org/docs/17854.html
|
|
16379
|
+
17855 || BLACKLIST DNS request for known malware domain acofinder.com || url,labs.snort.org/docs/17855.html
|
|
16380
|
+
17856 || BLACKLIST DNS request for known malware domain fuckfuckvids.com || url,labs.snort.org/docs/17856.html
|
|
16381
|
+
17857 || BLACKLIST DNS request for known malware domain www.cnhack.cn || url,labs.snort.org/docs/17857.html
|
|
16382
|
+
17858 || BLACKLIST DNS request for known malware domain kingsizematures.com || url,labs.snort.org/docs/17858.html
|
|
16383
|
+
17859 || BLACKLIST DNS request for known malware domain promotds.com || url,labs.snort.org/docs/17859.html
|
|
16384
|
+
17860 || BLACKLIST DNS request for known malware domain mejac.com || url,labs.snort.org/docs/17860.html
|
|
16385
|
+
17861 || BLACKLIST DNS request for known malware domain zq2.9wee.com || url,labs.snort.org/docs/17861.html
|
|
16386
|
+
17862 || BLACKLIST DNS request for known malware domain 122.770304123.cn || url,labs.snort.org/docs/17862.html
|
|
16387
|
+
17863 || BLACKLIST DNS request for known malware domain rpt2.21civ.com || url,labs.snort.org/docs/17863.html
|
|
16388
|
+
17864 || BLACKLIST DNS request for known malware domain tubexxxmatures.com || url,labs.snort.org/docs/17864.html
|
|
16389
|
+
17865 || BLACKLIST DNS request for known malware domain 110.770304123.cn || url,labs.snort.org/docs/17865.html
|
|
16390
|
+
17866 || BLACKLIST DNS request for known malware domain aebankonline.com || url,labs.snort.org/docs/17866.html
|
|
16391
|
+
17867 || BLACKLIST DNS request for known malware domain utm.trk.myfuncards.com || url,labs.snort.org/docs/17867.html
|
|
16392
|
+
17868 || BLACKLIST DNS request for known malware domain a.qq2233.com || url,labs.snort.org/docs/17868.html
|
|
16393
|
+
17869 || BLACKLIST DNS request for known malware domain px.mgplatform.com || url,labs.snort.org/docs/17869.html
|
|
16394
|
+
17870 || BLACKLIST DNS request for known malware domain trojan8.com || url,labs.snort.org/docs/17870.html
|
|
16395
|
+
17871 || BLACKLIST DNS request for known malware domain brutalxvideos.com || url,labs.snort.org/docs/17871.html
|
|
16396
|
+
17872 || BLACKLIST DNS request for known malware domain www3.sexown.com || url,labs.snort.org/docs/17872.html
|
|
16397
|
+
17873 || BLACKLIST DNS request for known malware domain mummimpegs.com || url,labs.snort.org/docs/17873.html
|
|
16398
|
+
17874 || BLACKLIST DNS request for known malware domain f19dd4abb8b8bdf2.cn || url,labs.snort.org/docs/17874.html
|
|
16399
|
+
17875 || BLACKLIST DNS request for known malware domain www.very-young-boys.com || url,labs.snort.org/docs/17875.html
|
|
16400
|
+
17876 || BLACKLIST DNS request for known malware domain 91629.com || url,labs.snort.org/docs/17876.html
|
|
16401
|
+
17877 || BLACKLIST DNS request for known malware domain animal36.com || url,labs.snort.org/docs/17877.html
|
|
16402
|
+
17878 || BLACKLIST DNS request for known malware domain ayb.host127-0-0-1.com || url,labs.snort.org/docs/17878.html
|
|
16403
|
+
17879 || BLACKLIST DNS request for known malware domain cfg.353wanwan.com || url,labs.snort.org/docs/17879.html
|
|
16404
|
+
17880 || BLACKLIST DNS request for known malware domain www.027dj.com || url,labs.snort.org/docs/17880.html
|
|
16405
|
+
17881 || BLACKLIST DNS request for known malware domain fucktosky.com || url,labs.snort.org/docs/17881.html
|
|
16406
|
+
17882 || BLACKLIST DNS request for known malware domain procca.com || url,labs.snort.org/docs/17882.html
|
|
16407
|
+
17883 || BLACKLIST DNS request for known malware domain autouploaders.net || url,labs.snort.org/docs/17883.html
|
|
16408
|
+
17884 || BLACKLIST DNS request for known malware domain gimmemyporn.com || url,labs.snort.org/docs/17884.html
|
|
16409
|
+
17885 || BLACKLIST DNS request for known malware domain waytoall.com || url,labs.snort.org/docs/17885.html
|
|
16410
|
+
17886 || BLACKLIST DNS request for known malware domain www.spamature.com || url,labs.snort.org/docs/17886.html
|
|
16411
|
+
17887 || BLACKLIST DNS request for known malware domain info.collectionerrorreport.com || url,labs.snort.org/docs/17887.html
|
|
16412
|
+
17888 || BLACKLIST DNS request for known malware domain bn.xp1.ru4.com || url,labs.snort.org/docs/17888.html
|
|
16413
|
+
17889 || BLACKLIST DNS request for known malware domain www.ajie520.com || url,labs.snort.org/docs/17889.html
|
|
16414
|
+
17890 || BLACKLIST DNS request for known malware domain 114search1.118114.cn || url,labs.snort.org/docs/17890.html
|
|
16415
|
+
17891 || BLACKLIST DNS request for known malware domain bestkind.ru || url,labs.snort.org/docs/17891.html
|
|
16416
|
+
17892 || BLACKLIST DNS request for known malware domain clickpotato.tv || url,labs.snort.org/docs/17892.html
|
|
16417
|
+
17893 || BLACKLIST DNS request for known malware domain www.zxc0001.com || url,labs.snort.org/docs/17893.html
|
|
16418
|
+
17894 || BLACKLIST DNS request for known malware domain streq.cn || url,labs.snort.org/docs/17894.html
|
|
16419
|
+
17895 || BLACKLIST DNS request for known malware domain pyow.prixi-soft.ir || url,labs.snort.org/docs/17895.html
|
|
16420
|
+
17896 || BLACKLIST DNS request for known malware domain 113552url.cptgt.com || url,labs.snort.org/docs/17896.html
|
|
16421
|
+
17897 || BLACKLIST DNS request for known malware domain www.moneytw8.com || url,labs.snort.org/docs/17897.html
|
|
16422
|
+
17898 || BLACKLIST URI request for known malicious URI - /get2.php?c=VTOXUGUI&d=26606B6739343F216560 || url,labs.snort.org/docs/17898.html
|
|
16423
|
+
17899 || BLACKLIST URI request for known malicious URI - /reques0.asp?kind=006&mac= || url,labs.snort.org/docs/17899.html
|
|
16424
|
+
17900 || BLACKLIST URI request for known malicious URI - /basic/cn3c2/c.*dll || url,labs.snort.org/docs/17900.html
|
|
16425
|
+
17901 || BLACKLIST URI request for known malicious URI - /mybackup21.rar || url,labs.snort.org/docs/17901.html
|
|
16426
|
+
17902 || BLACKLIST URI request for known malicious URI - /?getexe=loader.exe || url,labs.snort.org/docs/17902.html
|
|
16427
|
+
17903 || BLACKLIST URI request for known malicious URI - stid= || url,labs.snort.org/docs/17903.html
|
|
16428
|
+
17904 || BLACKLIST URI request for known malicious URI - /tongji.js || url,labs.snort.org/docs/17904.html
|
|
16429
|
+
17905 || BLACKLIST URI request for known malicious URI - 1de49069b6044785e9dfcd4c035cfd0c.php || url,labs.snort.org/docs/17905.html
|
|
16430
|
+
17906 || BLACKLIST URI request for known malicious URI - 2x/.*php || url,labs.snort.org/docs/17906.html
|
|
16431
|
+
17907 || BLACKLIST URI request for known malicious URI - /MNG/Download/?File=AZF|DATADIR|Download || url,labs.snort.org/docs/17907.html
|
|
16432
|
+
17908 || BLACKLIST URI request for known malicious URI - /images/crypt_22.exe || url,labs.snort.org/docs/17908.html
|
|
16433
|
+
17909 || BLACKLIST URI request for known malicious URI - /images/css/1.exe || url,labs.snort.org/docs/17909.html
|
|
16434
|
+
17910 || BLACKLIST URI request for known malicious URI - /7xdown.exe || url,labs.snort.org/docs/17910.html
|
|
16435
|
+
17911 || BLACKLIST URI request for known malicious URI - /winhelper.exe || url,labs.snort.org/docs/17911.html
|
|
16436
|
+
17912 || BLACKLIST URI request for known malicious URI - /upopwin/count.asp?mac= || url,labs.snort.org/docs/17912.html
|
|
16437
|
+
17913 || BLACKLIST URI request for known malicious URI - /ok.exe || url,labs.snort.org/docs/17913.html
|
|
16438
|
+
17914 || BLACKLIST URI request for known malicious URI - /LjBin/Bin.Dll || url,labs.snort.org/docs/17914.html
|
|
16439
|
+
17915 || BLACKLIST URI request for known malicious URI - /1001ns/cfg3n.bin || url,labs.snort.org/docs/17915.html
|
|
16440
|
+
17916 || BLACKLIST URI request for known malicious URI - /dh/stats.bin || url,labs.snort.org/docs/17916.html
|
|
16441
|
+
17917 || BLACKLIST URI request for known malicious URI - /zeus/config.bin || url,labs.snort.org/docs/17917.html
|
|
16442
|
+
17918 || PHISHING-SPAM aaof.onlinelewiss22r.ru known spam email attempt
|
|
16443
|
+
17919 || PHISHING-SPAM akiq.onlinetommie54y.ru known spam email attempt
|
|
16444
|
+
17920 || PHISHING-SPAM aobuii.onlinelewiss22r.ru known spam email attempt
|
|
16445
|
+
17921 || PHISHING-SPAM argue.medrayner44c.ru known spam email attempt
|
|
16446
|
+
17922 || PHISHING-SPAM ava.refilleldredge89r.ru known spam email attempt
|
|
16447
|
+
17923 || PHISHING-SPAM axoseb.medicdrugsxck.ru known spam email attempt
|
|
16448
|
+
17924 || PHISHING-SPAM azo.onlinetommie54y.ru known spam email attempt
|
|
16449
|
+
17925 || PHISHING-SPAM back.pharmroyce83b.ru known spam email attempt
|
|
16450
|
+
17926 || PHISHING-SPAM by.pharmroyce83b.ru known spam email attempt
|
|
16451
|
+
17927 || PHISHING-SPAM cardinals.refilldud86o.ru known spam email attempt
|
|
16452
|
+
17928 || PHISHING-SPAM chemist.onlineruggiero33q.ru known spam email attempt
|
|
16453
|
+
17929 || PHISHING-SPAM chula.pharmroyce83b.ru known spam email attempt
|
|
16454
|
+
17930 || PHISHING-SPAM classification.refillreade47j.ru known spam email attempt
|
|
16455
|
+
17931 || PHISHING-SPAM compensate.refilldud86o.ru known spam email attempt
|
|
16456
|
+
17932 || PHISHING-SPAM cswjlxey.ru known spam email attempt
|
|
16457
|
+
17933 || PHISHING-SPAM current.refillreade47j.ru known spam email attempt
|
|
16458
|
+
17934 || PHISHING-SPAM cyacaz.pilltodd73p.ru known spam email attempt
|
|
16459
|
+
17935 || PHISHING-SPAM deepcenter.ru known spam email attempt
|
|
16460
|
+
17936 || PHISHING-SPAM delegate.refillreade47j.ru known spam email attempt
|
|
16461
|
+
17937 || PHISHING-SPAM diet.medrayner44c.ru known spam email attempt
|
|
16462
|
+
17938 || PHISHING-SPAM direct.refillreade47j.ru known spam email attempt
|
|
16463
|
+
17939 || PHISHING-SPAM divyo.pillking74s.ru known spam email attempt
|
|
16464
|
+
17940 || PHISHING-SPAM drugsgeorge65g.ru known spam email attempt
|
|
16465
|
+
17941 || PHISHING-SPAM dux.erectnoll24k.ru known spam email attempt
|
|
16466
|
+
17942 || PHISHING-SPAM dypoh.erectjefferey85n.ru known spam email attempt
|
|
16467
|
+
17943 || PHISHING-SPAM eaihar.refilleldredge89r.ru known spam email attempt
|
|
16468
|
+
17944 || PHISHING-SPAM eeez.onlinehamel83i.ru known spam email attempt
|
|
16469
|
+
17945 || PHISHING-SPAM egi.refilleldredge89r.ru known spam email attempt
|
|
16470
|
+
17946 || PHISHING-SPAM ehyw.cumedicdrugsx.ru known spam email attempt
|
|
16471
|
+
17947 || PHISHING-SPAM eka.onlinehamel83i.ru known spam email attempt
|
|
16472
|
+
17948 || PHISHING-SPAM election.refillreade47j.ru known spam email attempt
|
|
16473
|
+
17949 || PHISHING-SPAM elik.drugslevy46b.ru known spam email attempt
|
|
16474
|
+
17950 || PHISHING-SPAM epeno.onlinelewiss22r.ru known spam email attempt
|
|
16475
|
+
17951 || PHISHING-SPAM erectgodart30s.ru known spam email attempt
|
|
16476
|
+
17952 || PHISHING-SPAM erol.camedicdrugsx.ru known spam email attempt
|
|
16477
|
+
17953 || PHISHING-SPAM exa.drugslevy46b.ru known spam email attempt
|
|
16478
|
+
17954 || PHISHING-SPAM eyu.onlinehamel83i.ru known spam email attempt
|
|
16479
|
+
17955 || PHISHING-SPAM fashionchannel.ru known spam email attempt
|
|
16480
|
+
17956 || PHISHING-SPAM fauxy.pillking74s.ru known spam email attempt
|
|
16481
|
+
17957 || PHISHING-SPAM food.refillreade47j.ru known spam email attempt
|
|
16482
|
+
17958 || PHISHING-SPAM generality.onlinehill21q.ru known spam email attempt
|
|
16483
|
+
17959 || PHISHING-SPAM goyry.ramedicdrugsx.ru known spam email attempt
|
|
16484
|
+
17960 || PHISHING-SPAM gueepa.erectnoll24k.ru known spam email attempt
|
|
16485
|
+
17961 || PHISHING-SPAM has.refillreade47j.ru known spam email attempt
|
|
16486
|
+
17962 || PHISHING-SPAM have.medrayner44c.ru known spam email attempt
|
|
16487
|
+
17963 || PHISHING-SPAM headtest.ru known spam email attempt
|
|
16488
|
+
17964 || PHISHING-SPAM huhuh.pilltodd73p.ru known spam email attempt
|
|
16489
|
+
17965 || PHISHING-SPAM hyem.pilltodd73p.ru known spam email attempt
|
|
16490
|
+
17966 || PHISHING-SPAM icysa.refilleldredge89r.ru known spam email attempt
|
|
16491
|
+
17967 || PHISHING-SPAM iiy.refilleldredge89r.ru known spam email attempt
|
|
16492
|
+
17968 || PHISHING-SPAM iki.onlinetommie54y.ru known spam email attempt
|
|
16493
|
+
17969 || PHISHING-SPAM iner.medicdrugsxdl.ru known spam email attempt
|
|
16494
|
+
17970 || PHISHING-SPAM in.onlinehill21q.ru known spam email attempt
|
|
16495
|
+
17971 || PHISHING-SPAM intelpost.ru known spam email attempt
|
|
16496
|
+
17972 || PHISHING-SPAM inunuw.medicdrugsxpo.ru known spam email attempt
|
|
16497
|
+
17973 || PHISHING-SPAM ipiig.drugslevy46b.ru known spam email attempt
|
|
16498
|
+
17974 || PHISHING-SPAM iqor.pilltodd73p.ru known spam email attempt
|
|
16499
|
+
17975 || PHISHING-SPAM is.medrayner44c.ru known spam email attempt
|
|
16500
|
+
17976 || PHISHING-SPAM itaca.erectnoll24k.ru known spam email attempt
|
|
16501
|
+
17977 || PHISHING-SPAM ive.pilltodd73p.ru known spam email attempt
|
|
16502
|
+
17978 || PHISHING-SPAM iweqyz.erectjefferey85n.ru known spam email attempt
|
|
16503
|
+
17979 || PHISHING-SPAM iycyde.medicdrugsxco.ru known spam email attempt
|
|
16504
|
+
17980 || PHISHING-SPAM iyw.refilleldredge89r.ru known spam email attempt
|
|
16505
|
+
17981 || PHISHING-SPAM jaecoh.erectnoll24k.ru known spam email attempt
|
|
16506
|
+
17982 || PHISHING-SPAM jael.pillking74s.ru known spam email attempt
|
|
16507
|
+
17983 || PHISHING-SPAM jex.remedicdrugsx.ru known spam email attempt
|
|
16508
|
+
17984 || PHISHING-SPAM john.onlinehill21q.ru known spam email attempt
|
|
16509
|
+
17985 || PHISHING-SPAM joseph.refillreade47j.ru known spam email attempt
|
|
16510
|
+
17986 || PHISHING-SPAM jyn.medicdrugsxdl.ru known spam email attempt
|
|
16511
|
+
17987 || PHISHING-SPAM jyzyv.refilleldredge89r.ru known spam email attempt
|
|
16512
|
+
17988 || PHISHING-SPAM koosaf.erectnoll24k.ru known spam email attempt
|
|
16513
|
+
17989 || PHISHING-SPAM lybah.pilltodd73p.ru known spam email attempt
|
|
16514
|
+
17990 || PHISHING-SPAM manila.onlinephilbert42f.ru known spam email attempt
|
|
16515
|
+
17991 || PHISHING-SPAM masa.erectjefferey85n.ru known spam email attempt
|
|
16516
|
+
17992 || PHISHING-SPAM medpenny17j.ru known spam email attempt
|
|
16517
|
+
17993 || PHISHING-SPAM minionspre.ru known spam email attempt
|
|
16518
|
+
17994 || PHISHING-SPAM nazuwu.onlinelewiss22r.ru known spam email attempt
|
|
16519
|
+
17995 || PHISHING-SPAM negotiations.refilldud86o.ru known spam email attempt
|
|
16520
|
+
17996 || PHISHING-SPAM niqiv.erectjefferey85n.ru known spam email attempt
|
|
16521
|
+
17997 || PHISHING-SPAM odimys.medicdrugsxlb.ru known spam email attempt
|
|
16522
|
+
17998 || PHISHING-SPAM odoog.onlinelewiss22r.ru known spam email attempt
|
|
16523
|
+
17999 || PHISHING-SPAM oekaka.aimedicdrugsx.ru known spam email attempt
|
|
16524
|
+
18000 || PHISHING-SPAM oeqio.erectnoll24k.ru known spam email attempt
|
|
16525
|
+
18001 || PHISHING-SPAM of.onlinephilbert42f.ru known spam email attempt
|
|
16526
|
+
18002 || PHISHING-SPAM of.refilldud86o.ru known spam email attempt
|
|
16527
|
+
18003 || PHISHING-SPAM of.refillreade47j.ru known spam email attempt
|
|
16528
|
+
18004 || PHISHING-SPAM oipek.onlinehamel83i.ru known spam email attempt
|
|
16529
|
+
18005 || PHISHING-SPAM oji.medicdrugsxto.ru known spam email attempt
|
|
16530
|
+
18006 || PHISHING-SPAM onotye.onlinelewiss22r.ru known spam email attempt
|
|
16531
|
+
18007 || PHISHING-SPAM opy.erectjefferey85n.ru known spam email attempt
|
|
16532
|
+
18008 || PHISHING-SPAM orderbuzz.ru known spam email attempt
|
|
16533
|
+
18009 || PHISHING-SPAM ouu.almedicdrugsx.ru known spam email attempt
|
|
16534
|
+
18010 || PHISHING-SPAM oxuc.pillking74s.ru known spam email attempt
|
|
16535
|
+
18011 || PHISHING-SPAM pillrolfe64l.ru known spam email attempt
|
|
16536
|
+
18012 || PHISHING-SPAM recently.refilldud86o.ru known spam email attempt
|
|
16537
|
+
18013 || PHISHING-SPAM records.onlinephilbert42f.ru known spam email attempt
|
|
16538
|
+
18014 || PHISHING-SPAM reobaj.onlinehamel83i.ru known spam email attempt
|
|
16539
|
+
18015 || PHISHING-SPAM research.onlinehill21q.ru known spam email attempt
|
|
16540
|
+
18016 || PHISHING-SPAM returning.refillreade47j.ru known spam email attempt
|
|
16541
|
+
18017 || PHISHING-SPAM right.refillreade47j.ru known spam email attempt
|
|
16542
|
+
18018 || PHISHING-SPAM riwaro.erectjefferey85n.ru known spam email attempt
|
|
16543
|
+
18019 || PHISHING-SPAM ruuav.erectnoll24k.ru known spam email attempt
|
|
16544
|
+
18020 || PHISHING-SPAM ryhux.medicdrugsxpa.ru known spam email attempt
|
|
16545
|
+
18021 || PHISHING-SPAM software-buyshop-7.ru known spam email attempt
|
|
16546
|
+
18022 || PHISHING-SPAM specialyou.ru known spam email attempt
|
|
16547
|
+
18023 || PHISHING-SPAM starring.pharmroyce83b.ru known spam email attempt
|
|
16548
|
+
18024 || PHISHING-SPAM store-softwarebuy-7.ru known spam email attempt
|
|
16549
|
+
18025 || PHISHING-SPAM sya.onlinehamel83i.ru known spam email attempt
|
|
16550
|
+
18026 || PHISHING-SPAM tabdarin80s.ru known spam email attempt
|
|
16551
|
+
18027 || PHISHING-SPAM tabgordan13n.ru known spam email attempt
|
|
16552
|
+
18028 || PHISHING-SPAM tablangston19a.ru known spam email attempt
|
|
16553
|
+
18029 || PHISHING-SPAM tabwebster77c.ru known spam email attempt
|
|
16554
|
+
18030 || PHISHING-SPAM tanuen.dimedicdrugsx.ru known spam email attempt
|
|
16555
|
+
18031 || PHISHING-SPAM the.onlinehill21q.ru known spam email attempt
|
|
16556
|
+
18032 || PHISHING-SPAM the.onlineruggiero33q.ru known spam email attempt
|
|
16557
|
+
18033 || PHISHING-SPAM to.medrayner44c.ru known spam email attempt
|
|
16558
|
+
18034 || PHISHING-SPAM trails.pharmroyce83b.ru known spam email attempt
|
|
16559
|
+
18035 || PHISHING-SPAM trusting-me.ru known spam email attempt
|
|
16560
|
+
18036 || PHISHING-SPAM twodays.ru known spam email attempt
|
|
16561
|
+
18037 || PHISHING-SPAM tyqaja.pilltodd73p.ru known spam email attempt
|
|
16562
|
+
18038 || PHISHING-SPAM uboi.onlinehamel83i.ru known spam email attempt
|
|
16563
|
+
18039 || PHISHING-SPAM uf.drugslevy46b.ru known spam email attempt
|
|
16564
|
+
18040 || PHISHING-SPAM uielij.pillking74s.ru known spam email attempt
|
|
16565
|
+
18041 || PHISHING-SPAM unasu.medicdrugsxto.ru known spam email attempt
|
|
16566
|
+
18042 || PHISHING-SPAM upazo.pilltodd73p.ru known spam email attempt
|
|
16567
|
+
18043 || PHISHING-SPAM utuqaj.pillking74s.ru known spam email attempt
|
|
16568
|
+
18044 || PHISHING-SPAM uuji.refilleldredge89r.ru known spam email attempt
|
|
16569
|
+
18045 || PHISHING-SPAM variation.refilldud86o.ru known spam email attempt
|
|
16570
|
+
18046 || PHISHING-SPAM via.refillreade47j.ru known spam email attempt
|
|
16571
|
+
18047 || PHISHING-SPAM voiceless.pharmroyce83b.ru known spam email attempt
|
|
16572
|
+
18048 || PHISHING-SPAM was.medrayner44c.ru known spam email attempt
|
|
16573
|
+
18049 || PHISHING-SPAM word.onlinephilbert42f.ru known spam email attempt
|
|
16574
|
+
18050 || PHISHING-SPAM world.onlinehill21q.ru known spam email attempt
|
|
16575
|
+
18051 || PHISHING-SPAM www.buhni.ru known spam email attempt
|
|
16576
|
+
18052 || PHISHING-SPAM www.visitcover.ru known spam email attempt
|
|
16577
|
+
18053 || PHISHING-SPAM xob.erectnoll24k.ru known spam email attempt
|
|
16578
|
+
18054 || PHISHING-SPAM ygy.onlinetommie54y.ru known spam email attempt
|
|
16579
|
+
18055 || PHISHING-SPAM yit.medicdrugsxor.ru known spam email attempt
|
|
16580
|
+
18056 || PHISHING-SPAM ylum.onlinelewiss22r.ru known spam email attempt
|
|
16581
|
+
18057 || PHISHING-SPAM ymyuto.onlinelewiss22r.ru known spam email attempt
|
|
16582
|
+
18058 || PHISHING-SPAM yomy.pillking74s.ru known spam email attempt
|
|
16583
|
+
18059 || PHISHING-SPAM yzugez.pillking74s.ru known spam email attempt
|
|
16584
|
+
18060 || PHISHING-SPAM zeroprices.ru known spam email attempt
|
|
16585
|
+
18061 || PHISHING-SPAM zueuz.onlinehamel83i.ru known spam email attempt
|
|
16586
|
+
18077 || SPECIFIC-THREATS Mozilla products CSS rendering out-of-bounds array write attempt || cve,2006-1739 || url,osvdb.org/show/osvdb/24660
|
|
16587
|
+
18078 || SPECIFIC-THREATS Mozilla products CSS rendering out-of-bounds array write attempt || cve,2006-1739 || url,osvdb.org/show/osvdb/24660
|
|
16588
|
+
18079 || BLACKLIST DNS request for known malware domain jsshmz.gotoip4.com
|
|
16589
|
+
18080 || BLACKLIST DNS request for known malware domain netrand.house.sina.com.cn
|
|
16590
|
+
18081 || BLACKLIST DNS request for known malware domain wenyixuan.3322.org
|
|
16591
|
+
18082 || BLACKLIST DNS request for known malware domain 3q.sbwanwan.com
|
|
16592
|
+
18083 || BLACKLIST DNS request for known malware domain 863.dclsba.com
|
|
16593
|
+
18084 || BLACKLIST DNS request for known malware domain drs317a.gotoip4.com
|
|
16594
|
+
18085 || BLACKLIST DNS request for known malware domain jsshmz.gotoip4.com
|
|
16595
|
+
18086 || BLACKLIST DNS request for known malware domain qq.sbwanwan.com
|
|
16596
|
+
18087 || BLACKLIST DNS request for known malware domain tiantianzaixian.gotoip1.com
|
|
16597
|
+
18088 || BLACKLIST DNS request for known malware domain wenyixuan.3322.org
|
|
16598
|
+
18089 || BLACKLIST DNS request for known malware domain www.auto328.com
|
|
16599
|
+
18090 || BLACKLIST DNS request for known malware domain www.comstelecom.com
|
|
16600
|
+
18091 || BLACKLIST DNS request for known malware domain www.goodfriends.or.kr
|
|
16601
|
+
18092 || BLACKLIST DNS request for known malware domain www.hao1345.com
|
|
16602
|
+
18093 || BLACKLIST DNS request for known malware domain www.opusgame.com
|
|
16603
|
+
18094 || BLACKLIST DNS request for known malware domain www.theoffstage.com
|
|
16604
|
+
18095 || BLACKLIST DNS request for known malware domain www.wwmei.com
|
|
16605
|
+
18096 || WEB-MISC Apache Tomcat username enumeration attempt || bugtraq,35196 || cve,2009-0580
|
|
16606
|
+
18097 || WEB-ACTIVEX VMWare Remote Console Plug-In ActiveX clsid access || cve,2009-3732
|
|
16607
|
+
18098 || BLACKLIST URI request for known malicious URI - /set/first.html || url,www.trustdefender.com/blog/2010/10/06/carberp-%E2%80%93-a-new-trojan-in-the-making/
|
|
16608
|
+
18099 || BLACKLIST URI request for known malicious URI - /cfg/*.plug || url,www.trustdefender.com/blog/2010/10/06/carberp-%E2%80%93-a-new-trojan-in-the-making/
|
|
16609
|
+
18100 || BOTNET-CNC Tidserv malware command and control channel traffic || url,www.threatexpert.com/report.aspx?uid=cffa846b-93ba-438d-8715-0665b6cd9627
|
|
16610
|
+
18103 || BLACKLIST DNS request for known malware domain 5yvod.net || cve,2010-3962
|
|
16611
|
+
18104 || BLACKLIST DNS request for known malware domain b.9s3.info || cve,2010-3962
|
|
16612
|
+
18105 || BLACKLIST DNS request for known malware domain baidutaobao.gotoip55.com || cve,2010-3962
|
|
16613
|
+
18106 || BLACKLIST DNS request for known malware domain e.msssm.com || cve,2010-3962
|
|
16614
|
+
18107 || BLACKLIST DNS request for known malware domain jsshmz.gotoip4.com || cve,2010-3962
|
|
16615
|
+
18108 || BLACKLIST DNS request for known malware domain phoroshop.es || cve,2010-3962
|
|
16616
|
+
18109 || BLACKLIST DNS request for known malware domain talk.cetizen.com || cve,2010-3962
|
|
16617
|
+
18110 || BLACKLIST DNS request for known malware domain tiantianzaixian.gotoip1.com || cve,2010-3962
|
|
16618
|
+
18111 || BLACKLIST DNS request for known malware domain v.9y9c.co.cc || cve,2010-3962
|
|
16619
|
+
18112 || BLACKLIST DNS request for known malware domain wenyixuan.3322.org. || cve,2010-3962
|
|
16620
|
+
18113 || BLACKLIST DNS request for known malware domain wusheng03.3322.org || cve,2010-3962
|
|
16621
|
+
18114 || BLACKLIST DNS request for known malware domain www.5fqq.com || cve,2010-3962
|
|
16622
|
+
18115 || BLACKLIST DNS request for known malware domain www.ajs2002.com || cve,2010-3962
|
|
16623
|
+
18116 || BLACKLIST DNS request for known malware domain www.bnbsoft.co.kr || cve,2010-3962
|
|
16624
|
+
18117 || BLACKLIST DNS request for known malware domain www.cineseoul.com || cve,2010-3962
|
|
16625
|
+
18118 || BLACKLIST DNS request for known malware domain www.hao1345.com || cve,2010-3962
|
|
16626
|
+
18119 || BLACKLIST DNS request for known malware domain www.ilbondrama.net || cve,2010-3962
|
|
16627
|
+
18120 || BLACKLIST DNS request for known malware domain www.iwebdy.net || cve,2010-3962
|
|
16628
|
+
18121 || BLACKLIST DNS request for known malware domain www.linzhiling123.com || cve,2010-3962
|
|
16629
|
+
18122 || BLACKLIST DNS request for known malware domain www.opusgame.com || cve,2010-3962
|
|
16630
|
+
18123 || BLACKLIST DNS request for known malware domain www.phoroshop.es || cve,2010-3962
|
|
16631
|
+
18124 || BLACKLIST DNS request for known malware domain www.sijianfeng.com || cve,2010-3962
|
|
16632
|
+
18125 || BLACKLIST DNS request for known malware domain www.tpydb.com || cve,2010-3962
|
|
16633
|
+
18126 || BLACKLIST DNS request for known malware domain www.tpydb.com || cve,2010-3962
|
|
16634
|
+
18127 || BLACKLIST DNS request for known malware domain www.univus.co.kr || cve,2010-3962
|
|
16635
|
+
18128 || BLACKLIST DNS request for known malware domain www.uwonderfull.com || cve,2010-3962
|
|
16636
|
+
18129 || BLACKLIST DNS request for known malware domain www.w22rt.com || cve,2010-3962
|
|
16637
|
+
18130 || BLACKLIST DNS request for known malware domain www.wwmei.com || cve,2010-3962
|
|
16638
|
+
18131 || BLACKLIST DNS request for known malware domain www.ybtour.co.kr || cve,2010-3962
|
|
16639
|
+
18132 || SPECIFIC-THREATS malware-associated JavaScript obfuscation function || url,labs.snort.org/docs/18132.html
|
|
16640
|
+
18133 || BLACKLIST DNS request for known malware domain www.001zs.com || cve,2010-3962
|
|
16641
|
+
18134 || BLACKLIST DNS request for known malware domain www.551sf.com || cve,2010-3962
|
|
16642
|
+
18135 || BLACKLIST DNS request for known malware domain www.555hd.com || cve,2010-3962
|
|
16643
|
+
18136 || BLACKLIST DNS request for known malware domain www.66xihu.com || cve,2010-3962
|
|
16644
|
+
18137 || BLACKLIST DNS request for known malware domain www.9292cs.cn || cve,2010-3962
|
|
16645
|
+
18138 || BLACKLIST DNS request for known malware domain www.chateaulegend.com || cve,2010-3962
|
|
16646
|
+
18139 || BLACKLIST DNS request for known malware domain www.china-aoben.com || cve,2010-3962
|
|
16647
|
+
18140 || BLACKLIST DNS request for known malware domain www.cqtjg.com || cve,2010-3962
|
|
16648
|
+
18141 || BLACKLIST DNS request for known malware domain www.dspenter.com || cve,2010-3962
|
|
16649
|
+
18142 || BLACKLIST DNS request for known malware domain www.eastadmin.com || cve,2010-3962
|
|
16650
|
+
18143 || BLACKLIST DNS request for known malware domain www.fp0755.cn || cve,2010-3962
|
|
16651
|
+
18144 || BLACKLIST DNS request for known malware domain www.fp0769.com || cve,2010-3962
|
|
16652
|
+
18145 || BLACKLIST DNS request for known malware domain www.fp360.net || cve,2010-3962
|
|
16653
|
+
18146 || BLACKLIST DNS request for known malware domain www.gdfp365.cn || cve,2010-3962
|
|
16654
|
+
18147 || BLACKLIST DNS request for known malware domain www.gev.cn || cve,2010-3962
|
|
16655
|
+
18148 || BLACKLIST DNS request for known malware domain www.haoleyou.com || cve,2010-3962
|
|
16656
|
+
18149 || BLACKLIST DNS request for known malware domain www.haosf08.com || cve,2010-3962
|
|
16657
|
+
18150 || BLACKLIST DNS request for known malware domain www.jxbaike.com || cve,2010-3962
|
|
16658
|
+
18151 || BLACKLIST DNS request for known malware domain www.kingsoftduba2009.com || cve,2010-3962
|
|
16659
|
+
18152 || BLACKLIST DNS request for known malware domain www.mainhu.com || cve,2010-3962
|
|
16660
|
+
18153 || BLACKLIST DNS request for known malware domain www.maoyiren.com || cve,2010-3962
|
|
16661
|
+
18154 || BLACKLIST DNS request for known malware domain www.nc57.com || cve,2010-3962
|
|
16662
|
+
18155 || BLACKLIST DNS request for known malware domain www.pplog.cn || cve,2010-3962
|
|
16663
|
+
18156 || BLACKLIST DNS request for known malware domain www.pxflm.com || cve,2010-3962
|
|
16664
|
+
18157 || BLACKLIST DNS request for known malware domain www.quyou365.com || cve,2010-3962
|
|
16665
|
+
18158 || BLACKLIST DNS request for known malware domain www.shzhaotian.cn || cve,2010-3962
|
|
16666
|
+
18159 || BLACKLIST DNS request for known malware domain www.soanala.com || cve,2010-3962
|
|
16667
|
+
18160 || BLACKLIST DNS request for known malware domain www.stony-skunk.com || cve,2010-3962
|
|
16668
|
+
18161 || BLACKLIST DNS request for known malware domain www.street08.com || cve,2010-3962
|
|
16669
|
+
18162 || BLACKLIST DNS request for known malware domain www.weilingcy.com || cve,2010-3962
|
|
16670
|
+
18163 || BLACKLIST DNS request for known malware domain www.yisaa.com || cve,2010-3962
|
|
16671
|
+
18164 || BLACKLIST DNS request for known malware domain www.yx240.com || cve,2010-3962
|
|
16672
|
+
18165 || BLACKLIST DNS request for known malware domain e.mssm.com || cve,2010-3962
|
|
16673
|
+
18166 || BLACKLIST DNS request for known malware domain dfgdd.9y6c.co.cc || cve,2010-3962
|
|
16674
|
+
18167 || WEB-CLIENT Possible generic javascript heap spray attempt || bugtraq,35660
|
|
16675
|
+
18168 || WEB-CLIENT Possible generic javascript heap spray attempt || bugtraq,35660
|
|
16676
|
+
18169 || WEB-ACTIVEX WinZip FileView 6.1 ActiveX function call unicode access || bugtraq,21060 || bugtraq,21108 || cve,2006-3890 || cve,2006-5198 || url,www.winzip.com/wz7245.htm
|
|
16677
|
+
18170 || SPECIFIC-THREATS Mozilla Firefox and SeaMonkey onUnload event handler memory corruption attempt || bugtraq,22679 || cve,2007-1092
|
|
16678
|
+
18171 || EXPLOIT Multiple product mailto uri handling code execution attempt || bugtraq,25053 || bugtraq,25945 || cve,2007-3845 || cve,2007-3896 || cve,2007-4041 || url,www.microsoft.com/technet/security/advisory/943521.mspx || url,www.microsoft.com/technet/security/bulletin/ms07-057.mspx
|
|
16679
|
+
18172 || EXPLOIT Multiple product mailto uri handling code execution attempt || bugtraq,25053 || bugtraq,25945 || cve,2007-3845 || cve,2007-3896 || cve,2007-4041 || url,www.microsoft.com/technet/security/advisory/943521.mspx || url,www.microsoft.com/technet/security/bulletin/ms07-057.mspx
|
|
16680
|
+
18173 || EXPLOIT Multiple product mailto uri handling code execution attempt || bugtraq,25053 || bugtraq,25945 || cve,2007-3845 || cve,2007-3896 || cve,2007-4041 || url,www.microsoft.com/technet/security/advisory/943521.mspx || url,www.microsoft.com/technet/security/bulletin/ms07-057.mspx
|
|
16681
|
+
18174 || SPECIFIC-THREATS Microsoft Internet Explorer CSS memory corruption attempt || bugtraq,10816 || cve,2004-0842
|
|
16682
|
+
18175 || SPECIFIC-THREATS Microsoft Internet Explorer CSS memory corruption attempt || bugtraq,10816 || cve,2004-0842
|
|
16683
|
+
18176 || SPECIFIC-THREATS Mozilla browsers memory corruption simultaneous XPCOM events code execution attempt || bugtraq,19197 || cve,2006-3113
|
|
16684
|
+
18177 || SPECIFIC-THREATS Mozilla browsers memory corruption simultaneous XPCOM events code execution attempt || bugtraq,19197 || cve,2006-3113
|
|
16685
|
+
18178 || SPECIFIC-THREATS Mozilla browsers memory corruption simultaneous XPCOM events code execution attempt || bugtraq,19197 || cve,2006-3113
|
|
16686
|
+
18179 || SCAN Proxyfire.net anonymous proxy scan || url,www.proxyfire.net/index.php
|
|
16687
|
+
18181 || SPECIFIC-THREATS ProFTPd 1.3.3c backdoor activity || url,sourceforge.net/mailarchive/message.php?msg_name=alpine.DEB.2.00.1012011542220.12930%40familiar.castaglia.org || url,xorl.wordpress.com/2010/12/02/news-proftpd-owned-and-backdoored/
|
|
16688
|
+
18182 || SPECIFIC-THREATS ProFTPd 1.3.3c backdoor help access attempt || url,sourceforge.net/mailarchive/message.php?msg_name=alpine.DEB.2.00.1012011542220.12930%40familiar.castaglia.org || url,xorl.wordpress.com/2010/12/02/news-proftpd-owned-and-backdoored/
|
|
16689
|
+
18183 || BLACKLIST DNS request for known malware domain mailzou.com || cve,2010-3962
|
|
16690
|
+
18184 || BLACKLIST DNS request for known malware domain dnf.gametime.co.kr || cve,2010-3962
|
|
16691
|
+
18185 || BLACKLIST DNS request for known malware domain www.dd0415.net || cve,2010-3962
|
|
16692
|
+
18186 || SPECIFIC-THREATS Mozilla products -moz-grid and -moz-grid-group display styles code execution attempt || bugtraq,17516 || cve,2006-1738
|
|
16693
|
+
18187 || SPECIFIC-THREATS Mozilla Firefox InstallTrigger.install memory corruption attempt || bugtraq,17516 || cve,2006-1790
|
|
16694
|
+
18188 || SPECIFIC-THREATS Multiple browser marquee tag denial of service attempt || bugtraq,18165 || cve,2006-2723
|
|
16695
|
+
18189 || NETBIOS DCERPC NCACN-IP-TCP netdfs NetrDfsEnum attempt || bugtraq,24198 || cve,2007-2446
|
|
16696
|
+
18190 || NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum attempt || bugtraq,24198 || cve,2007-2446
|
|
16697
|
+
18191 || NETBIOS DCERPC NCACN-IP-TCP netdfs NetrDfsEnum attempt || bugtraq,24198 || cve,2007-2446
|
|
16698
|
+
18192 || NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum attempt || bugtraq,24198 || cve,2007-2446
|
|
16699
|
+
18193 || SPECIFIC-THREATS Microsoft Internet Explorer cross domain information disclosure attempt || bugtraq,18682 || cve,2006-3280
|
|
16700
|
+
18194 || SPECIFIC-THREATS Microsoft Internet Explorer cross domain information disclosure attempt || bugtraq,18682 || cve,2006-3280
|
|
16701
|
+
18195 || SPECIFIC-THREATS SMB Negotiate Protocol response DoS attempt || cve,2009-3676 || url,www.microsoft.com/technet/security/bulletin/MS10-020.mspx
|
|
16702
|
+
18196 || WEB-CLIENT Microsoft Internet Explorer CSS importer use-after-free attempt || url,seclists.org/fulldisclosure/2010/Dec/110 || url,www.vupen.com/english/advisories/2010/3156
|
|
16703
|
+
18228 || DELETED WEB-MISC Microsoft FlashPix file download
|
|
16704
|
+
18232 || DELETED WEB-MISC Microsoft OpenType Font file download
|
|
16705
|
+
18234 || WEB-MISC QuickDraw/PICT file download request
|
|
16706
|
+
18239 || WEB-CLIENT known malicious JavaScript decryption routine
|
|
16707
|
+
18240 || WEB-CLIENT Microsoft Internet Explorer CSS importer use-after-free attempt || url,seclists.org/fulldisclosure/2010/Dec/110 || url,www.vupen.com/english/advisories/2010/3156
|
|
16708
|
+
18241 || WEB-ACTIVEX Microsoft WMI Administrator Tools Object Viewer ActiveX clsid access || url,secunia.com/advisories/42693/
|
|
16709
|
+
18242 || WEB-ACTIVEX Microsoft WMI Administrator Tools Object Viewer ActiveX function call access || url,secunia.com/advisories/42693/
|
|
16710
|
+
18243 || SPECIFIC-THREATS Microsoft Windows 7 IIS7.5 FTPSVC buffer overflow attempt || bugtraq,45542
|