unified2 0.1.2 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- data/README.rdoc +5 -7
- data/example/connect.rb +20 -0
- data/example/example.rb +59 -28
- data/example/models.rb +196 -0
- data/example/search.rb +14 -0
- data/example/{classification.config → seeds/classification.config} +0 -0
- data/example/{gen-msg.map → seeds/gen-msg.map} +0 -0
- data/example/{sid-msg.map → seeds/sid-msg.map} +1086 -182
- data/example/{unified2 → seeds/unified2} +0 -0
- data/lib/unified2/classification.rb +2 -2
- data/lib/unified2/config_file.rb +80 -0
- data/lib/unified2/event.rb +30 -22
- data/lib/unified2/payload.rb +3 -1
- data/lib/unified2/signature.rb +2 -2
- data/lib/unified2/version.rb +1 -1
- data/lib/unified2.rb +10 -59
- metadata +12 -34
@@ -347,23 +347,23 @@
|
|
347
347
|
465 || ICMP ISS Pinger || arachnids,158
|
348
348
|
466 || ICMP L3retriever Ping || arachnids,311
|
349
349
|
467 || ICMP Nemesis v1.1 Echo || arachnids,449
|
350
|
-
469 || ICMP PING NMAP || arachnids,162
|
351
|
-
471 || ICMP icmpenum v1.1.1 || arachnids,450
|
352
|
-
472 || ICMP redirect host || arachnids,135 || cve,1999-0265
|
353
|
-
473 || ICMP redirect net || arachnids,199 || cve,1999-0265
|
350
|
+
469 || DELETED ICMP PING NMAP || arachnids,162
|
351
|
+
471 || DELETED ICMP icmpenum v1.1.1 || arachnids,450
|
352
|
+
472 || DELETED ICMP redirect host || arachnids,135 || cve,1999-0265
|
353
|
+
473 || DELETED ICMP redirect net || arachnids,199 || cve,1999-0265
|
354
354
|
474 || ICMP superscan echo
|
355
|
-
475 || ICMP traceroute ipopts || arachnids,238
|
355
|
+
475 || DELETED ICMP traceroute ipopts || arachnids,238
|
356
356
|
476 || ICMP webtrends scanner || arachnids,307
|
357
|
-
477 || ICMP Source Quench
|
358
|
-
478 || ICMP Broadscan Smurf Scanner
|
357
|
+
477 || DELETED ICMP Source Quench || bugtraq,13124 || cve,2004-0791
|
358
|
+
478 || DELETED ICMP Broadscan Smurf Scanner
|
359
359
|
480 || ICMP PING speedera
|
360
360
|
481 || ICMP TJPingPro1.1Build 2 Windows || arachnids,167
|
361
361
|
482 || ICMP PING WhatsupGold Windows || arachnids,168
|
362
362
|
483 || ICMP PING CyberKit 2.2 Windows || arachnids,154
|
363
363
|
484 || ICMP PING Sniffer Pro/NetXRay network scan
|
364
|
-
485 || ICMP Destination Unreachable Communication Administratively Prohibited
|
365
|
-
486 || ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited
|
366
|
-
487 || ICMP Destination Unreachable Communication with Destination Network is Administratively Prohibited
|
364
|
+
485 || DELETED ICMP Destination Unreachable Communication Administratively Prohibited
|
365
|
+
486 || DELETED ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited
|
366
|
+
487 || DELETED ICMP Destination Unreachable Communication with Destination Network is Administratively Prohibited
|
367
367
|
488 || DELETED INFO Connection Closed MSG from Port 80
|
368
368
|
489 || FTP no password || arachnids,322
|
369
369
|
490 || POLICY battle-mail traffic
|
@@ -376,9 +376,9 @@
|
|
376
376
|
497 || ATTACK-RESPONSES file copied ok || bugtraq,1806 || cve,2000-0884
|
377
377
|
498 || ATTACK-RESPONSES id check returned root
|
378
378
|
499 || DELETED ICMP Large ICMP Packet || arachnids,246
|
379
|
-
500 || MISC source route lsrr || arachnids,418 || bugtraq,646 || cve,1999-0510 || cve,1999-0909 || url,www.microsoft.com/technet/security/bulletin/MS99-038.mspx
|
380
|
-
501 || MISC source route lsrre || arachnids,420 || bugtraq,646 || cve,1999-0909 || url,www.microsoft.com/technet/security/bulletin/MS99-038.mspx
|
381
|
-
502 || MISC source route ssrr || cve,1999-0510
|
379
|
+
500 || DELETED MISC source route lsrr || arachnids,418 || bugtraq,646 || cve,1999-0510 || cve,1999-0909 || url,www.microsoft.com/technet/security/bulletin/MS99-038.mspx
|
380
|
+
501 || DELETED MISC source route lsrre || arachnids,420 || bugtraq,646 || cve,1999-0909 || url,www.microsoft.com/technet/security/bulletin/MS99-038.mspx
|
381
|
+
502 || DELETED MISC source route ssrr || cve,1999-0510
|
382
382
|
503 || DELETED MISC Source Port 20 to <1024 || arachnids,06
|
383
383
|
504 || DELETED MISC source port 53 to <1024 || arachnids,07
|
384
384
|
505 || MISC Insecure TIMBUKTU Password || arachnids,229
|
@@ -396,11 +396,11 @@
|
|
396
396
|
518 || TFTP Put || arachnids,148 || cve,1999-0183
|
397
397
|
519 || TFTP parent directory || arachnids,137 || cve,1999-0183 || cve,2002-1209
|
398
398
|
520 || TFTP root directory || arachnids,138 || cve,1999-0183
|
399
|
-
521 || MISC Large UDP Packet || arachnids,247
|
399
|
+
521 || DELETED MISC Large UDP Packet || arachnids,247
|
400
400
|
522 || DELETED MISC Tiny Fragments
|
401
|
-
523 || BAD-TRAFFIC ip reserved bit set
|
402
|
-
524 || BAD-TRAFFIC tcp port 0 traffic
|
403
|
-
525 || BAD-TRAFFIC udp port 0 traffic || bugtraq,576 || cve,1999-0675 || nessus,10074
|
401
|
+
523 || DELETED BAD-TRAFFIC ip reserved bit set
|
402
|
+
524 || DELETED BAD-TRAFFIC tcp port 0 traffic
|
403
|
+
525 || DELETED BAD-TRAFFIC udp port 0 traffic || bugtraq,576 || cve,1999-0675 || nessus,10074
|
404
404
|
526 || DELETED BAD-TRAFFIC data in TCP SYN packet || url,www.cert.org/incident_notes/IN-99-07.html
|
405
405
|
527 || DELETED BAD-TRAFFIC same SRC/DST || bugtraq,2666 || cve,1999-0016 || url,www.cert.org/advisories/CA-1997-28.html
|
406
406
|
528 || DELETED BAD-TRAFFIC loopback traffic || url,www.sans.org/reading_room/whitepapers/firewalls/1059.php
|
@@ -552,7 +552,7 @@
|
|
552
552
|
677 || SQL sp_password password change
|
553
553
|
678 || SQL sp_delete_alert log file deletion
|
554
554
|
679 || SQL sp_adduser database user creation
|
555
|
-
680 || SQL sa login failed || bugtraq,4797 || cve,2000-1209
|
555
|
+
680 || DELETED SQL sa login failed || bugtraq,4797 || cve,2000-1209
|
556
556
|
681 || SQL xp_cmdshell program execution || bugtraq,5309
|
557
557
|
682 || DELETED SQL xp_enumresultset possible buffer overflow || bugtraq,2031 || cve,2000-1082 || url,www.microsoft.com/technet/security/bulletin/MS00-092.mspx
|
558
558
|
683 || SQL sp_password - password change
|
@@ -1131,7 +1131,7 @@
|
|
1131
1131
|
1274 || RPC portmap ttdbserv request TCP || arachnids,24 || bugtraq,122 || bugtraq,3382 || cve,1999-0003 || cve,1999-0687 || cve,1999-1075 || cve,2001-0717 || url,www.cert.org/advisories/CA-2001-05.html
|
1132
1132
|
1275 || RPC portmap yppasswd request TCP || arachnids,14
|
1133
1133
|
1276 || RPC portmap ypserv request TCP || arachnids,12 || bugtraq,5914 || bugtraq,6016 || cve,2000-1042 || cve,2000-1043 || cve,2002-1232
|
1134
|
-
1277 || RPC portmap ypupdated request UDP || bugtraq,1749 || cve,1999-0208
|
1134
|
+
1277 || RPC portmap ypupdated request UDP || bugtraq,1749 || bugtraq,28383 || cve,1999-0208
|
1135
1135
|
1278 || DELETED RPC rstatd query || arachnids,9
|
1136
1136
|
1279 || RPC portmap snmpXdmi request UDP || bugtraq,2417 || cve,2001-0236 || nessus,10659 || url,www.cert.org/advisories/CA-2001-05.html
|
1137
1137
|
1280 || RPC portmap listing UDP 111 || arachnids,428
|
@@ -1469,13 +1469,13 @@
|
|
1469
1469
|
1624 || FTP PWD overflow attempt
|
1470
1470
|
1625 || FTP SYST overflow attempt || url,www.faqs.org/rfcs/rfc959.html
|
1471
1471
|
1626 || WEB-IIS /StoreCSVS/InstantOrder.asmx request
|
1472
|
-
1627 || BAD-TRAFFIC Unassigned/Reserved IP protocol || url,www.iana.org/assignments/protocol-numbers
|
1472
|
+
1627 || DELETED BAD-TRAFFIC Unassigned/Reserved IP protocol || url,www.iana.org/assignments/protocol-numbers
|
1473
1473
|
1628 || WEB-CGI FormHandler.cgi directory traversal attempt attempt || bugtraq,798 || bugtraq,799 || cve,1999-1050 || nessus,10075
|
1474
1474
|
1629 || DELETED SecureNetPro traffic
|
1475
1475
|
1631 || CHAT AIM login
|
1476
1476
|
1632 || DELETED CHAT AIM send message
|
1477
1477
|
1633 || CHAT AIM receive message
|
1478
|
-
1634 || POP3 PASS overflow attempt || bugtraq,791 || cve,1999-1511 || nessus,10325
|
1478
|
+
1634 || POP3 PASS overflow attempt || bugtraq,21645 || bugtraq,791 || cve,1999-1511 || cve,2006-6605 || nessus,10325
|
1479
1479
|
1635 || POP3 APOP overflow attempt || bugtraq,1652 || cve,2000-0840 || cve,2000-0841 || nessus,10559
|
1480
1480
|
1636 || MISC Xtramail Username overflow attempt || bugtraq,791 || cve,1999-1511 || nessus,10323
|
1481
1481
|
1637 || WEB-CGI yabb access || arachnids,462 || bugtraq,1668 || cve,2000-0853 || nessus,10512
|
@@ -1575,7 +1575,7 @@
|
|
1575
1575
|
1731 || WEB-CGI a1stats access || bugtraq,2705 || cve,2001-0561 || nessus,10669
|
1576
1576
|
1732 || RPC portmap rwalld request UDP || bugtraq,205 || cve,1999-0181
|
1577
1577
|
1733 || RPC portmap rwalld request TCP || bugtraq,205 || cve,1999-0181
|
1578
|
-
1734 || FTP USER overflow attempt || bugtraq,10078 || bugtraq,10720 || bugtraq,1227 || bugtraq,1504 || bugtraq,1690 || bugtraq,22044 || bugtraq,22045 || bugtraq,4638 || bugtraq,7307 || bugtraq,8376 || cve,1999-1510 || cve,1999-1514 || cve,1999-1519 || cve,1999-1539 || cve,2000-0479 || cve,2000-0656 || cve,2000-0761 || cve,2000-0943 || cve,2000-1035 || cve,2000-1194 || cve,2001-0256 || cve,2001-0794 || cve,2001-0826 || cve,2002-0126 || cve,2002-1522 || cve,2003-0271 || cve,2004-0286
|
1578
|
+
1734 || FTP USER overflow attempt || bugtraq,10078 || bugtraq,10720 || bugtraq,1227 || bugtraq,1504 || bugtraq,15352 || bugtraq,1690 || bugtraq,22044 || bugtraq,22045 || bugtraq,4638 || bugtraq,7307 || bugtraq,8376 || cve,1999-1510 || cve,1999-1514 || cve,1999-1519 || cve,1999-1539 || cve,2000-0479 || cve,2000-0656 || cve,2000-0761 || cve,2000-0943 || cve,2000-1035 || cve,2000-1194 || cve,2001-0256 || cve,2001-0794 || cve,2001-0826 || cve,2002-0126 || cve,2002-1522 || cve,2003-0271 || cve,2004-0286 || cve,2005-2123 || cve,2005-3683
|
1579
1579
|
1735 || WEB-CLIENT XMLHttpRequest attempt || bugtraq,4628 || cve,2002-0354
|
1580
1580
|
1736 || WEB-PHP squirrel mail spell-check arbitrary command attempt || bugtraq,3952
|
1581
1581
|
1737 || WEB-PHP squirrel mail theme arbitrary command attempt || bugtraq,4385 || cve,2002-0516
|
@@ -1690,7 +1690,7 @@
|
|
1690
1690
|
1862 || WEB-CGI mrtg.cgi directory traversal attempt || bugtraq,4017 || cve,2002-0232 || nessus,11001
|
1691
1691
|
1864 || FTP SITE NEWER attempt || cve,1999-0880 || nessus,10319
|
1692
1692
|
1865 || WEB-CGI webdist.cgi arbitrary command attempt || bugtraq,374 || cve,1999-0039 || nessus,10299
|
1693
|
-
1866 || POP3 USER overflow attempt || bugtraq,11256 || bugtraq,789 || cve,1999-0494 || nessus,10311
|
1693
|
+
1866 || POP3 USER overflow attempt || bugtraq,11256 || bugtraq,19651 || bugtraq,789 || cve,1999-0494 || cve,2006-4364 || nessus,10311
|
1694
1694
|
1867 || MISC xdmcp info query || nessus,10891
|
1695
1695
|
1868 || WEB-CGI story.pl arbitrary file read attempt || bugtraq,3028 || cve,2001-0804 || nessus,10817
|
1696
1696
|
1869 || WEB-CGI story.pl access || bugtraq,3028 || cve,2001-0804 || nessus,10817
|
@@ -1765,7 +1765,7 @@
|
|
1765
1765
|
1938 || POP3 XTND overflow attempt
|
1766
1766
|
1939 || MISC bootp hardware address length overflow || cve,1999-0798
|
1767
1767
|
1940 || MISC bootp invalid hardware type || cve,1999-0798
|
1768
|
-
1941 || TFTP GET filename overflow attempt || bugtraq,22923 || bugtraq,5328 || cve,2002-0813 || nessus,18264
|
1768
|
+
1941 || TFTP GET filename overflow attempt || bugtraq,22923 || bugtraq,36121 || bugtraq,5328 || cve,2002-0813 || cve,2009-2957 || nessus,18264
|
1769
1769
|
1942 || FTP RMDIR overflow attempt || bugtraq,819
|
1770
1770
|
1943 || WEB-MISC /Carello/add.exe access || bugtraq,1245 || cve,2000-0396 || nessus,11776
|
1771
1771
|
1944 || WEB-MISC /ecscripts/ecware.exe access || bugtraq,6066
|
@@ -1796,11 +1796,11 @@
|
|
1796
1796
|
1969 || WEB-MISC ion-p access || bugtraq,6091 || cve,2002-1559 || nessus,11729
|
1797
1797
|
1970 || WEB-IIS MDAC Content-Type overflow attempt || bugtraq,6214 || cve,2002-1142 || nessus,11161 || url,www.foundstone.com/knowledge/randd-advisories-display.html?id=337 || url,www.microsoft.com/technet/security/bulletin/MS02-065.mspx || url,www.microsoft.com/technet/security/bulletin/MS98-004.mspx
|
1798
1798
|
1971 || FTP SITE EXEC format string attempt || bugtraq,1387 || bugtraq,1505
|
1799
|
-
1972 || FTP PASS overflow attempt || bugtraq,10078 || bugtraq,10720 || bugtraq,1690 || bugtraq,22045 || bugtraq,3884 || bugtraq,8601 || bugtraq,9285 || cve,1999-1519 || cve,1999-1539 || cve,2000-1035 || cve,2002-0126 || cve,2002-0895
|
1800
|
-
1973 || FTP MKD overflow attempt || bugtraq,11772 || bugtraq,39041 || bugtraq,612 || bugtraq,7278 || bugtraq,9872 || cve,1999-0911 || cve,2009-3023 || cve,2010-0625 || nessus,12108 || url,www.kb.cert.org/vuls/id/276653 || url,www.microsoft.com/technet/security/bulletin/MS09-053
|
1799
|
+
1972 || FTP PASS overflow attempt || bugtraq,10078 || bugtraq,10720 || bugtraq,15457 || bugtraq,1690 || bugtraq,22045 || bugtraq,3884 || bugtraq,8601 || bugtraq,9285 || cve,1999-1519 || cve,1999-1539 || cve,2000-1035 || cve,2002-0126 || cve,2002-0895 || cve,2005-3683
|
1800
|
+
1973 || FTP MKD overflow attempt || bugtraq,11772 || bugtraq,15457 || bugtraq,39041 || bugtraq,612 || bugtraq,7278 || bugtraq,9872 || cve,1999-0911 || cve,2005-3683 || cve,2009-3023 || cve,2010-0625 || nessus,12108 || url,www.kb.cert.org/vuls/id/276653 || url,www.microsoft.com/technet/security/bulletin/MS09-053.mspx
|
1801
1801
|
1974 || FTP REST overflow attempt || bugtraq,2972 || cve,2001-0826 || nessus,11755
|
1802
|
-
1975 || FTP DELE overflow attempt || bugtraq,2972 || cve,2001-0826 || cve,2001-1021 || nessus,11755
|
1803
|
-
1976 || FTP RMD overflow attempt || bugtraq,2972 || bugtraq,39041 || cve,2000-0133 || cve,2001-0826 || cve,2001-1021 || cve,2010-0625
|
1802
|
+
1975 || FTP DELE overflow attempt || bugtraq,15457 || bugtraq,2972 || cve,2001-0826 || cve,2001-1021 || cve,2005-3683 || nessus,11755
|
1803
|
+
1976 || FTP RMD overflow attempt || bugtraq,15457 || bugtraq,2972 || bugtraq,39041 || cve,2000-0133 || cve,2001-0826 || cve,2001-1021 || cve,2005-3683 || cve,2010-0625
|
1804
1804
|
1977 || WEB-MISC xp_regwrite attempt
|
1805
1805
|
1978 || WEB-MISC xp_regdeletekey attempt
|
1806
1806
|
1979 || WEB-MISC perl post attempt || bugtraq,5520 || cve,2002-1436 || nessus,11158
|
@@ -1817,7 +1817,7 @@
|
|
1817
1817
|
1990 || CHAT MSN user search
|
1818
1818
|
1991 || CHAT MSN login attempt
|
1819
1819
|
1992 || FTP LIST directory traversal attempt || bugtraq,2618 || cve,2001-0680 || cve,2002-1054 || nessus,11112
|
1820
|
-
1993 || IMAP login literal buffer overflow attempt || bugtraq,21724 || bugtraq,6298 || cve,2002-1580 || cve,2006-6424 || nessus,12532
|
1820
|
+
1993 || IMAP login literal buffer overflow attempt || bugtraq,14718 || bugtraq,21724 || bugtraq,6298 || cve,2002-1580 || cve,2005-1758 || cve,2006-6424 || nessus,12532
|
1821
1821
|
1994 || WEB-CGI vpasswd.cgi access || bugtraq,6038 || nessus,11165
|
1822
1822
|
1995 || WEB-CGI alya.cgi access || nessus,11118
|
1823
1823
|
1996 || WEB-CGI viralator.cgi access || bugtraq,3495 || cve,2001-0849 || nessus,11107
|
@@ -1912,7 +1912,7 @@
|
|
1912
1912
|
2085 || WEB-CGI parse_xml.cgi access || bugtraq,6960 || cve,2003-0054
|
1913
1913
|
2086 || WEB-CGI streaming server parse_xml.cgi access || bugtraq,6960 || cve,2003-0054 || nessus,11278
|
1914
1914
|
2087 || SMTP From comment overflow attempt || bugtraq,6991 || cve,2002-1337 || url,www.kb.cert.org/vuls/id/398025
|
1915
|
-
2088 || RPC ypupdated arbitrary command attempt UDP || bugtraq,1749 || cve,1999-0208
|
1915
|
+
2088 || RPC ypupdated arbitrary command attempt UDP || bugtraq,1749 || bugtraq,28383 || cve,1999-0208
|
1916
1916
|
2089 || RPC ypupdated arbitrary command attempt TCP || bugtraq,1749 || cve,1999-0208
|
1917
1917
|
2090 || WEB-IIS WEBDAV exploit attempt || bugtraq,7116 || bugtraq,7716 || cve,2003-0109 || nessus,11413 || url,www.microsoft.com/technet/security/bulletin/ms03-007.mspx
|
1918
1918
|
2091 || WEB-IIS WEBDAV nessus safe scan attempt || bugtraq,7116 || cve,2003-0109 || nessus,11412 || nessus,11413 || url,www.microsoft.com/technet/security/bulletin/ms03-007.mspx
|
@@ -1926,7 +1926,7 @@
|
|
1926
1926
|
2103 || NETBIOS SMB Trans2 OPEN2 unicode maximum param count overflow attempt || cve,2003-0201
|
1927
1927
|
2104 || ATTACK-RESPONSES rexec username too long response || bugtraq,7459 || cve,2003-1097
|
1928
1928
|
2105 || IMAP authenticate literal overflow attempt || bugtraq,21724 || cve,1999-0042 || cve,2006-6424 || nessus,10292
|
1929
|
-
2106 || IMAP lsub overflow attempt || bugtraq,1110 || cve,2000-0284 || nessus,10374
|
1929
|
+
2106 || IMAP lsub overflow attempt || bugtraq,1110 || bugtraq,15006 || cve,2000-0284 || cve,2005-3155 || nessus,10374
|
1930
1930
|
2107 || IMAP create buffer overflow attempt || bugtraq,7446
|
1931
1931
|
2108 || POP3 CAPA overflow attempt
|
1932
1932
|
2109 || POP3 TOP overflow attempt
|
@@ -1938,7 +1938,7 @@
|
|
1938
1938
|
2115 || WEB-CGI album.pl access || bugtraq,7444 || nessus,11581
|
1939
1939
|
2116 || WEB-CGI chipcfg.cgi access || bugtraq,2767 || cve,2001-1341 || url,archives.neohapsis.com/archives/bugtraq/2001-05/0233.html
|
1940
1940
|
2117 || WEB-IIS Battleaxe Forum login.asp access || bugtraq,7416 || cve,2003-0215 || nessus,11548
|
1941
|
-
2118 || IMAP list overflow attempt || bugtraq,1110 || cve,2000-0284 || nessus,10374
|
1941
|
+
2118 || IMAP list overflow attempt || bugtraq,1110 || bugtraq,15006 || cve,2000-0284 || cve,2005-3155 || nessus,10374
|
1942
1942
|
2119 || IMAP rename literal overflow attempt || bugtraq,1110 || cve,2000-0284 || nessus,10374
|
1943
1943
|
2120 || IMAP create literal buffer overflow attempt || bugtraq,7446
|
1944
1944
|
2121 || POP3 DELE negative argument attempt || bugtraq,6053 || bugtraq,7445 || cve,2002-1539 || nessus,11570
|
@@ -2006,10 +2006,10 @@
|
|
2006
2006
|
2183 || SMTP Content-Transfer-Encoding overflow attempt || cve,2003-0161 || url,www.cert.org/advisories/CA-2003-12.html
|
2007
2007
|
2184 || RPC mountd TCP mount path overflow attempt || bugtraq,8179 || cve,2003-0252 || nessus,11800
|
2008
2008
|
2185 || RPC mountd UDP mount path overflow attempt || bugtraq,8179 || cve,2003-0252 || nessus,11800
|
2009
|
-
2186 || BAD-TRAFFIC IP Proto 53 SWIPE || bugtraq,8211 || cve,2003-0567 || nessus,11791
|
2010
|
-
2187 || BAD-TRAFFIC IP Proto 55 IP Mobility || bugtraq,8211 || cve,2003-0567 || nessus,11791
|
2011
|
-
2188 || BAD-TRAFFIC IP Proto 77 Sun ND || bugtraq,8211 || cve,2003-0567 || nessus,11791
|
2012
|
-
2189 || BAD-TRAFFIC IP Proto 103 PIM || bugtraq,8211 || cve,2003-0567 || nessus,11791
|
2009
|
+
2186 || DELETED BAD-TRAFFIC IP Proto 53 SWIPE || bugtraq,8211 || cve,2003-0567 || nessus,11791
|
2010
|
+
2187 || DELETED BAD-TRAFFIC IP Proto 55 IP Mobility || bugtraq,8211 || cve,2003-0567 || nessus,11791
|
2011
|
+
2188 || DELETED BAD-TRAFFIC IP Proto 77 Sun ND || bugtraq,8211 || cve,2003-0567 || nessus,11791
|
2012
|
+
2189 || DELETED BAD-TRAFFIC IP Proto 103 PIM || bugtraq,8211 || cve,2003-0567 || nessus,11791
|
2013
2013
|
2190 || NETBIOS DCERPC invalid bind attempt
|
2014
2014
|
2191 || NETBIOS SMB DCERPC invalid bind attempt
|
2015
2015
|
2192 || DELETED NETBIOS SMB ISystemActivator unicode alter context attempt
|
@@ -2098,7 +2098,7 @@
|
|
2098
2098
|
2275 || SMTP AUTH LOGON brute force attempt
|
2099
2099
|
2276 || WEB-MISC oracle portal demo access || nessus,11918
|
2100
2100
|
2277 || WEB-MISC PeopleSoft PeopleBooks psdoccgi access || bugtraq,9037 || bugtraq,9038 || cve,2003-0626 || cve,2003-0627
|
2101
|
-
2278 || WEB-MISC client negative Content-Length attempt || bugtraq,17879 || bugtraq,9098 || bugtraq,9476 || bugtraq,9576 || cve,2004-0095 || cve,2006-2162
|
2101
|
+
2278 || WEB-MISC client negative Content-Length attempt || bugtraq,16354 || bugtraq,17879 || bugtraq,9098 || bugtraq,9476 || bugtraq,9576 || cve,2004-0095 || cve,2005-3653 || cve,2006-2162
|
2102
2102
|
2279 || WEB-PHP UpdateClasses.php access || bugtraq,9057
|
2103
2103
|
2280 || WEB-PHP Title.php access || bugtraq,9057
|
2104
2104
|
2281 || WEB-PHP Setup.php access || bugtraq,9057 || cve,2009-1151
|
@@ -2158,7 +2158,7 @@
|
|
2158
2158
|
2335 || FTP RMD / attempt || bugtraq,9159
|
2159
2159
|
2336 || DELETED TFTP NULL command attempt || bugtraq,7575
|
2160
2160
|
2337 || TFTP PUT filename overflow attempt || bugtraq,22923 || bugtraq,7819 || bugtraq,8505 || cve,2003-0380 || nessus,18264
|
2161
|
-
2338 || FTP LIST buffer overflow attempt || bugtraq,10181 || bugtraq,33454 || bugtraq,6869 || bugtraq,7251 || bugtraq,7861 || bugtraq,8486 || bugtraq,9675 || cve,1999-0349 || cve,1999-1510 || cve,2000-0129 || cve,2007-0019 || url,www.microsoft.com/technet/security/bulletin/MS99-003.mspx
|
2161
|
+
2338 || FTP LIST buffer overflow attempt || bugtraq,10181 || bugtraq,33454 || bugtraq,6869 || bugtraq,7251 || bugtraq,7861 || bugtraq,8486 || bugtraq,9675 || cve,1999-0349 || cve,1999-1510 || cve,2000-0129 || cve,2007-0019 || cve,2009-0351 || url,www.microsoft.com/technet/security/bulletin/MS99-003.mspx
|
2162
2162
|
2339 || TFTP NULL command attempt || bugtraq,7575
|
2163
2163
|
2340 || FTP SITE CHMOD overflow attempt || bugtraq,10181 || bugtraq,9483 || bugtraq,9675 || cve,1999-0838 || nessus,12037
|
2164
2164
|
2341 || WEB-PHP DCP-Portal remote file include editor script attempt || bugtraq,6525
|
@@ -2169,7 +2169,7 @@
|
|
2169
2169
|
2346 || WEB-PHP myPHPNuke chatheader.php access || bugtraq,6544
|
2170
2170
|
2347 || WEB-PHP myPHPNuke partner.php access || bugtraq,6544
|
2171
2171
|
2348 || DELETED NETBIOS SMB-DS DCERPC print spool bind attempt
|
2172
|
-
2349 || NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters attempt
|
2172
|
+
2349 || NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters attempt || bugtraq,21220 || cve,2006-6114
|
2173
2173
|
2350 || DELETED NETBIOS SMB-DS ISystemActivator alter context attempt
|
2174
2174
|
2351 || DELETED NETBIOS SMB ISystemActivator RemoteCreateInstance unicode little endian attempt || bugtraq,8205 || cve,2003-0352 || url,www.microsoft.com/technet/security/bulletin/MS03-026.asp
|
2175
2175
|
2352 || DELETED NETBIOS SMB-DS v4 ISystemActivator RemoteCreateInstance unicode attempt || bugtraq,8205 || cve,2003-0352 || url,www.microsoft.com/technet/security/bulletin/MS03-026.asp
|
@@ -2209,10 +2209,10 @@
|
|
2209
2209
|
2386 || WEB-IIS NTLM ASN1 vulnerability scan attempt || bugtraq,9633 || bugtraq,9635 || cve,2003-0818 || nessus,12052 || nessus,12055 || nessus,12065 || url,www.microsoft.com/technet/security/bulletin/MS04-007.mspx
|
2210
2210
|
2387 || WEB-CGI view_broadcast.cgi access || bugtraq,8257 || cve,2003-0422
|
2211
2211
|
2388 || WEB-CGI streaming server view_broadcast.cgi access || bugtraq,8257 || cve,2003-0422
|
2212
|
-
2389 || FTP RNTO overflow attempt || bugtraq,8315 || cve,2000-0133 || cve,2001-1021 || cve,2003-0466
|
2212
|
+
2389 || FTP RNTO overflow attempt || bugtraq,15457 || bugtraq,8315 || cve,2000-0133 || cve,2001-1021 || cve,2003-0466 || cve,2005-3683
|
2213
2213
|
2390 || FTP STOU overflow attempt || bugtraq,8315 || cve,2003-0466
|
2214
2214
|
2391 || FTP APPE overflow attempt || bugtraq,8315 || bugtraq,8542 || cve,2000-0133 || cve,2003-0466 || cve,2003-0772
|
2215
|
-
2392 || FTP RETR overflow attempt || bugtraq,23168 || bugtraq,8315 || cve,2003-0466 || cve,2004-0287 || cve,2004-0298
|
2215
|
+
2392 || FTP RETR overflow attempt || bugtraq,15457 || bugtraq,23168 || bugtraq,8315 || cve,2003-0466 || cve,2004-0287 || cve,2004-0298 || cve,2005-3683
|
2216
2216
|
2393 || WEB-PHP /_admin access || bugtraq,9537 || nessus,12032
|
2217
2217
|
2394 || WEB-MISC Compaq web-based management agent denial of service attempt || bugtraq,8014
|
2218
2218
|
2395 || WEB-MISC InteractiveQuery.jsp access || bugtraq,8938 || cve,2003-0624
|
@@ -2237,7 +2237,7 @@
|
|
2237
2237
|
2414 || EXPLOIT ISAKMP initial contact notification without SPI attempt || bugtraq,9416 || bugtraq,9417 || cve,2004-0164
|
2238
2238
|
2415 || EXPLOIT ISAKMP second payload initial contact notification without SPI attempt || bugtraq,9416 || bugtraq,9417 || cve,2004-0164
|
2239
2239
|
2416 || FTP invalid MDTM command attempt || bugtraq,9751 || cve,2001-1021 || cve,2004-0330
|
2240
|
-
2417 || FTP format string attempt || bugtraq,9800 || cve,2002-2074
|
2240
|
+
2417 || FTP format string attempt || bugtraq,15352 || bugtraq,30993 || bugtraq,9800 || cve,2002-2074 || cve,2005-2123
|
2241
2241
|
2418 || MISC MS Terminal Server no encryption session initiation attempt || url,www.microsoft.com/technet/security/bulletin/MS01-052.mspx
|
2242
2242
|
2419 || MULTIMEDIA realplayer .ram playlist download attempt
|
2243
2243
|
2420 || MULTIMEDIA realplayer .rmp playlist download attempt
|
@@ -2255,12 +2255,12 @@
|
|
2255
2255
|
2432 || NNTP article post without path attempt
|
2256
2256
|
2433 || WEB-CGI MDaemon form2raw.cgi overflow attempt || bugtraq,9317 || cve,2003-1200 || url,secunia.com/advisories/10512/
|
2257
2257
|
2434 || WEB-CGI MDaemon form2raw.cgi access || bugtraq,9317 || cve,2003-1200 || url,secunia.com/advisories/10512/
|
2258
|
-
2435 || WEB-CLIENT Microsoft emf metafile access || bugtraq,10120 || bugtraq,9707 || cve,2003-0906 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || url,www.microsoft.com/technet/security/bulletin/MS04-032.mspx || url,www.microsoft.com/technet/security/bulletin/MS05-053.mspx || url,www.microsoft.com/technet/security/bulletin/MS06-001.mspx
|
2258
|
+
2435 || WEB-CLIENT Microsoft emf metafile access || bugtraq,10120 || bugtraq,28819 || bugtraq,9707 || cve,2003-0906 || cve,2007-5746 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || url,www.microsoft.com/technet/security/bulletin/MS04-032.mspx || url,www.microsoft.com/technet/security/bulletin/MS05-053.mspx || url,www.microsoft.com/technet/security/bulletin/MS06-001.mspx
|
2259
2259
|
2436 || WEB-CLIENT Microsoft wmf metafile access
|
2260
2260
|
2437 || DELETED WEB-CLIENT RealPlayer arbitrary javascript commnad attempt || bugtraq,8453 || bugtraq,9378 || cve,2003-0726
|
2261
|
-
2438 || WEB-CLIENT RealPlayer playlist file URL overflow attempt || bugtraq,9579 || cve,2004-0258
|
2262
|
-
2439 || WEB-CLIENT RealPlayer playlist http URL overflow attempt || bugtraq,9579 || cve,2004-0258
|
2263
|
-
2440 || WEB-CLIENT RealPlayer playlist rtsp URL overflow attempt || bugtraq,9579 || cve,2004-0258
|
2261
|
+
2438 || WEB-CLIENT RealPlayer playlist file URL overflow attempt || bugtraq,13264 || bugtraq,9579 || cve,2004-0258 || cve,2005-0755
|
2262
|
+
2439 || WEB-CLIENT RealPlayer playlist http URL overflow attempt || bugtraq,13264 || bugtraq,9579 || cve,2004-0258 || cve,2005-0755
|
2263
|
+
2440 || WEB-CLIENT RealPlayer playlist rtsp URL overflow attempt || bugtraq,13264 || bugtraq,9579 || cve,2004-0258 || cve,2005-0755
|
2264
2264
|
2441 || WEB-MISC NetObserve authentication bypass attempt || bugtraq,9319
|
2265
2265
|
2442 || WEB-MISC Quicktime User-Agent buffer overflow attempt || bugtraq,9735 || cve,2004-0169
|
2266
2266
|
2443 || DELETED EXPLOIT ICQ SRV_MULTI/SRV_META_USER first name overflow attempt || url,www.eeye.com/html/Research/Advisories/AD20040318.html
|
@@ -2390,7 +2390,7 @@
|
|
2390
2390
|
2567 || WEB-CGI Emumail init.emu access || bugtraq,9861 || nessus,12095
|
2391
2391
|
2568 || WEB-CGI Emumail emumail.fcgi access || bugtraq,9861 || nessus,12095
|
2392
2392
|
2569 || WEB-MISC cPanel resetpass access || bugtraq,9848 || cve,2004-1769
|
2393
|
-
2570 || WEB-MISC Invalid HTTP Version String || bugtraq,9809 || nessus,11593
|
2393
|
+
2570 || WEB-MISC Invalid HTTP Version String || bugtraq,34240 || bugtraq,9809 || cve,2009-0478 || nessus,11593
|
2394
2394
|
2571 || WEB-IIS SmarterTools SmarterMail frmGetAttachment.aspx access || bugtraq,9805
|
2395
2395
|
2572 || WEB-IIS SmarterTools SmarterMail login.aspx buffer overflow attempt || bugtraq,9805
|
2396
2396
|
2573 || WEB-IIS SmarterTools SmarterMail frmCompose.asp access || bugtraq,9805
|
@@ -2431,7 +2431,7 @@
|
|
2431
2431
|
2608 || ORACLE sysdbms_repcat_rgt.check_ddl_text buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck97.html
|
2432
2432
|
2609 || ORACLE dbms_repcat.cancel_statistics buffer overflow attempt
|
2433
2433
|
2610 || DELETED ORACLE cancel_statistics ordered sname/oname buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck633.html
|
2434
|
-
2611 || ORACLE LINK metadata buffer overflow attempt || bugtraq,7453 || cve,2003-0222 || nessus,11563 || url,archives.neohapsis.com/archives/bugtraq/2003-04/0360.html
|
2434
|
+
2611 || ORACLE LINK metadata buffer overflow attempt || bugtraq,12296 || bugtraq,7453 || cve,2003-0222 || cve,2005-0297 || nessus,11563 || url,archives.neohapsis.com/archives/bugtraq/2003-04/0360.html
|
2435
2435
|
2612 || ORACLE sys.dbms_repcat_auth.revoke_surrogate_repcat buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck97.html
|
2436
2436
|
2613 || DELETED ORACLE revoke_surrogate_repcat ordered userid buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck97.html
|
2437
2437
|
2614 || ORACLE time_zone buffer overflow attempt || bugtraq,9587 || cve,2003-1208 || nessus,12047 || url,www.nextgenss.com/advisories/ora_time_zone.txt
|
@@ -2826,7 +2826,7 @@
|
|
2826
2826
|
3004 || NETBIOS SMB-DS Session Setup NTMLSSP andx asn1 overflow attempt || bugtraq,9633 || bugtraq,9635 || cve,2003-0818 || nessus,12052 || nessus,12065 || url,www.microsoft.com/technet/security/bulletin/MS04-007.mspx
|
2827
2827
|
3005 || NETBIOS SMB-DS Session Setup NTMLSSP unicode andx asn1 overflow attempt || bugtraq,9633 || bugtraq,9635 || cve,2003-0818 || nessus,12052 || nessus,12065 || url,www.microsoft.com/technet/security/bulletin/MS04-007.mspx
|
2828
2828
|
3006 || EXPLOIT Volition Freespace 2 buffer overflow attempt || bugtraq,9785
|
2829
|
-
3007 || IMAP delete overflow attempt || bugtraq,11675 || cve,2004-1520 || nessus,15771
|
2829
|
+
3007 || IMAP delete overflow attempt || bugtraq,11675 || bugtraq,15006 || cve,2004-1520 || cve,2005-3155 || nessus,15771
|
2830
2830
|
3008 || IMAP delete literal overflow attempt || bugtraq,11675 || cve,2004-1520 || nessus,15771
|
2831
2831
|
3009 || BACKDOOR NetBus Pro 2.0 connection request
|
2832
2832
|
3010 || BACKDOOR RUX the Tick get windows directory attempt
|
@@ -2887,13 +2887,13 @@
|
|
2887
2887
|
3065 || IMAP append literal overflow attempt || bugtraq,11775 || cve,2004-1211 || nessus,15867
|
2888
2888
|
3066 || IMAP append overflow attempt || bugtraq,11775 || bugtraq,21729 || cve,2004-1211 || cve,2006-6425 || nessus,15867
|
2889
2889
|
3067 || IMAP examine literal overflow attempt || bugtraq,11775 || cve,2004-1211 || nessus,15867
|
2890
|
-
3068 || IMAP examine overflow attempt || bugtraq,11775 || cve,2004-1211 || nessus,15867
|
2890
|
+
3068 || IMAP examine overflow attempt || bugtraq,11775 || bugtraq,15006 || cve,2004-1211 || cve,2005-3155 || nessus,15867
|
2891
2891
|
3069 || IMAP fetch literal overflow attempt || bugtraq,11775 || cve,2004-1211 || nessus,15867
|
2892
2892
|
3070 || IMAP fetch overflow attempt || bugtraq,11775 || cve,2004-1211 || nessus,15867
|
2893
2893
|
3071 || IMAP status literal overflow attempt || bugtraq,11775 || bugtraq,15491 || cve,2004-1211 || nessus,15867
|
2894
|
-
3072 || IMAP status overflow attempt || bugtraq,11775 || bugtraq,13727 || bugtraq,14243 || bugtraq,15491 || cve,2004-1211 || cve,2005-1256 || cve,2005-2278 || nessus,15867
|
2894
|
+
3072 || IMAP status overflow attempt || bugtraq,11775 || bugtraq,13727 || bugtraq,14243 || bugtraq,15491 || cve,2004-1211 || cve,2005-1256 || cve,2005-2278 || cve,2005-3314 || nessus,15867
|
2895
2895
|
3073 || IMAP SUBSCRIBE literal overflow attempt || bugtraq,11775 || bugtraq,15488 || bugtraq,23050 || bugtraq,26219 || cve,2004-1211 || cve,2005-3189 || cve,2007-3510 || nessus,15867
|
2896
|
-
3074 || IMAP SUBSCRIBE overflow attempt || bugtraq,11775 || bugtraq,15488 || bugtraq,23050 || bugtraq,26219 || cve,2004-1211 || cve,2005-3189 || cve,2007-3510 || nessus,15867
|
2896
|
+
3074 || IMAP SUBSCRIBE overflow attempt || bugtraq,11775 || bugtraq,15488 || bugtraq,23050 || bugtraq,26219 || cve,2004-1211 || cve,2005-3189 || cve,2007-1579 || cve,2007-3510 || nessus,15867
|
2897
2897
|
3075 || IMAP unsubscribe literal overflow attempt || bugtraq,11775 || cve,2004-1211 || nessus,15867
|
2898
2898
|
3076 || IMAP UNSUBSCRIBE overflow attempt || bugtraq,11775 || bugtraq,15488 || cve,2004-1211 || cve,2005-3189 || nessus,15867
|
2899
2899
|
3077 || FTP RNFR overflow attempt || bugtraq,14339
|
@@ -3236,7 +3236,7 @@
|
|
3236
3236
|
3514 || ORACLE utl_file.fopen directory traversal attempt || bugtraq,12749
|
3237
3237
|
3515 || ORACLE utl_file.fremove directory traversal attempt || bugtraq,12749
|
3238
3238
|
3516 || ORACLE utl_file.frename directory traversal attempt || bugtraq,12749
|
3239
|
-
3517 || EXPLOIT Computer Associates license PUTOLF overflow attempt || bugtraq,12705 || cve,2005-
|
3239
|
+
3517 || EXPLOIT Computer Associates license PUTOLF overflow attempt || bugtraq,12705 || cve,2005-0582
|
3240
3240
|
3518 || WEB-MISC MySQL MaxDB WebSQL wppassword buffer overflow || bugtraq,12265 || cve,2005-0111 || url,www.osvdb.org/displayvuln.php?osvdb_id=12919
|
3241
3241
|
3519 || WEB-MISC MySQL MaxDB WebSQL wppassword buffer overflow default port || bugtraq,12265 || cve,2005-0111 || url,www.osvdb.org/displayvuln.php?osvdb_id=12919
|
3242
3242
|
3520 || EXPLOIT Computer Associates license GCR NETWORK overflow attempt || bugtraq,12705 || cve,2005-0581
|
@@ -3398,14 +3398,14 @@
|
|
3398
3398
|
3676 || WEB-MISC newsscript.pl admin attempt || bugtraq,12761 || cve,2005-0735 || nessus,17309
|
3399
3399
|
3677 || EXPLOIT Ethereal SIP UDP CSeq overflow attempt || bugtraq,13504 || cve,2005-1461 || nessus,18986 || url,www.ethereal.com/news/item_20050504_01.html
|
3400
3400
|
3678 || EXPLOIT Ethereal SIP UDP CSeq overflow attempt || bugtraq,13504 || cve,2005-1461 || nessus,18986 || url,www.ethereal.com/news/item_20050504_01.html
|
3401
|
-
3679 || WEB-CLIENT
|
3401
|
+
3679 || WEB-CLIENT Web-client IFRAME src javascript code execution || bugtraq,13544 || bugtraq,30560 || cve,2005-1476 || cve,2008-2939 || nessus,18243
|
3402
3402
|
3680 || P2P AOL Instant Messenger file send attempt
|
3403
3403
|
3681 || P2P AOL Instant Messenger file receive attempt
|
3404
3404
|
3682 || SMTP spoofed MIME-Type auto-execution attempt || bugtraq,2524 || cve,2001-0154 || url,www.microsoft.com/technet/security/bulletin/MS01-020.mspx
|
3405
3405
|
3683 || WEB-CLIENT spoofed MIME-Type auto-execution attempt || bugtraq,2524 || cve,2001-0154 || url,www.microsoft.com/technet/security/bulletin/MS01-020.mspx
|
3406
3406
|
3684 || DELETED WEB-CLIENT Bitmap Transfer
|
3407
3407
|
3685 || WEB-CLIENT bitmap BitmapOffset multipacket integer overflow attempt || bugtraq,9663 || cve,2004-0566 || url,www.microsoft.com/technet/security/bulletin/ms04-025.mspx
|
3408
|
-
3686 || WEB-CLIENT Microsoft Internet Explorer Content Advisor
|
3408
|
+
3686 || WEB-CLIENT Microsoft Internet Explorer Content Advisor memory corruption attempt || cve,2005-0555 || url,www.microsoft.com/technet/security/Bulletin/MS05-020.mspx
|
3409
3409
|
3687 || TELNET client ENV OPT USERVAR information disclosure || bugtraq,13940 || cve,2005-1205 || url,www.microsoft.com/technet/Security/bulletin/ms05-033.mspx
|
3410
3410
|
3688 || TELNET client ENV OPT VAR information disclosure || bugtraq,13940 || cve,2005-1205 || url,www.microsoft.com/technet/Security/bulletin/ms05-033.mspx
|
3411
3411
|
3689 || WEB-CLIENT Internet Explorer tRNS overflow attempt || bugtraq,13941 || cve,2005-1211 || nessus,18490 || url,www.microsoft.com/technet/security/bulletin/MS05-025.mspx
|
@@ -3413,7 +3413,7 @@
|
|
3413
3413
|
3691 || CHAT Yahoo Messenger Message
|
3414
3414
|
3692 || CHAT Yahoo Messenger File Transfer Initiation Request
|
3415
3415
|
3693 || WEB-MISC IBM WebSphere j_security_check overflow attempt || bugtraq,13853 || cve,2005-1872
|
3416
|
-
3694 || WEB-MISC Squid content length cache poisoning attempt || bugtraq,12412 || cve,2005-0174
|
3416
|
+
3694 || WEB-MISC Squid content length cache poisoning attempt || bugtraq,12412 || bugtraq,13956 || cve,2005-0174 || cve,2005-1215
|
3417
3417
|
3695 || EXPLOIT Veritas Backup Agent password overflow attempt || cve,2005-0773
|
3418
3418
|
3696 || EXPLOIT Veritas Backup Agent DoS attempt || bugtraq,14201 || cve,2005-0772
|
3419
3419
|
3697 || NETBIOS DCERPC NCACN-IP-TCP veritas bind attempt || bugtraq,14020 || cve,2005-0771 || url,www.idefense.com/application/poi/display?id=269&type=vulnerabilities
|
@@ -3537,7 +3537,7 @@
|
|
3537
3537
|
3815 || SMTP eXchange POP3 mail server overflow attempt || bugtraq,10180 || cve,2004-1945
|
3538
3538
|
3816 || WEB-MISC BadBlue ext.dll buffer overflow attempt || bugtraq,12673 || cve,2005-0595
|
3539
3539
|
3817 || TFTP GET transfer mode overflow attempt || bugtraq,13821 || cve,2005-1812
|
3540
|
-
3818 || TFTP PUT transfer mode overflow attempt || bugtraq,13821 || cve,2005-1812
|
3540
|
+
3818 || TFTP PUT transfer mode overflow attempt || bugtraq,13821 || bugtraq,21301 || cve,2005-1812 || cve,2006-6183
|
3541
3541
|
3819 || WEB-CLIENT multipacket CHM file transfer start
|
3542
3542
|
3820 || WEB-CLIENT multipacket CHM file transfer attempt || bugtraq,13953 || cve,2005-1208 || nessus,18482 || url,www.microsoft.com/technet/security/bulletin/ms05-026.mspx
|
3543
3543
|
3821 || WEB-CLIENT CHM file transfer attempt || bugtraq,13953 || cve,2005-1208 || nessus,18482 || url,www.microsoft.com/technet/security/bulletin/ms05-026.mspx
|
@@ -3845,7 +3845,7 @@
|
|
3845
3845
|
4123 || DELETED NETBIOS SMB-DS v4 umpnpmgr PNP_DetectResourceConflict unicode little endian andx attempt || bugtraq,14513 || cve,2005-1983 || url,www.microsoft.com/technet/security/bulletin/ms05-039.mspx
|
3846
3846
|
4124 || DELETED NETBIOS SMB-DS v4 umpnpmgr PNP_DetectResourceConflict unicode little endian attempt || bugtraq,14513 || cve,2005-1983 || url,www.microsoft.com/technet/security/bulletin/ms05-039.mspx
|
3847
3847
|
4125 || DELETED NETBIOS-DG SMB v4 umpnpmgr PNP_DetectResourceConflict unicode little endian andx attempt || url,www.microsoft.com/technet/security/bulletin/ms05-039.mspx
|
3848
|
-
4126 || EXPLOIT Veritas Backup Exec root connection attempt using default password hash || bugtraq,14551
|
3848
|
+
4126 || EXPLOIT Veritas Backup Exec root connection attempt using default password hash || bugtraq,14551 || cve,2005-2611
|
3849
3849
|
4127 || EXPLOIT Novell eDirectory Server iMonitor overflow attempt || bugtraq,14548 || cve,2005-2551
|
3850
3850
|
4128 || WEB-CGI 4DWebstar ShellExample.cgi information disclosure || bugtraq,10721 || url,www.atstake.com/research/advisories/2004/a071304-1.txt
|
3851
3851
|
4129 || EXPLOIT Novell ZenWorks Remote Management Agent large login packet DoS attempt || bugtraq,13678 || cve,2005-1543
|
@@ -3858,7 +3858,7 @@
|
|
3858
3858
|
4136 || WEB-CLIENT IE JPEG heap overflow multipacket attempt || bugtraq,14282 || bugtraq,14284 || cve,2005-1988 || url,www.microsoft.com/technet/security/bulletin/MS05-038.mspx
|
3859
3859
|
4140 || DOS tcpdump tcp LDP print zero length message denial of service attempt || bugtraq,13389 || cve,2005-1279 || url,www.frsirt.com/english/advisories/2005/0410
|
3860
3860
|
4141 || DOS tcpdump udp LDP print zero length message denial of service attempt || bugtraq,13389 || cve,2005-1279 || url,www.frsirt.com/english/advisories/2005/0410
|
3861
|
-
4142 || ORACLE reports servlet command execution attempt || url,www.red-database-security.com/advisory/oracle_forms_run_any_os_command.html || url,www.red-database-security.com/advisory/oracle_reports_run_any_os_command.html
|
3861
|
+
4142 || ORACLE reports servlet command execution attempt || bugtraq,14316 || cve,2005-2371 || url,www.red-database-security.com/advisory/oracle_forms_run_any_os_command.html || url,www.red-database-security.com/advisory/oracle_reports_run_any_os_command.html
|
3862
3862
|
4143 || EXPLOIT lpd receive printer job cascade adaptor protocol request
|
3863
3863
|
4144 || EXPLOIT lpd Solaris control file upload attempt
|
3864
3864
|
4145 || WEB-ACTIVEX Windows Trouble Shooter ActiveX Object Access || bugtraq,8833 || cve,2003-0662 || url,www.microsoft.com/technet/security/bulletin/MS03-042.mspx
|
@@ -3886,7 +3886,7 @@
|
|
3886
3886
|
4167 || WEB-ACTIVEX MSN Heartbeat ActiveX clsid access || bugtraq,11367 || url,www.microsoft.com/technet/security/bulletin/MS04-038.mspx || url,www.microsoft.com/technet/security/bulletin/MS07-069.mspx
|
3887
3887
|
4168 || WEB-ACTIVEX Shell Automation Service ActiveX Object Access || bugtraq,9335
|
3888
3888
|
4169 || WEB-ACTIVEX Internet Explorer Active Setup ActiveX Object Access || bugtraq,667 || url,www.microsoft.com/technet/security/bulletin/MS99-037.mspx
|
3889
|
-
4170 || WEB-ACTIVEX Office 2000 and 2002 Web Components Data Source Control ActiveX clsid access || bugtraq,4449 || cve,2002-0727 || cve,2007-1201 || url,www.microsoft.com/technet/security/Bulletin/MS08-017.mspx || url,www.microsoft.com/technet/security/bulletin/MS02-044.mspx
|
3889
|
+
4170 || WEB-ACTIVEX Office 2000 and 2002 Web Components Data Source Control ActiveX clsid access || bugtraq,28136 || bugtraq,4449 || cve,2002-0727 || cve,2007-1201 || url,www.microsoft.com/technet/security/Bulletin/MS08-017.mspx || url,www.microsoft.com/technet/security/bulletin/MS02-044.mspx
|
3890
3890
|
4171 || WEB-ACTIVEX Registration Wizard ActiveX Object Access || bugtraq,671 || url,www.microsoft.com/technet/security/bulletin/MS99-037.mspx
|
3891
3891
|
4172 || WEB-ACTIVEX Microsoft Agent v1.5 ActiveX clsid access || cve,2005-1214 || cve,2006-3445 || cve,2007-1205 || url,www.microsoft.com/technet/security/bulletin/MS05-032.mspx || url,www.microsoft.com/technet/security/bulletin/MS06-068.mspx || url,www.microsoft.com/technet/security/bulletin/MS07-020.mspx
|
3892
3892
|
4173 || WEB-ACTIVEX MsnPUpld ActiveX Object Access || url,www.microsoft.com/technet/security/bulletin/MS05-025.mspx
|
@@ -4392,8 +4392,8 @@
|
|
4392
4392
|
4673 || NETBIOS-DG SMB NT Trans NT SET SECURITY DESC unicode DACL overflow attempt || cve,2004-1154
|
4393
4393
|
4674 || NETBIOS-DG SMB NT Trans NT SET SECURITY DESC unicode andx DACL overflow attempt || cve,2004-1154
|
4394
4394
|
4675 || WEB-CLIENT Macromedia swf DOACTION tag overflow attempt || url,www.macromedia.com/devnet/security/security_zone/mpsb05-07.html
|
4395
|
-
4676 || ORACLE
|
4396
|
-
4677 || ORACLE
|
4395
|
+
4676 || ORACLE Enterprise Manager Application Server Control POST Parameter Overflow Attempt || bugtraq,15146 || url,www.oracle.com/technology/deploy/security/pdf/cpuoct2005.html
|
4396
|
+
4677 || ORACLE Enterprise Manager Application Server Control GET Parameter Overflow Attempt || bugtraq,15146 || url,www.oracle.com/technology/deploy/security/pdf/cpuoct2005.html
|
4397
4397
|
4678 || WEB-CLIENT quicktime movie file transfer
|
4398
4398
|
4679 || WEB-CLIENT quicktime movie file component name integer overflow multipacket attempt || bugtraq,15308 || cve,2005-2754 || url,docs.info.apple.com/article.html?artnum=302772
|
4399
4399
|
4680 || WEB-CLIENT quicktime movie file component name integer overflow attempt || bugtraq,15308 || cve,2005-2754 || url,docs.info.apple.com/article.html?artnum=302772
|
@@ -5420,8 +5420,8 @@
|
|
5420
5420
|
5701 || IMAP status directory traversal attempt || bugtraq,15488 || cve,2005-3189
|
5421
5421
|
5702 || IMAP SUBSCRIBE directory traversal attempt || bugtraq,11775 || bugtraq,15488 || bugtraq,23050 || bugtraq,26219 || cve,2004-1211 || cve,2005-3189 || cve,2007-3510 || nessus,15867
|
5422
5422
|
5703 || IMAP unsubscribe directory traversal attempt || bugtraq,15488 || cve,2005-3189
|
5423
|
-
5704 || IMAP SELECT overflow attempt || bugtraq,15006 || cve,2006-1255
|
5424
|
-
5705 || IMAP CAPABILITY overflow attempt || bugtraq,15006
|
5423
|
+
5704 || IMAP SELECT overflow attempt || bugtraq,15006 || cve,2005-3155 || cve,2006-1255
|
5424
|
+
5705 || IMAP CAPABILITY overflow attempt || bugtraq,15006 || cve,2005-3155
|
5425
5425
|
5706 || POLICY Namazu incoming namazu.cgi access || url,www.namazu.org/doc/manual.html
|
5426
5426
|
5707 || POLICY Namazu outbound namazu.cgi access || url,www.namazu.org/doc/manual.html
|
5427
5427
|
5708 || POLICY HTML File upload attempt || url,www.faqs.org/rfcs/rfc1867.html
|
@@ -6718,8 +6718,8 @@
|
|
6718
6718
|
6999 || DELETED NETBIOS SMB rras RasRpcSetUserPreferences WriteAndX little endian andx callback number overflow attempt || bugtraq,18358 || cve,2006-2371 || url,www.microsoft.com/technet/security/bulletin/MS06-025.mspx
|
6719
6719
|
7000 || DELETED NETBIOS SMB-DS rras RasRpcSetUserPreferences WriteAndX unicode little endian andx callback number overflow attempt || bugtraq,18358 || cve,2006-2371 || url,www.microsoft.com/technet/security/bulletin/MS06-025.mspx
|
6720
6720
|
7001 || DELETED NETBIOS SMB v4 rras RasRpcSetUserPreferences WriteAndX andx callback number overflow attempt || bugtraq,18358 || cve,2006-2371 || url,www.microsoft.com/technet/security/bulletin/MS06-025.mspx
|
6721
|
-
7002 || WEB-CLIENT excel url unicode overflow attempt || bugtraq,18422 || bugtraq,18500 || cve,2006-3059 || url,www.microsoft.com/technet/security/bulletin/ms06-037.mspx
|
6722
|
-
7003 || WEB-ACTIVEX ADODB.Recordset ActiveX function call access || url,osvdb.org/26834
|
6721
|
+
7002 || WEB-CLIENT excel url unicode overflow attempt || bugtraq,18422 || bugtraq,18500 || cve,2006-3059 || cve,2006-3086 || url,www.microsoft.com/technet/security/bulletin/ms06-037.mspx
|
6722
|
+
7003 || WEB-ACTIVEX ADODB.Recordset ActiveX function call access || bugtraq,20704 || cve,2006-5559 || url,osvdb.org/26834
|
6723
6723
|
7004 || WEB-ACTIVEX Internet.HHCtrl.1 ActiveX function call access || bugtraq,18769 || cve,2006-3357 || url,osvdb.org/26835 || url,www.microsoft.com/technet/security/bulletin/ms06-046.mspx
|
6724
6724
|
7005 || WEB-ACTIVEX OutlookExpress.AddressBook ActiveX function call access
|
6725
6725
|
7006 || WEB-ACTIVEX ASControls.InstallEngineCtl ActiveX function call access
|
@@ -6735,9 +6735,9 @@
|
|
6735
6735
|
7016 || WEB-ACTIVEX Object.Microsoft.DXTFilter ActiveX function call access || bugtraq,18903 || cve,2006-3512
|
6736
6736
|
7017 || WEB-ACTIVEX RDS.DataControl ActiveX function call access || bugtraq,18900 || cve,2006-3510
|
6737
6737
|
7018 || WEB-ACTIVEX Sysmon ActiveX function call access
|
6738
|
-
7020 || WEB-CLIENT isComponentInstalled function buffer overflow || bugtraq,16870
|
6738
|
+
7020 || WEB-CLIENT isComponentInstalled function buffer overflow || bugtraq,16870 || cve,2006-1016
|
6739
6739
|
7021 || DOS linux kernel SCTP chunkless packet denial of service attempt || bugtraq,18755 || cve,2006-2934
|
6740
|
-
7022 || WEB-CLIENT windows explorer invalid url file overflow attempt || bugtraq,18838
|
6740
|
+
7022 || WEB-CLIENT windows explorer invalid url file overflow attempt || bugtraq,18838 || cve,2006-3351
|
6741
6741
|
7023 || DELETED WEB-CLIENT xls file download || url,sc.openoffice.org/excelfileformat.pdf
|
6742
6742
|
7024 || WEB-CLIENT excel style handling overflow attempt || bugtraq,18872 || cve,2006-3431 || url,www.microsoft.com/technet/security/bulletin/ms06-059.mspx
|
6743
6743
|
7025 || WEB-CLIENT excel url unicode overflow attempt || bugtraq,18583 || cve,2006-3014 || url,www.microsoft.com/technet/security/bulletin/ms06-069.mspx
|
@@ -6913,7 +6913,7 @@
|
|
6913
6913
|
7195 || SPYWARE-PUT Hijacker shopprreports runtime detection - track/upgrade/report activities || url,vil.mcafeesecurity.com/vil/content/v_133312.htm
|
6914
6914
|
7197 || WEB-CLIENT excel MSO.DLL malformed string parsing single byte buffer over attempt || bugtraq,17252 || cve,2006-1540 || url,www.microsoft.com/technet/security/bulletin/ms06-038.mspx
|
6915
6915
|
7198 || WEB-CLIENT excel MSO.DLL malformed string parsing multi byte buffer over attempt || bugtraq,17252 || cve,2006-1540 || url,www.microsoft.com/technet/security/bulletin/ms06-038.mspx
|
6916
|
-
7199 || WEB-CLIENT excel label record overflow attempt || cve,2006-1309 || url,www.microsoft.com/technet/security/bulletin/ms06-037.mspx
|
6916
|
+
7199 || WEB-CLIENT excel label record overflow attempt || bugtraq,28166 || cve,2006-1309 || cve,2008-0114 || url,www.microsoft.com/technet/security/bulletin/ms06-037.mspx
|
6917
6917
|
7200 || WEB-CLIENT microsoft word document summary information null string overflow attempt || cve,2006-1540 || url,www.microsoft.com/technet/security/bulletin/ms06-038.mspx
|
6918
6918
|
7201 || WEB-CLIENT microsoft word summary information null string overflow attempt || cve,2006-1540 || url,www.microsoft.com/technet/security/bulletin/ms06-038.mspx
|
6919
6919
|
7202 || WEB-CLIENT microsoft word document summary information string overflow attempt || cve,2006-1540 || url,www.microsoft.com/technet/security/bulletin/ms06-038.mspx
|
@@ -7149,8 +7149,8 @@
|
|
7149
7149
|
7432 || WEB-ACTIVEX DirectFrame.DirectControl.1 ActiveX CLSID unicode access || cve,2006-3638 || url,www.microsoft.com/technet/security/bulletin/MS06-042.mspx
|
7150
7150
|
7433 || WEB-ACTIVEX DirectX Transform Wrapper Property Page ActiveX CLSID access || cve,2006-3638 || url,www.microsoft.com/technet/security/bulletin/MS06-042.mspx
|
7151
7151
|
7434 || WEB-ACTIVEX DirectX Transform Wrapper Property Page ActiveX CLSID unicode access || cve,2006-3638 || url,www.microsoft.com/technet/security/bulletin/MS06-042.mspx
|
7152
|
-
7435 || WEB-ACTIVEX Dynamic Casts ActiveX
|
7153
|
-
7436 || WEB-ACTIVEX Dynamic Casts ActiveX
|
7152
|
+
7435 || WEB-ACTIVEX Dynamic Casts ActiveX clsid access || cve,2006-3638 || url,www.microsoft.com/technet/security/bulletin/MS06-042.mspx
|
7153
|
+
7436 || WEB-ACTIVEX Dynamic Casts ActiveX function call || cve,2006-3638 || url,www.microsoft.com/technet/security/bulletin/MS06-042.mspx
|
7154
7154
|
7437 || WEB-ACTIVEX Frame Eater ActiveX CLSID access || cve,2006-3638 || url,www.microsoft.com/technet/security/bulletin/MS06-042.mspx
|
7155
7155
|
7438 || WEB-ACTIVEX Frame Eater ActiveX CLSID unicode access || cve,2006-3638 || url,www.microsoft.com/technet/security/bulletin/MS06-042.mspx
|
7156
7156
|
7439 || WEB-ACTIVEX HTML Help ActiveX clsid access || cve,2006-3357 || cve,2007-0214 || url,www.microsoft.com/technet/security/bulletin/MS06-046.mspx || url,www.microsoft.com/technet/security/bulletin/MS07-008.mspx
|
@@ -7216,8 +7216,8 @@
|
|
7216
7216
|
7499 || WEB-ACTIVEX WM TV Out Smooth Picture Filter ActiveX CLSID unicode access || cve,2006-3638 || url,www.microsoft.com/technet/security/bulletin/MS06-042.mspx
|
7217
7217
|
7500 || WEB-ACTIVEX WM VIH2 Fix ActiveX CLSID access || cve,2006-3638 || url,www.microsoft.com/technet/security/bulletin/MS06-042.mspx
|
7218
7218
|
7501 || WEB-ACTIVEX WM VIH2 Fix ActiveX CLSID unicode access || cve,2006-3638 || url,www.microsoft.com/technet/security/bulletin/MS06-042.mspx
|
7219
|
-
7502 || WEB-ACTIVEX tsuserex.ADsTSUserEx.1 ActiveX
|
7220
|
-
7503 || WEB-ACTIVEX tsuserex.ADsTSUserEx.1 ActiveX
|
7219
|
+
7502 || WEB-ACTIVEX tsuserex.ADsTSUserEx.1 ActiveX clsid access || bugtraq,19570 || cve,2006-4219 || url,www.xsec.org/index.php?module=Releases&act=view&type=1&id=14
|
7220
|
+
7503 || WEB-ACTIVEX tsuserex.ADsTSUserEx.1 ActiveX clsid unicode access || bugtraq,19570 || cve,2006-4219 || url,www.xsec.org/index.php?module=Releases&act=view&type=1&id=14
|
7221
7221
|
7504 || SPYWARE-PUT Keylogger actualspy runtime detection - ftp-data || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453086496
|
7222
7222
|
7505 || SPYWARE-PUT Keylogger actualspy runtime detection - smtp || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453086496
|
7223
7223
|
7506 || SPYWARE-PUT Hacker-Tool coma runtime detection - init connection - flowbit set
|
@@ -7582,10 +7582,10 @@
|
|
7582
7582
|
7865 || WEB-ACTIVEX McSubMgr ActiveX CLSID unicode access || bugtraq,19265 || cve,2006-3961
|
7583
7583
|
7866 || WEB-ACTIVEX ADODB.Connection ActiveX clsid access || cve,2006-5559 || url,archives.neohapsis.com/archives/ntbugtraq/2004-q4/0083.html || url,www.microsoft.com/technet/security/bulletin/ms07-009.mspx
|
7584
7584
|
7867 || WEB-ACTIVEX ADODB.Connection ActiveX clsid unicode access || cve,2006-5559 || url,archives.neohapsis.com/archives/ntbugtraq/2004-q4/0083.html || url,www.microsoft.com/technet/security/bulletin/ms07-009.mspx
|
7585
|
-
7868 || WEB-ACTIVEX ADODB.Recordset ActiveX CLSID access
|
7586
|
-
7869 || WEB-ACTIVEX ADODB.Recordset ActiveX CLSID unicode access
|
7587
|
-
7870 || WEB-ACTIVEX Microsoft Office Data Source Control 9.0 ActiveX clsid access || cve,2007-1201 || url,www.microsoft.com/technet/prodtechnol/office/office2000/proddocs/opg/part4/ch18.mspx || url,www.microsoft.com/technet/security/Bulletin/MS08-017.mspx
|
7588
|
-
7871 || WEB-ACTIVEX Microsoft Office Data Source Control 9.0 ActiveX clsid unicode access || cve,2007-1201 || url,www.microsoft.com/technet/prodtechnol/office/office2000/proddocs/opg/part4/ch18.mspx || url,www.microsoft.com/technet/security/Bulletin/MS08-017.mspx
|
7585
|
+
7868 || WEB-ACTIVEX ADODB.Recordset ActiveX CLSID access || bugtraq,20704 || cve,2006-5559
|
7586
|
+
7869 || WEB-ACTIVEX ADODB.Recordset ActiveX CLSID unicode access || bugtraq,20704 || cve,2006-5559
|
7587
|
+
7870 || WEB-ACTIVEX Microsoft Office Data Source Control 9.0 ActiveX clsid access || bugtraq,28136 || cve,2007-1201 || url,www.microsoft.com/technet/prodtechnol/office/office2000/proddocs/opg/part4/ch18.mspx || url,www.microsoft.com/technet/security/Bulletin/MS08-017.mspx
|
7588
|
+
7871 || WEB-ACTIVEX Microsoft Office Data Source Control 9.0 ActiveX clsid unicode access || bugtraq,28136 || cve,2007-1201 || url,www.microsoft.com/technet/prodtechnol/office/office2000/proddocs/opg/part4/ch18.mspx || url,www.microsoft.com/technet/security/Bulletin/MS08-017.mspx
|
7589
7589
|
7872 || WEB-ACTIVEX Microsoft Office Spreadsheet 10.0 ActiveX clsid access || cve,2002-0727 || cve,2002-0861 || cve,2009-1136 || url,www.microsoft.com/technet/security/Bulletin/MS02-044.mspx || url,www.microsoft.com/technet/security/Bulletin/MS09-043.mspx
|
7590
7590
|
7873 || WEB-ACTIVEX Microsoft Office Spreadsheet 10.0 ActiveX clsid unicode access || cve,2002-0727 || cve,2002-0861 || cve,2009-1136 || url,www.microsoft.com/technet/security/Bulletin/MS02-044.mspx || url,www.microsoft.com/technet/security/Bulletin/MS09-043.mspx
|
7591
7591
|
7874 || WEB-ACTIVEX Microsoft Office PivotTable 10.0 ActiveX CLSID access || cve,2002-0727 || cve,2002-0861 || url,www.microsoft.com/technet/security/Bulletin/MS02-044.mspx
|
@@ -7699,7 +7699,7 @@
|
|
7699
7699
|
7982 || WEB-ACTIVEX Snapshot Viewer General Property Page Object ActiveX clsid unicode access || cve,2008-2463 || url,www.microsoft.com/TechNet/security/advisory/955179.mspx || url,www.microsoft.com/technet/security/bulletin/ms08-041.mspx
|
7700
7700
|
7983 || WEB-ACTIVEX SuperBuddy Class ActiveX CLSID access
|
7701
7701
|
7984 || WEB-ACTIVEX SuperBuddy Class ActiveX CLSID unicode access
|
7702
|
-
7985 || WEB-ACTIVEX WebViewFolderIcon.WebViewFolderIcon.1 ActiveX
|
7702
|
+
7985 || WEB-ACTIVEX WebViewFolderIcon.WebViewFolderIcon.1 ActiveX clsid access || bugtraq,19030 || cve,2006-3730 || url,browserfun.blogspot.com/2006/07/mobb-18-webviewfoldericon-setslice.html || url,www.microsoft.com/technet/security/bulletin/ms06-057.mspx
|
7703
7703
|
7986 || WEB-ACTIVEX WebViewFolderIcon.WebViewFolderIcon.1 ActiveX CLSID unicode access || bugtraq,19030 || cve,2006-3730 || url,browserfun.blogspot.com/2006/07/mobb-18-webviewfoldericon-setslice.html || url,www.microsoft.com/technet/security/bulletin/ms06-057.mspx
|
7704
7704
|
7987 || WEB-ACTIVEX WebViewFolderIcon.WebViewFolderIcon.2 ActiveX CLSID access
|
7705
7705
|
7988 || WEB-ACTIVEX WebViewFolderIcon.WebViewFolderIcon.2 ActiveX CLSID unicode access
|
@@ -7773,7 +7773,7 @@
|
|
7773
7773
|
8056 || DOS ISC DHCP server 2 client_id length denial of service attempt || cve,2006-3122 || url,www.debian.org/security/2006/dsa-1143
|
7774
7774
|
8057 || MYSQL Date_Format denial of service attempt || bugtraq,19032 || cve,2006-3469 || url,dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html
|
7775
7775
|
8058 || WEB-CLIENT Mozilla javascript navigator object access || bugtraq,19181 || cve,2006-3677 || url,www.mozilla.org/security/announce/2006/mfsa2006-45.html
|
7776
|
-
8059 || ORACLE SYS.KUPW-WORKER sql injection attempt || bugtraq,19054 || url,www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2006.html
|
7776
|
+
8059 || ORACLE SYS.KUPW-WORKER sql injection attempt || bugtraq,19054 || cve,2006-3698 || url,www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2006.html
|
7777
7777
|
8060 || EXPLOIT UltraVNC VNCLog buffer overflow || bugtraq,17378
|
7778
7778
|
8061 || DELETED WEB-CLIENT ADODB.Stream ActiveX CLSID access
|
7779
7779
|
8062 || WEB-ACTIVEX ADODB.Stream ActiveX CLSID unicode access || bugtraq,10514 || cve,2004-0549 || url,support.microsoft.com/default.aspx?scid=kb\;en-us\;KB870669 || url,www.microsoft.com/technet/security/bulletin/ms04-025.mspx
|
@@ -7805,7 +7805,7 @@
|
|
7805
7805
|
8088 || WEB-MISC HP Openview NNM connectedNodes.ovpl Unix command execution attempt || bugtraq,14662 || cve,2005-2773
|
7806
7806
|
8089 || WEB-MISC HP Openview NNM cdpView.ovpl Unix command execution attempt || bugtraq,14662 || cve,2005-2773
|
7807
7807
|
8090 || WEB-MISC HP Openview NNM freeIPaddrs.ovpl Unix command execution attempt || bugtraq,14662 || cve,2005-2773
|
7808
|
-
8091 || WEB-CLIENT RealPlayer
|
7808
|
+
8091 || WEB-CLIENT RealNetworks RealPlayer error message format string vulnerability attempt || bugtraq,14945 || cve,2005-2710
|
7809
7809
|
8093 || DELETED NETBIOS SMB webdav unicode alter context attempt
|
7810
7810
|
8094 || DELETED NETBIOS SMB webdav WriteAndX unicode alter context attempt
|
7811
7811
|
8095 || DELETED NETBIOS SMB webdav alter context attempt
|
@@ -8126,12 +8126,12 @@
|
|
8126
8126
|
8411 || WEB-ACTIVEX DocFind Command ActiveX CLSID access
|
8127
8127
|
8412 || WEB-ACTIVEX DocFind Command ActiveX CLSID unicode access
|
8128
8128
|
8413 || WEB-CLIENT HCP URI uplddrvinfo access || bugtraq,5478 || cve,2002-0974 || url,www.microsoft.com/technet/security/bulletin/ms02-060.mspx
|
8129
|
-
8414 || WEB-CLIENT GIF image
|
8129
|
+
8414 || WEB-CLIENT GIF image descriptor memory corruption attempt || bugtraq,18915 || bugtraq,22630 || cve,2006-0007 || cve,2007-1071 || url,www.microsoft.com/technet/security/bulletin/ms06-039.mspx
|
8130
8130
|
8415 || FTP SIZE overflow attempt || bugtraq,19617 || cve,2006-4318
|
8131
8131
|
8416 || WEB-CLIENT VML fill method overflow attempt || bugtraq,20096 || cve,2006-4868 || url,www.microsoft.com/technet/security/bulletin/ms06-055.mspx
|
8132
8132
|
8417 || WEB-ACTIVEX TriEditDocument.TriEditDocument ActiveX function call access || bugtraq,18946 || cve,2006-3591 || url,browserfun.blogspot.com/2006/07/mobb-12-trieditdocument-url.html || url,osvdb.org/27056
|
8133
8133
|
8418 || WEB-ACTIVEX DXImageTransform.Microsoft.RevealTrans ActiveX function call access || url,browserfun.blogspot.com/2006/07/mobb-13-revealtrans-transition.html || url,osvdb.org/27057
|
8134
|
-
8419 || WEB-ACTIVEX WebViewFolderIcon.WebViewFolderIcon.1 ActiveX function call
|
8134
|
+
8419 || WEB-ACTIVEX WebViewFolderIcon.WebViewFolderIcon.1 ActiveX function call || bugtraq,19030 || cve,2006-3730 || url,browserfun.blogspot.com/2006/07/mobb-18-webviewfoldericon-setslice.html || url,www.microsoft.com/technet/security/bulletin/ms06-057.mspx
|
8135
8135
|
8420 || WEB-ACTIVEX DXImageTransform.Microsoft.Gradient ActiveX function call access || url,browserfun.blogspot.com/2006/07/mobb-17-gradient-startcolorstr.html || url,osvdb.org/27109
|
8136
8136
|
8421 || WEB-ACTIVEX OWC11.DataSourceControl.11 ActiveX function call access || url,browserfun.blogspot.com/2006/07/mobb-19-datasourcecontrol.html || url,osvdb.org/27111
|
8137
8137
|
8422 || WEB-ACTIVEX Outlook View OVCtl ActiveX clsid access || bugtraq,3025 || bugtraq,3026 || cve,2001-0538 || url,browserfun.blogspot.com/2006/07/mobb-20-ovctl-newdefaultitem.html || url,osvdb.org/27112 || url,www.microsoft.com/technet/security/bulletin/MS01-038.mspx
|
@@ -8158,7 +8158,7 @@
|
|
8158
8158
|
8443 || WEB-CLIENT Mozilla regular expression heap corruption attempt || bugtraq,20042 || cve,2006-4566
|
8159
8159
|
8444 || WEB-MISC Trend Micro atxconsole format string server response attempt || bugtraq,20284 || cve,2006-5157
|
8160
8160
|
8445 || WEB-CLIENT RTF file with embedded object package download attempt || cve,2006-4692 || url,www.microsoft.com/technet/security/bulletin/ms06-065.mspx
|
8161
|
-
8446 || POLICY IPv6 encapsulated in IPv4 activity
|
8161
|
+
8446 || POLICY IPv6 encapsulated in IPv4 activity || bugtraq,29235 || cve,2008-2136
|
8162
8162
|
8447 || DELETED WEB-CLIENT Open document file transfer attempt
|
8163
8163
|
8448 || WEB-CLIENT Excel colinfo XF record overflow attempt || cve,2006-3875 || url,www.microsoft.com/technet/security/bulletin/ms06-059.mspx
|
8164
8164
|
8449 || NETBIOS SMB Rename invalid buffer type andx attempt || cve,2006-4696 || url,www.microsoft.com/technet/security/bulletin/MS06-063.mspx
|
@@ -8182,17 +8182,17 @@
|
|
8182
8182
|
8467 || SPYWARE-PUT Keylogger netobserve runtime detection - remote login response || url,www.spywareguide.com/product_show.php?id=354 || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453073490
|
8183
8183
|
8468 || SPYWARE-PUT Hijacker accoona runtime detection - collect info || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453096478
|
8184
8184
|
8469 || SPYWARE-PUT Hijacker accoona runtime detection - open sidebar search url || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453096478
|
8185
|
-
8470 || BACKDOOR superspy 2.0 beta runtime detection - get system info
|
8186
|
-
8471 || BACKDOOR superspy 2.0 beta runtime detection - get system info 2 || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453083726
|
8187
|
-
8472 || BACKDOOR superspy 2.0 beta runtime detection - screen capture 2
|
8188
|
-
8473 || BACKDOOR superspy 2.0 beta runtime detection - screen capture || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453083726
|
8189
|
-
8474 || BACKDOOR superspy 2.0 beta runtime detection - processes/active windows manage 2
|
8190
|
-
8475 || BACKDOOR superspy 2.0 beta runtime detection - processes/active windows manage || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453083726
|
8185
|
+
8470 || DELETED BACKDOOR superspy 2.0 beta runtime detection - get system info
|
8186
|
+
8471 || DELETED BACKDOOR superspy 2.0 beta runtime detection - get system info 2 || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453083726
|
8187
|
+
8472 || DELETED BACKDOOR superspy 2.0 beta runtime detection - screen capture 2
|
8188
|
+
8473 || DELETED BACKDOOR superspy 2.0 beta runtime detection - screen capture || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453083726
|
8189
|
+
8474 || DELETED BACKDOOR superspy 2.0 beta runtime detection - processes/active windows manage 2
|
8190
|
+
8475 || DELETED BACKDOOR superspy 2.0 beta runtime detection - processes/active windows manage || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453083726
|
8191
8191
|
8476 || DELETED BACKDOOR superspy 2.0 beta runtime detection - file management
|
8192
8192
|
8477 || DELETED BACKDOOR superspy 2.0 beta runtime detection - file management || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453083726
|
8193
8193
|
8478 || WEB-CLIENT Microsoft Publisher file download attempt || cve,2006-0001 || url,www.microsoft.com/technet/security/bulletin/ms06-054.mspx
|
8194
8194
|
8479 || FTP HELP overflow attempt || bugtraq,2972 || cve,2001-0826
|
8195
|
-
8480 || FTP PORT overflow attempt || bugtraq,18711 || cve,2006-2226
|
8195
|
+
8480 || FTP PORT overflow attempt || bugtraq,15998 || bugtraq,18711 || cve,2005-4459 || cve,2006-2226
|
8196
8196
|
8481 || FTP Microsoft NLST * dos attempt || bugtraq,2717 || cve,2001-0334 || url,www.microsoft.com/technet/security/bulletin/MS01-026.mspx
|
8197
8197
|
8482 || POLICY Xfire session initiated || url,www.fryx.ch/xfire/protocol.html
|
8198
8198
|
8483 || POLICY Xfire login attempted || url,www.fryx.ch/xfire/protocol.html
|
@@ -8253,7 +8253,7 @@
|
|
8253
8253
|
8538 || SQL xp_updatecolvbm unicode vulnerable function attempt || bugtraq,2039 || cve,2000-1084 || url,www.microsoft.com/technet/security/bulletin/ms00-092.mspx
|
8254
8254
|
8539 || SQL xp_updatecolvbm unicode vulnerable function attempt || bugtraq,2039 || cve,2000-1084 || url,www.microsoft.com/technet/security/bulletin/ms00-092.mspx
|
8255
8255
|
8540 || SQL xp_updatecolvbm vulnerable function attempt || bugtraq,2039 || cve,2000-1084 || url,www.microsoft.com/technet/security/bulletin/ms00-092.mspx
|
8256
|
-
8541 || ORACLE sdo_cs.transform_layer buffer overflow attempt || bugtraq,20588 || cve,2006-5372 || url,www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2006.html
|
8256
|
+
8541 || ORACLE sdo_cs.transform_layer buffer overflow attempt || bugtraq,20588 || cve,2006-5344 || cve,2006-5372 || url,www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2006.html
|
8257
8257
|
8542 || SPYWARE-PUT Trackware deluxecommunications runtime detection - collect info || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453099974
|
8258
8258
|
8543 || SPYWARE-PUT Trackware deluxecommunications runtime detection - display popup ads || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453099974
|
8259
8259
|
8544 || SPYWARE-PUT Keylogger nicespy runtime detection - smtp || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453097309
|
@@ -8443,9 +8443,9 @@
|
|
8443
8443
|
8728 || WEB-ACTIVEX XMLHTTP 4.0 ActiveX clsid unicode access || bugtraq,20915 || cve,2006-5745 || url,www.microsoft.com/technet/security/bulletin/ms06-071.mspx
|
8444
8444
|
8729 || EXPLOIT Shixxnote font buffer overflow attempt || bugtraq,11409 || cve,2004-1595
|
8445
8445
|
8730 || DOS record route rr denial of service attempt || bugtraq,870 || cve,1999-0986 || cve,1999-1339 || cve,2001-0752
|
8446
|
-
8731 || MISC IP option TS timestamp set
|
8447
|
-
8732 || MISC IP option SEC security set
|
8448
|
-
8733 || MISC IP option SATID stream_id set
|
8446
|
+
8731 || DELETED MISC IP option TS timestamp set
|
8447
|
+
8732 || DELETED MISC IP option SEC security set
|
8448
|
+
8733 || DELETED MISC IP option SATID stream_id set
|
8449
8449
|
8734 || WEB-PHP Pajax arbitrary command execution attempt || bugtraq,17519 || cve,2006-1551 || cve,2006-1789
|
8450
8450
|
8735 || WEB-ACTIVEX BOWebAgent.Webagent.1 ActiveX CLSID access
|
8451
8451
|
8736 || WEB-ACTIVEX BOWebAgent.Webagent.1 ActiveX CLSID unicode access
|
@@ -8841,9 +8841,9 @@
|
|
8841
8841
|
9126 || DELETED NETBIOS DCERPC DIRECT wkssvc NetrJoinDomain2 overflow attempt || cve,2006-4691 || nessus,11921 || url,www.microsoft.com/technet/security/Bulletin/MS06-070.mspx
|
8842
8842
|
9127 || DELETED NETBIOS DCERPC DIRECT wkssvc NetrJoinDomain2 little endian object call overflow attempt || cve,2006-4691 || nessus,11921 || url,www.microsoft.com/technet/security/Bulletin/MS06-070.mspx
|
8843
8843
|
9128 || DELETED NETBIOS DCERPC DIRECT wkssvc NetrJoinDomain2 object call overflow attempt || cve,2006-4691 || nessus,11921 || url,www.microsoft.com/technet/security/Bulletin/MS06-070.mspx
|
8844
|
-
9129 || WEB-ACTIVEX WinZip FileView 6.1 ActiveX
|
8845
|
-
9130 || WEB-ACTIVEX WinZip FileView 6.1 ActiveX
|
8846
|
-
9131 || WEB-ACTIVEX WinZip FileView 6.1 ActiveX function call access || bugtraq,21060 || cve,2006-5198 || url,www.winzip.com/wz7245.htm
|
8844
|
+
9129 || WEB-ACTIVEX WinZip FileView 6.1 ActiveX clsid access || bugtraq,21060 || bugtraq,21108 || cve,2006-3890 || cve,2006-5198 || url,www.winzip.com/wz7245.htm
|
8845
|
+
9130 || WEB-ACTIVEX WinZip FileView 6.1 ActiveX clsid unicode access || bugtraq,21060 || bugtraq,21108 || cve,2006-3890 || cve,2006-5198 || url,www.winzip.com/wz7245.htm
|
8846
|
+
9131 || WEB-ACTIVEX WinZip FileView 6.1 ActiveX function call access || bugtraq,21060 || bugtraq,21108 || cve,2006-3890 || cve,2006-5198 || url,www.winzip.com/wz7245.htm
|
8847
8847
|
9132 || NETBIOS DCERPC NCACN-IP-TCP netware_cs NwrOpenEnumNdsStubTrees_Any overflow attempt || cve,2006-4688 || cve,2006-4689 || url,www.microsoft.com/technet/security/bulletin/MS06-066.mspx
|
8848
8848
|
9133 || DELETED NETBIOS SMB-DS netware_cs NwrOpenEnumNdsStubTrees_Any unicode overflow attempt || cve,2006-4688 || cve,2006-4689 || url,www.microsoft.com/technet/security/bulletin/MS06-066.mspx
|
8849
8849
|
9134 || DELETED NETBIOS SMB-DS netware_cs NwrOpenEnumNdsStubTrees_Any unicode object call overflow attempt || cve,2006-4688 || cve,2006-4689 || url,www.microsoft.com/technet/security/bulletin/MS06-066.mspx
|
@@ -9338,14 +9338,14 @@
|
|
9338
9338
|
9623 || RPC UNIX authentication machinename string overflow attempt TCP || bugtraq,20941 || cve,2006-5780
|
9339
9339
|
9624 || RPC UNIX authentication machinename string overflow attempt UDP || bugtraq,20941 || cve,2006-5780
|
9340
9340
|
9625 || WEB-CLIENT Windows Media Player ASX file ref href buffer overflow attempt || bugtraq,21247 || cve,2006-6134 || url,www.microsoft.com/technet/security/bulletin/ms06-078.mspx
|
9341
|
-
9626 || WEB-ACTIVEX AcroPDF.PDF ActiveX clsid access || bugtraq,21155 || cve,2006-6027 || url,www.adobe.com/support/security/advisories/apsa06-02.html
|
9342
|
-
9627 || WEB-ACTIVEX AcroPDF.PDF ActiveX clsid unicode access || bugtraq,21155 || cve,2006-6027 || url,www.adobe.com/support/security/advisories/apsa06-02.html
|
9341
|
+
9626 || WEB-ACTIVEX AcroPDF.PDF ActiveX clsid access || bugtraq,21155 || cve,2005-0035 || cve,2006-6027 || cve,2006-6236 || url,www.adobe.com/support/security/advisories/apsa06-02.html
|
9342
|
+
9627 || WEB-ACTIVEX AcroPDF.PDF ActiveX clsid unicode access || bugtraq,21155 || cve,2005-0035 || cve,2006-6027 || cve,2006-6236 || url,www.adobe.com/support/security/advisories/apsa06-02.html
|
9343
9343
|
9628 || WEB-ACTIVEX javaprxy.dll ActiveX clsid unicode access || bugtraq,14087 || cve,2005-2087 || url,www.microsoft.com/technet/security/bulletin/ms05-037.mspx || url,www.osvdb.org/displayvuln.php?osvdb_id=17680
|
9344
|
-
9629 || WEB-ACTIVEX Citrix.ICAClient ActiveX clsid access || url,
|
9345
|
-
9630 || WEB-ACTIVEX Citrix.ICAClient ActiveX clsid unicode access || url,
|
9346
|
-
9631 || WEB-ACTIVEX Citrix.ICAClient ActiveX function call access
|
9344
|
+
9629 || WEB-ACTIVEX Citrix.ICAClient ActiveX clsid access || bugtraq,23246 || cve,2006-6334 || url,support.citrix.com/article/CTX111827
|
9345
|
+
9630 || WEB-ACTIVEX Citrix.ICAClient ActiveX clsid unicode access || bugtraq,23246 || cve,2006-6334 || url,support.citrix.com/article/CTX111827
|
9346
|
+
9631 || WEB-ACTIVEX Citrix.ICAClient ActiveX function call access || bugtraq,23246 || cve,2006-6334 || url,support.citrix.com/article/CTX111827
|
9347
9347
|
9632 || EXPLOIT Tivoli Storage Manager command request buffer overflow attempt || bugtraq,21440 || cve,2006-5855
|
9348
|
-
9633 || EXPLOIT Computer Associates Product Discovery Service type 9B remote buffer overflow attempt TCP || bugtraq,21502 || cve,2006-6379
|
9348
|
+
9633 || EXPLOIT Computer Associates Product Discovery Service type 9B remote buffer overflow attempt TCP || bugtraq,12536 || bugtraq,21502 || cve,2005-2535 || cve,2006-6379
|
9349
9349
|
9634 || EXPLOIT Computer Associates Product Discovery Service type 9C remote buffer overflow attempt TCP || bugtraq,21502 || cve,2006-6379
|
9350
9350
|
9635 || EXPLOIT Computer Associates Product Discovery Service type 9B remote buffer overflow attempt UDP || bugtraq,21502 || cve,2006-6379
|
9351
9351
|
9636 || EXPLOIT Computer Associates Product Discovery Service type 9C remote buffer overflow attempt UDP || bugtraq,21502 || cve,2006-6379
|
@@ -9532,7 +9532,7 @@
|
|
9532
9532
|
9817 || WEB-ACTIVEX CEnroll.CEnroll.2 ActiveX clsid access || url,browserfun.blogspot.com/2006/07/mobb-21-cenroll-stringtobinary.html || url,osvdb.org/27230
|
9533
9533
|
9818 || WEB-ACTIVEX CEnroll.CEnroll.2 ActiveX clsid unicode access || url,browserfun.blogspot.com/2006/07/mobb-21-cenroll-stringtobinary.html || url,osvdb.org/27230
|
9534
9534
|
9819 || WEB-ACTIVEX Outlook View OVCtl ActiveX clsid unicode access || bugtraq,3025 || bugtraq,3026 || cve,2001-0538 || url,browserfun.blogspot.com/2006/07/mobb-20-ovctl-newdefaultitem.html || url,osvdb.org/27112 || url,www.microsoft.com/technet/security/bulletin/MS01-038.mspx
|
9535
|
-
9820 || WEB-ACTIVEX
|
9535
|
+
9820 || WEB-ACTIVEX OWC11.DataSourceControl.11 ActiveX function call access || bugtraq,19069 || cve,2006-3729 || url,browserfun.blogspot.com/2006/07/mobb-19-datasourcecontrol.html || url,osvdb.org/27111
|
9536
9536
|
9821 || WEB-ACTIVEX TriEditDocument.TriEditDocument ActiveX clsid access || bugtraq,18946 || cve,2006-3591 || url,browserfun.blogspot.com/2006/07/mobb-12-trieditdocument-url.html || url,osvdb.org/27056
|
9537
9537
|
9822 || WEB-ACTIVEX TriEditDocument.TriEditDocument ActiveX clsid unicode access || bugtraq,18946 || cve,2006-3591 || url,browserfun.blogspot.com/2006/07/mobb-12-trieditdocument-url.html || url,osvdb.org/27056
|
9538
9538
|
9823 || WEB-CLIENT QuickTime RTSP URI overflow attempt || bugtraq,21829 || cve,2007-0015 || url,applefun.blogspot.com/2007/01/moab-01-01-2007-apple-quicktime-rtsp.html
|
@@ -9742,7 +9742,7 @@
|
|
9742
9742
|
10027 || DELETED NETBIOS DCERPC DIRECT brightstor-arc ClientDBMiniAgentClose little endian attempt || bugtraq,22010 || cve,2007-0168 || url,www.kb.cert.org/vuls/id/662400 || url,www.lssec.com/advisories/LS-20061002.pdf
|
9743
9743
|
10028 || DELETED NETBIOS DCERPC DIRECT brightstor-arc ClientDBMiniAgentClose object call attempt || bugtraq,22010 || cve,2007-0168 || url,www.kb.cert.org/vuls/id/662400 || url,www.lssec.com/advisories/LS-20061002.pdf
|
9744
9744
|
10029 || DELETED NETBIOS DCERPC DIRECT brightstor-arc ClientDBMiniAgentClose little endian object call attempt || bugtraq,22010 || cve,2007-0168 || url,www.kb.cert.org/vuls/id/662400 || url,www.lssec.com/advisories/LS-20061002.pdf
|
9745
|
-
10030 || NETBIOS DCERPC NCACN-IP-TCP brightstor QSIGetQueuePath_Function_45 attempt || bugtraq,20365 || cve,2006-5143
|
9745
|
+
10030 || NETBIOS DCERPC NCACN-IP-TCP brightstor QSIGetQueuePath_Function_45 overflow attempt || bugtraq,20365 || cve,2006-5143
|
9746
9746
|
10031 || DELETED NETBIOS DCERPC DIRECT brightstor QSIGetQueuePath_Function_45 little endian attempt || bugtraq,20365 || cve,2006-5143 || url,www.lssec.com/advisories/LS-20060330.pdf
|
9747
9747
|
10032 || DELETED NETBIOS DCERPC DIRECT brightstor QSIGetQueuePath_Function_45 attempt || bugtraq,20365 || cve,2006-5143 || url,www.lssec.com/advisories/LS-20060330.pdf
|
9748
9748
|
10033 || DELETED NETBIOS DCERPC DIRECT v4 brightstor QSIGetQueuePath_Function_45 little endian attempt || bugtraq,20365 || cve,2006-5143 || url,www.lssec.com/advisories/LS-20060330.pdf
|
@@ -9924,9 +9924,9 @@
|
|
9924
9924
|
10211 || DELETED NETBIOS DCERPC DIRECT v4 trend-serverprotect COMN_NetTestConnection little endian attempt || bugtraq,22639 || cve,2007-1070 || url,esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034290
|
9925
9925
|
10212 || DELETED NETBIOS DCERPC DIRECT trend-serverprotect COMN_NetTestConnection object call attempt || bugtraq,22639 || cve,2007-1070 || url,esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034290
|
9926
9926
|
10213 || DELETED NETBIOS DCERPC DIRECT trend-serverprotect COMN_NetTestConnection little endian object call attempt || bugtraq,22639 || cve,2007-1070 || url,esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034290
|
9927
|
-
10214 || WEB-ACTIVEX Shockwave ActiveX Control ActiveX clsid access || bugtraq,22842
|
9928
|
-
10215 || WEB-ACTIVEX Shockwave ActiveX Control ActiveX clsid unicode access || bugtraq,22842
|
9929
|
-
10216 || WEB-ACTIVEX Shockwave ActiveX Control ActiveX function call access || bugtraq,22842
|
9927
|
+
10214 || WEB-ACTIVEX Shockwave ActiveX Control ActiveX clsid access || bugtraq,22067 || bugtraq,22842 || cve,2006-6885
|
9928
|
+
10215 || WEB-ACTIVEX Shockwave ActiveX Control ActiveX clsid unicode access || bugtraq,22067 || bugtraq,22842 || cve,2006-6885
|
9929
|
+
10216 || WEB-ACTIVEX Shockwave ActiveX Control ActiveX function call access || bugtraq,22067 || bugtraq,22842 || cve,2006-6885
|
9930
9930
|
10217 || DELETED NETBIOS SMB svcctl alter context attempt || url,www.hsc.fr/ressources/articles/win_net_srv/msrpc_svcctl.html
|
9931
9931
|
10218 || DELETED NETBIOS SMB svcctl unicode alter context attempt || url,www.hsc.fr/ressources/articles/win_net_srv/msrpc_svcctl.html
|
9932
9932
|
10219 || DELETED NETBIOS SMB svcctl WriteAndX alter context attempt || url,www.hsc.fr/ressources/articles/win_net_srv/msrpc_svcctl.html
|
@@ -10194,7 +10194,7 @@
|
|
10194
10194
|
10483 || RPC portmap CA BrightStor ARCserve udp request || bugtraq,23209 || cve,2007-1785
|
10195
10195
|
10484 || RPC portmap CA BrightStor ARCserve tcp procedure 191 attempt || bugtraq,23209 || cve,2007-1785
|
10196
10196
|
10485 || RPC portmap CA BrightStor ARCserve udp procedure 191 attempt || bugtraq,23209 || cve,2007-1785
|
10197
|
-
10486 || NETBIOS DCERPC NCACN-IP-TCP brightstor-arc function 15,16,17 attempt || bugtraq,22994 || cve,2007-1447 || url,www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=101317
|
10197
|
+
10486 || NETBIOS DCERPC NCACN-IP-TCP brightstor-arc function 15,16,17 attempt || bugtraq,22994 || cve,2006-6076 || cve,2007-1447 || url,www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=101317
|
10198
10198
|
10487 || DELETED NETBIOS DCERPC DIRECT brightstor-arc function 15 attempt || bugtraq,22994 || cve,2007-1447 || url,www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=101317
|
10199
10199
|
10488 || DELETED NETBIOS DCERPC DIRECT v4 brightstor-arc function 15 little endian attempt || bugtraq,22994 || cve,2007-1447 || url,www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=101317
|
10200
10200
|
10489 || DELETED NETBIOS DCERPC DIRECT v4 brightstor-arc function 15 attempt || bugtraq,22994 || cve,2007-1447 || url,www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=101317
|
@@ -10712,7 +10712,7 @@
|
|
10712
10712
|
11001 || ORACLE dbms_snap_internal.delete_refresh_operations buffer overflow attempt || bugtraq,23532 || cve,2007-2126 || url,www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2007.html
|
10713
10713
|
11002 || ORACLE dbms_snap_internal.generate_refresh_operations buffer overflow attempt || bugtraq,23532 || cve,2007-2126 || url,www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2007.html
|
10714
10714
|
11003 || ORACLE dbms_snap_internal.generate_refresh_operations buffer overflow attempt || bugtraq,23532 || cve,2007-2126 || url,www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2007.html
|
10715
|
-
11004 || IMAP CRAM-MD5 authentication method buffer overflow || bugtraq,11675 || bugtraq,23172 || cve,2004-1520 || cve,2007-1675
|
10715
|
+
11004 || IMAP CRAM-MD5 authentication method buffer overflow || bugtraq,11675 || bugtraq,14317 || bugtraq,23172 || cve,2004-1520 || cve,2007-1675
|
10716
10716
|
11005 || DELETED NETBIOS SMB rpcss alter context attempt
|
10717
10717
|
11006 || DELETED NETBIOS SMB rpcss unicode alter context attempt
|
10718
10718
|
11007 || DELETED NETBIOS SMB rpcss WriteAndX alter context attempt
|
@@ -10889,10 +10889,10 @@
|
|
10889
10889
|
11178 || WEB-ACTIVEX PowerPoint Viewer ActiveX function call access || bugtraq,23733 || bugtraq,33238 || bugtraq,33243 || url,moaxb.blogspot.com/2007/05/moaxb-01-powerpointviewerocx-31.html
|
10890
10890
|
11179 || WEB-ACTIVEX PowerPoint Viewer ActiveX function call unicode access || bugtraq,23733 || bugtraq,33238 || bugtraq,33243 || url,moaxb.blogspot.com/2007/05/moaxb-01-powerpointviewerocx-31.html
|
10891
10891
|
11180 || WEB-CLIENT quicktime movie ftyp buffer underflow || bugtraq,23652 || cve,2007-2296
|
10892
|
-
11181 || WEB-ACTIVEX Excel Viewer ActiveX clsid access || bugtraq,23755 || bugtraq,33222 || url,moaxb.blogspot.com/2007/05/moaxb-02-excelviewerocx-v-31-multiple.html
|
10893
|
-
11182 || WEB-ACTIVEX Excel Viewer ActiveX clsid unicode access || bugtraq,23755 || bugtraq,33222 || url,moaxb.blogspot.com/2007/05/moaxb-02-excelviewerocx-v-31-multiple.html
|
10894
|
-
11183 || WEB-ACTIVEX Excel Viewer ActiveX function call access || bugtraq,23755 || bugtraq,33222 || url,moaxb.blogspot.com/2007/05/moaxb-02-excelviewerocx-v-31-multiple.html
|
10895
|
-
11184 || WEB-ACTIVEX Excel Viewer ActiveX function call unicode access || bugtraq,23755 || bugtraq,33222 || url,moaxb.blogspot.com/2007/05/moaxb-02-excelviewerocx-v-31-multiple.html
|
10892
|
+
11181 || WEB-ACTIVEX Excel Viewer ActiveX clsid access || bugtraq,23755 || bugtraq,33222 || bugtraq,33243 || url,moaxb.blogspot.com/2007/05/moaxb-02-excelviewerocx-v-31-multiple.html
|
10893
|
+
11182 || WEB-ACTIVEX Excel Viewer ActiveX clsid unicode access || bugtraq,23755 || bugtraq,33222 || bugtraq,33243 || url,moaxb.blogspot.com/2007/05/moaxb-02-excelviewerocx-v-31-multiple.html
|
10894
|
+
11183 || WEB-ACTIVEX Excel Viewer ActiveX function call access || bugtraq,23755 || bugtraq,33222 || bugtraq,33243 || url,moaxb.blogspot.com/2007/05/moaxb-02-excelviewerocx-v-31-multiple.html
|
10895
|
+
11184 || WEB-ACTIVEX Excel Viewer ActiveX function call unicode access || bugtraq,23755 || bugtraq,33222 || bugtraq,33243 || url,moaxb.blogspot.com/2007/05/moaxb-02-excelviewerocx-v-31-multiple.html
|
10896
10896
|
11185 || DOS CA eTrust key handling dos -- username || bugtraq,22743 || cve,2007-1005
|
10897
10897
|
11186 || DOS CA eTrust key handling dos -- password || bugtraq,22743 || cve,2007-1005
|
10898
10898
|
11187 || WEB-ACTIVEX Word Viewer ActiveX clsid access || bugtraq,23784 || bugtraq,33238 || bugtraq,33243 || url,moaxb.blogspot.com/2007/05/moaxb-03-wordviewerocx-32-multiple_03.html
|
@@ -11539,7 +11539,7 @@
|
|
11539
11539
|
11831 || WEB-ACTIVEX Microsoft Direct Speech Recognition ActiveX clsid unicode access || cve,2007-2222 || url,www.microsoft.com/technet/security/bulletin/ms07-034.mspx
|
11540
11540
|
11832 || WEB-ACTIVEX Microsoft Direct Speech Recognition ActiveX function call access || cve,2007-2222 || url,www.microsoft.com/technet/security/bulletin/ms07-034.mspx
|
11541
11541
|
11833 || WEB-ACTIVEX Microsoft Direct Speech Recognition ActiveX function call unicode access || cve,2007-2222 || url,www.microsoft.com/technet/security/bulletin/ms07-034.mspx
|
11542
|
-
11834 || WEB-MISC Internet Explorer navcancl.htm url spoofing attempt || bugtraq,22966 || cve,2007-1499 || url,www.microsoft.com/technet/security/bulletin/MS07-033.mspx
|
11542
|
+
11834 || WEB-MISC Internet Explorer navcancl.htm url spoofing attempt || bugtraq,22966 || cve,2007-1499 || cve,2007-1752 || url,www.microsoft.com/technet/security/bulletin/MS07-033.mspx
|
11543
11543
|
11835 || POLICY Visio file download || url,office.microsoft.com/en-us/visio/default.aspx
|
11544
11544
|
11836 || MISC Visio version number anomaly || cve,2007-0934 || url,www.microsoft.com/technet/security/bulletin/MS07-030.mspx
|
11545
11545
|
11837 || SMTP MS Windows Mail UNC navigation remote command execution || cve,2007-1658 || url,www.microsoft.com/technet/security/bulletin/MS07-034.mspx
|
@@ -11959,7 +11959,7 @@
|
|
11959
11959
|
12253 || WEB-ACTIVEX Symantec NavComUI AxSysListView32OAA ActiveX function call unicode access || bugtraq,24983 || cve,2007-2955 || url,www.symantec.com/avcenter/security/Content/2007.08.09.html
|
11960
11960
|
12254 || DELETED EXPLOIT CA message queuing erroneous length field || bugtraq,25051 || cve,2007-0060
|
11961
11961
|
12255 || WEB-CGI CSGuestbook setup attempt || bugtraq,4448 || cve,2002-1750
|
11962
|
-
12256 || WEB-CLIENT Excel malformed FBI record || cve,2007-1203 || url,www.microsoft.com/technet/security/bulletin/ms07-023.mspx
|
11962
|
+
12256 || WEB-CLIENT Excel malformed FBI record || bugtraq,23826 || cve,2007-1203 || cve,2007-1747 || url,www.microsoft.com/technet/security/bulletin/ms07-023.mspx
|
11963
11963
|
12257 || WEB-ACTIVEX Microsoft DirectX Media SDK ActiveX clsid access || bugtraq,25279 || cve,2007-4336
|
11964
11964
|
12258 || WEB-ACTIVEX Microsoft DirectX Media SDK ActiveX clsid unicode access || bugtraq,25279 || cve,2007-4336
|
11965
11965
|
12259 || WEB-ACTIVEX Microsoft DirectX Media SDK ActiveX function call access || bugtraq,25279 || cve,2007-4336
|
@@ -11981,7 +11981,7 @@
|
|
11981
11981
|
12275 || WEB-ACTIVEX Microsoft Visual Basic 6 TypeLibInfo ActiveX function call access || cve,2007-2216 || url,www.microsoft.com/technet/security/bulletin/ms07-045.mspx
|
11982
11982
|
12276 || WEB-ACTIVEX Microsoft Visual Basic 6 TypeLibInfo ActiveX function call unicode access || cve,2007-2216 || url,www.microsoft.com/technet/security/bulletin/ms07-045.mspx
|
11983
11983
|
12277 || EXPLOIT Microsoft IE CSS memory corruption exploit || cve,2007-0943 || url,www.microsoft.com/technet/security/bulletin/ms07-045.mspx
|
11984
|
-
12278 || POLICY Microsoft Media Player compressed skin download || url,www.microsoft.com/technet/security/Bulletin/MS07-047.mspx
|
11984
|
+
12278 || POLICY Microsoft Media Player compressed skin download - .wmz || bugtraq,25305 || cve,2007-3037 || url,www.microsoft.com/technet/security/Bulletin/MS07-047.mspx
|
11985
11985
|
12279 || WEB-CLIENT Microsoft XML substringData integer overflow attempt || cve,2007-2223 || cve,2007-2224 || cve,2008-1442 || url,www.microsoft.com/technet/security/Bulletin/MS07-042.mspx || url,www.microsoft.com/technet/security/Bulletin/MS07-043.mspx || url,www.microsoft.com/technet/security/Bulletin/MS08-031.mspx
|
11986
11986
|
12280 || WEB-CLIENT VML source file memory corruption || bugtraq,25310 || cve,2007-1749 || url,www.microsoft.com/technet/security/Bulletin/MS07-050.mspx
|
11987
11987
|
12281 || WEB-CLIENT VML source file memory corruption || bugtraq,25310 || cve,2007-1749 || url,www.microsoft.com/technet/security/Bulletin/MS07-050.mspx
|
@@ -12486,9 +12486,9 @@
|
|
12486
12486
|
12783 || WEB-ACTIVEX Aurigma Image Uploader 4 Vulnerable Methods ActiveX function call unicode access || bugtraq,26537 || bugtraq,27577 || url,blogs.aurigma.com/post/2007/11/Security-issue-in-Image-Uploader.aspx || url,www.microsoft.com/technet/security/advisory/953839.mspx
|
12487
12487
|
12784 || EXPLOIT CA ARCserve Backup for Laptops rsxGetBackupLog second argument overflow || bugtraq,24348 || cve,2007-3216
|
12488
12488
|
12785 || EXPLOIT CA ARCserve Backup for Laptops rsxGetBackupComplete overflow attemp || bugtraq,24348 || cve,2007-3216
|
12489
|
-
12786 || EXPLOIT CA ARCserve Backup for Laptops
|
12490
|
-
12787 || EXPLOIT CA ARCserve Backup for Laptops
|
12491
|
-
12788 || EXPLOIT CA ARCserve Backup for Laptops
|
12489
|
+
12786 || EXPLOIT CA ARCserve Backup for Laptops rxsSetDataGrowthScheduleAndFilter overflow attempt || bugtraq,24348 || cve,2007-3216
|
12490
|
+
12787 || EXPLOIT CA ARCserve Backup for Laptops rxsSetDefaultConfigName overflow attempt || bugtraq,24348 || cve,2007-3216
|
12491
|
+
12788 || EXPLOIT CA ARCserve Backup for Laptops rxsSetDefaultConfigName overflow attempt || bugtraq,24348 || cve,2007-3216
|
12492
12492
|
12789 || SPYWARE-PUT Adware sunshine spy 1.0 runtime detection - check update || url,research.sunbelt-software.com/threatdisplay.aspx?name=Sunshine%20Spy&threatid=171191
|
12493
12493
|
12790 || SPYWARE-PUT Trackware partypoker runtime detection || url,research.sunbelt-software.com/threatdisplay.aspx?name=PartyPoker&threatid=44086
|
12494
12494
|
12791 || SPYWARE-PUT Adware gophoria toolbar runtime detection || url,spywaresignatures.com/details.php?spyware=gophoria || url,www.360zd.com/spyware/518.html || url,www.spywareguide.com/spydet_3093_gophoria_toolbar.html
|
@@ -12507,7 +12507,7 @@
|
|
12507
12507
|
12804 || WEB-ACTIVEX VideoLAN VLC ActiveX clsid unicode access || bugtraq,26675 || cve,2007-6262 || url,www.videolan.org/sa0703.html
|
12508
12508
|
12805 || WEB-ACTIVEX VideoLAN VLC ActiveX function call access || bugtraq,26675 || cve,2007-6262 || url,www.videolan.org/sa0703.html
|
12509
12509
|
12806 || WEB-ACTIVEX VideoLAN VLC ActiveX function call unicode access || bugtraq,26675 || cve,2007-6262 || url,www.videolan.org/sa0703.html
|
12510
|
-
12807 || SMTP Lotus 123 file attachment || bugtraq,26200 || cve,2007-4222 || url,www-1.ibm.com/support/docview.wss?uid=swg21285600 || url,www.coresecurity.com/index.php5?action=item&id=2008
|
12510
|
+
12807 || SMTP Lotus 123 file attachment || bugtraq,26200 || bugtraq,27835 || cve,2007-4222 || cve,2007-6593 || url,www-1.ibm.com/support/docview.wss?uid=swg21285600 || url,www.coresecurity.com/index.php5?action=item&id=2008
|
12511
12511
|
12808 || NETBIOS DCERPC NCACN-IP-TCP spoolss OpenPrinter overflow attempt || bugtraq,21220 || cve,2006-5854
|
12512
12512
|
12809 || DELETED NETBIOS SMB spoolss OpenPrinter WriteAndX andx overflow attempt || bugtraq,21220 || cve,2006-5854
|
12513
12513
|
12810 || DELETED NETBIOS SMB spoolss OpenPrinter WriteAndX little endian andx object call overflow attempt || bugtraq,21220 || cve,2006-5854
|
@@ -12862,7 +12862,7 @@
|
|
12862
12862
|
13159 || WEB_CLIENT Microsoft Media Player asf streaming format audio error masking integer overflow attempt || cve,2007-0064 || url,www.microsoft.com/technet/security/Bulletin/MS07-068.mspx
|
12863
12863
|
13160 || WEB-CLIENT Microsft Media Player asf streaming audio spread error correction data length integer overflow attempt || cve,2007-0064 || url,www.microsoft.com/technet/security/Bulletin/MS07-068.mspx
|
12864
12864
|
13161 || EXPLOIT HP OpenView CGI parameter buffer overflow attempt || bugtraq,26741 || cve,2007-6204 || cve,2008-0067
|
12865
|
-
13162 || NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters overflow attempt || bugtraq,21220 || cve,2006-5854
|
12865
|
+
13162 || NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters overflow attempt || bugtraq,21220 || cve,2006-5854 || cve,2006-6114
|
12866
12866
|
13163 || DELETED NETBIOS SMB v4 spoolss EnumPrinters little endian overflow attempt || bugtraq,21220 || cve,2006-5854
|
12867
12867
|
13164 || DELETED NETBIOS SMB v4 spoolss EnumPrinters WriteAndX overflow attempt || bugtraq,21220 || cve,2006-5854
|
12868
12868
|
13165 || DELETED NETBIOS SMB v4 spoolss EnumPrinters WriteAndX little endian overflow attempt || bugtraq,21220 || cve,2006-5854
|
@@ -12969,10 +12969,10 @@
|
|
12969
12969
|
13266 || WEB-ACTIVEX SkyFex Client ActiveX clsid access || bugtraq,27059
|
12970
12970
|
13267 || WEB-ACTIVEX SkyFex Client ActiveX clsid unicode access || bugtraq,27059
|
12971
12971
|
13268 || RPC MIT Kerberos kadmind rpc library uninitialized pointer arbitrary code execution attempt || bugtraq,24655 || cve,2007-2442 || url,web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt
|
12972
|
-
13269 ||
|
12973
|
-
13270 ||
|
12974
|
-
13271 ||
|
12975
|
-
13272 ||
|
12972
|
+
13269 || EXPLOIT Multiple product nntp uri handling code execution attempt || bugtraq,25053 || bugtraq,25945 || cve,2007-3845 || cve,2007-3896 || cve,2007-4041 || url,www.microsoft.com/technet/security/advisory/943521.mspx || url,www.microsoft.com/technet/security/bulletin/ms07-057.mspx
|
12973
|
+
13270 || EXPLOIT Multiple product news uri handling code execution attempt || bugtraq,25053 || bugtraq,25945 || cve,2007-3845 || cve,2007-3896 || cve,2007-4041 || url,www.microsoft.com/technet/security/advisory/943521.mspx || url,www.microsoft.com/technet/security/bulletin/ms07-057.mspx
|
12974
|
+
13271 || EXPLOIT Multiple product telnet uri handling code execution attempt || bugtraq,25053 || bugtraq,25945 || cve,2007-3845 || cve,2007-3896 || cve,2007-4041 || url,www.microsoft.com/technet/security/advisory/943521.mspx || url,www.microsoft.com/technet/security/bulletin/ms07-057.mspx
|
12975
|
+
13272 || EXPLOIT Multiple product mailto uri handling code execution attempt || bugtraq,25053 || bugtraq,25945 || cve,2007-3845 || cve,2007-3896 || cve,2007-4041 || url,www.microsoft.com/technet/security/advisory/943521.mspx || url,www.microsoft.com/technet/security/bulletin/ms07-057.mspx
|
12976
12976
|
13273 || WEB-ACTIVEX DivX Web Player ActiveX clsid access || bugtraq,27106
|
12977
12977
|
13274 || WEB-ACTIVEX DivX Web Player ActiveX clsid unicode access || bugtraq,27106
|
12978
12978
|
13275 || WEB-ACTIVEX DivX Web Player ActiveX function call access || bugtraq,27106
|
@@ -13012,11 +13012,11 @@
|
|
13012
13012
|
13313 || WEB-ACTIVEX StreamAudio ProxyManager ActiveX clsid unicode access || bugtraq,27247 || cve,2008-0248
|
13013
13013
|
13314 || WEB-ACTIVEX StreamAudio ProxyManager ActiveX function call access || bugtraq,27247 || cve,2008-0248
|
13014
13014
|
13315 || WEB-ACTIVEX StreamAudio ProxyManager ActiveX function call unicode access || bugtraq,27247 || cve,2008-0248
|
13015
|
-
13316 || WEB-CLIENT 3ivx MP4 file parsing ART buffer overflow attempt || bugtraq,26773 || cve,2007-6401
|
13016
|
-
13317 || WEB-CLIENT 3ivx MP4 file parsing nam buffer overflow attempt || bugtraq,26773 || cve,2007-6401
|
13017
|
-
13318 || WEB-CLIENT 3ivx MP4 file parsing cmt buffer overflow attempt || bugtraq,26773 || cve,2007-6401
|
13018
|
-
13319 || WEB-CLIENT 3ivx MP4 file parsing des buffer overflow attempt || bugtraq,26773 || cve,2007-6401
|
13019
|
-
13320 || WEB-CLIENT 3ivx MP4 file parsing cpy buffer overflow attempt || bugtraq,26773 || cve,2007-6401
|
13015
|
+
13316 || WEB-CLIENT 3ivx MP4 file parsing ART buffer overflow attempt || bugtraq,19976 || bugtraq,26773 || cve,2006-4386 || cve,2007-6401
|
13016
|
+
13317 || WEB-CLIENT 3ivx MP4 file parsing nam buffer overflow attempt || bugtraq,19976 || bugtraq,26773 || cve,2006-4386 || cve,2007-6401
|
13017
|
+
13318 || WEB-CLIENT 3ivx MP4 file parsing cmt buffer overflow attempt || bugtraq,19976 || bugtraq,26773 || cve,2006-4386 || cve,2007-6401
|
13018
|
+
13319 || WEB-CLIENT 3ivx MP4 file parsing des buffer overflow attempt || bugtraq,19976 || bugtraq,26773 || cve,2006-4386 || cve,2007-6401
|
13019
|
+
13320 || WEB-CLIENT 3ivx MP4 file parsing cpy buffer overflow attempt || bugtraq,19976 || bugtraq,26773 || cve,2006-4386 || cve,2007-6401
|
13020
13020
|
13321 || WEB-ACTIVEX Microsoft Package and Deployment Wizard ActiveX clsid access || bugtraq,25295 || cve,2007-3041 || url,www.microsoft.com/technet/security/bulletin/MS07-045.mspx
|
13021
13021
|
13322 || WEB-ACTIVEX Microsoft Package and Deployment Wizard ActiveX clsid unicode access || bugtraq,25295 || cve,2007-3041 || url,www.microsoft.com/technet/security/bulletin/MS07-045.mspx
|
13022
13022
|
13323 || WEB-ACTIVEX Microsoft Package and Deployment Wizard ActiveX function call access || bugtraq,25295 || cve,2007-3041 || url,www.microsoft.com/technet/security/bulletin/MS07-045.mspx
|
@@ -13143,6 +13143,7 @@
|
|
13143
13143
|
13465 || WEB-CLIENT Microsoft Works file download request
|
13144
13144
|
13467 || WEB-ACTIVEX Office 2000 and 2002 Web Components Spreadsheet ActiveX clsid unicode access || bugtraq,4453 || cve,2002-0860 || cve,2006-4695 || url,www.microsoft.com/technet/security/bulletin/MS02-044.mspx
|
13145
13145
|
13468 || WEB-ACTIVEX Office 2000 and 2002 Web Components Data Source Control ActiveX clsid unicode access || bugtraq,4449 || cve,2002-0727 || cve,2007-1201 || url,www.microsoft.com/technet/security/Bulletin/MS08-017.mspx || url,www.microsoft.com/technet/security/bulletin/MS02-044.mspx
|
13146
|
+
13472 || EXPLOIT Microsoft Works invalid chunk size || cve,2008-0108 || url,www.microsoft.com/technet/security/bulletin/MS08-011.mspx
|
13146
13147
|
13473 || WEB-MISC Microsoft Publisher file download
|
13147
13148
|
13477 || SPECIFIC-THREATS Adobe PDF collab.collectEmailInfo exploit attempt - compressed || bugtraq,27641 || cve,2008-0655
|
13148
13149
|
13478 || SPECIFIC-THREATS Adobe PDF collab.collectEmailInfo exploit attempt || bugtraq,27641 || cve,2008-0655
|
@@ -13188,10 +13189,10 @@
|
|
13188
13189
|
13520 || EXPLOIT Winamp Ultravox streaming malicious metadata || cve,2008-0065
|
13189
13190
|
13521 || EXPLOIT Winamp Ultravox streaming malicious metadata || cve,2008-0065
|
13190
13191
|
13522 || EXPLOIT Firebird Database Server username handling buffer overflow || bugtraq,27467 || cve,2008-0467
|
13191
|
-
13523 || WEB-ACTIVEX Novell iPrint ActiveX clsid access || bugtraq,29736 || bugtraq,30813 || bugtraq,30986 || cve,2008-2431 || cve,2008-2432 || cve,2008-2908 || url,secunia.com/advisories/40782 || url,support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5028061.html
|
13192
|
-
13524 || WEB-ACTIVEX Novell iPrint ActiveX clsid unicode access || bugtraq,29736 || bugtraq,30813 || bugtraq,30986 || cve,2008-2431 || cve,2008-2432 || cve,2008-2908 || url,secunia.com/advisories/40782 || url,support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5028061.html
|
13193
|
-
13525 || WEB-ACTIVEX Novell iPrint ActiveX function call access || bugtraq,29736 || bugtraq,30813 || bugtraq,30986 || cve,2008-2431 || cve,2008-2432 || cve,2008-2908 || url,secunia.com/advisories/40782 || url,support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5028061.html
|
13194
|
-
13526 || WEB-ACTIVEX Novell iPrint ActiveX function call unicode access || bugtraq,29736 || bugtraq,30813 || bugtraq,30986 || cve,2008-2431 || cve,2008-2432 || cve,2008-2908 || url,secunia.com/advisories/40782 || url,support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5028061.html
|
13192
|
+
13523 || WEB-ACTIVEX Novell iPrint ActiveX clsid access || bugtraq,27939 || bugtraq,29736 || bugtraq,30813 || bugtraq,30986 || bugtraq,31370 || cve,2008-0935 || cve,2008-2431 || cve,2008-2432 || cve,2008-2436 || cve,2008-2908 || url,secunia.com/advisories/40782 || url,support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5028061.html
|
13193
|
+
13524 || WEB-ACTIVEX Novell iPrint ActiveX clsid unicode access || bugtraq,27939 || bugtraq,29736 || bugtraq,30813 || bugtraq,30986 || bugtraq,31370 || cve,2008-0935 || cve,2008-2431 || cve,2008-2432 || cve,2008-2436 || cve,2008-2908 || url,secunia.com/advisories/40782 || url,support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5028061.html
|
13194
|
+
13525 || WEB-ACTIVEX Novell iPrint ActiveX function call access || bugtraq,27939 || bugtraq,29736 || bugtraq,30813 || bugtraq,30986 || bugtraq,31370 || cve,2008-0935 || cve,2008-2431 || cve,2008-2432 || cve,2008-2436 || cve,2008-2908 || url,secunia.com/advisories/40782 || url,support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5028061.html
|
13195
|
+
13526 || WEB-ACTIVEX Novell iPrint ActiveX function call unicode access || bugtraq,27939 || bugtraq,29736 || bugtraq,30813 || bugtraq,30986 || bugtraq,31370 || cve,2008-0935 || cve,2008-2431 || cve,2008-2432 || cve,2008-2436 || cve,2008-2908 || url,secunia.com/advisories/40782 || url,support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5028061.html
|
13195
13196
|
13527 || WEB-ACTIVEX D-Link MPEG4 SHM Audio Control ActiveX clsid access || bugtraq,28010
|
13196
13197
|
13528 || WEB-ACTIVEX D-Link MPEG4 SHM Audio Control ActiveX clsid unicode access || bugtraq,28010
|
13197
13198
|
13529 || WEB-ACTIVEX D-Link MPEG4 SHM Audio Control ActiveX function call access || bugtraq,28010
|
@@ -13218,9 +13219,9 @@
|
|
13218
13219
|
13550 || WEB-ACTIVEX Sony ImageStation ActiveX function call unicode access || bugtraq,27715 || cve,2008-0748
|
13219
13220
|
13551 || ORACLE Oracle XDB.XDB_PITRIG_PKG sql injection attempt || bugtraq,27229 || cve,2008-0339 || url,www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2008.html
|
13220
13221
|
13552 || EXPLOIT Symantec VERITAS Storage Foundation Suite buffer overflow attempt || bugtraq,25778 || cve,2008-0638 || url,www.symantec.com/avcenter/security/Content/2008.02.20a.html
|
13221
|
-
13553 || EXPLOIT Sybase SQL Anywhere Mobilink username string buffer overflow || bugtraq,27914 || url,aluigi.altervista.org/adv/mobilinkhof-adv.txt
|
13222
|
-
13554 || EXPLOIT Sybase SQL Anywhere Mobilink version string buffer overflow || bugtraq,27914 || url,aluigi.altervista.org/adv/mobilinkhof-adv.txt
|
13223
|
-
13555 || EXPLOIT Sybase SQL Anywhere Mobilink remoteID string buffer overflow || bugtraq,27914 || url,aluigi.altervista.org/adv/mobilinkhof-adv.txt
|
13222
|
+
13553 || EXPLOIT Sybase SQL Anywhere Mobilink username string buffer overflow || bugtraq,27914 || cve,2008-0912 || url,aluigi.altervista.org/adv/mobilinkhof-adv.txt
|
13223
|
+
13554 || EXPLOIT Sybase SQL Anywhere Mobilink version string buffer overflow || bugtraq,27914 || cve,2008-0912 || url,aluigi.altervista.org/adv/mobilinkhof-adv.txt
|
13224
|
+
13555 || EXPLOIT Sybase SQL Anywhere Mobilink remoteID string buffer overflow || bugtraq,27914 || cve,2008-0912 || url,aluigi.altervista.org/adv/mobilinkhof-adv.txt
|
13224
13225
|
13556 || SPYWARE-PUT Hijacker kword interkey runtime detection - search traffic 1 || url,research.sunbelt-software.com/threatdisplay.aspx?name=Kword.InterKey&threatid=46477 || url,www.noadware.net/research/index2.php?item_id=2656&item_name=Kword.InterKey
|
13225
13226
|
13557 || SPYWARE-PUT Hijacker kword interkey runtime detection - search traffic 2 || url,research.sunbelt-software.com/threatdisplay.aspx?name=Kword.InterKey&threatid=46477 || url,www.noadware.net/research/index2.php?item_id=2656&item_name=Kword.InterKey
|
13226
13227
|
13558 || SPYWARE-PUT Hijacker kword interkey runtime detection - log user info || url,research.sunbelt-software.com/threatdisplay.aspx?name=Kword.InterKey&threatid=46477 || url,www.noadware.net/research/index2.php?item_id=2656&item_name=Kword.InterKey
|
@@ -13277,8 +13278,8 @@
|
|
13277
13278
|
13623 || WEB-ACTIVEX CA BrightStor ListCtrl ActiveX function call access || bugtraq,28268 || cve,2008-1472
|
13278
13279
|
13624 || WEB-ACTIVEX CA BrightStor ListCtrl ActiveX function call unicode access || bugtraq,28268 || cve,2008-1472
|
13279
13280
|
13625 || BACKDOOR MBR rootkit HTTP POST activity detected || url,www.sophos.com/security/blog/2008/01/987.html
|
13280
|
-
13627 || WEB-CLIENT Microsoft Access file download request || url,support.microsoft.com/kb/925330
|
13281
|
-
13628 || WEB-CLIENT Microsoft Access file download request || url,support.microsoft.com/kb/925330
|
13281
|
+
13627 || DELETED WEB-CLIENT Microsoft Access file download request || url,support.microsoft.com/kb/925330
|
13282
|
+
13628 || DELETED WEB-CLIENT Microsoft Access file download request || url,support.microsoft.com/kb/925330
|
13282
13283
|
13631 || MISC McAfee ePolicy Orchestrator Framework Services log handling format string attempt || bugtraq,28228 || cve,2008-1357 || url,knowledge.mcafee.com/article/234/615103_f.sal_public.html
|
13283
13284
|
13632 || WEB-CLIENT Zango adware installation request || url,www.ftc.gov/os/caselist/0523130/index.shtm
|
13284
13285
|
13635 || SPYWARE-PUT Trickler downloader trojan.gen runtime detection - get malicious link || url,ca.com/us/securityadvisor/pest/pest.aspx?id=453120536 || url,www.prevx.com/filenames/X1895686732762432147-0/LAF4.EXE.html
|
@@ -13501,8 +13502,8 @@
|
|
13501
13502
|
13910 || DELETED WEB-ACTIVEX Microsoft Access Snapshot Viewer 2 ActiveX function call unicode access || cve,2008-2463 || url,www.microsoft.com/TechNet/security/advisory/955179.mspx || url,www.microsoft.com/technet/security/bulletin/ms08-041.mspx
|
13502
13503
|
13911 || WEB-CLIENT Microsoft search file download attempt
|
13503
13504
|
13912 || SPECIFIC-THREATS isComponentInstalled Metasploit attack attempt || bugtraq,16870
|
13504
|
-
13913 || WEB-ACTIVEX AcroPDF.PDF ActiveX function call access || bugtraq,21155 || cve,2006-6027 || url,www.adobe.com/support/security/advisories/apsa06-02.html
|
13505
|
-
13914 || WEB-ACTIVEX AcroPDF.PDF ActiveX function call unicode access || bugtraq,21155 || cve,2006-6027 || url,www.adobe.com/support/security/advisories/apsa06-02.html
|
13505
|
+
13913 || WEB-ACTIVEX AcroPDF.PDF ActiveX function call access || bugtraq,21155 || cve,2005-0035 || cve,2006-6027 || cve,2006-6236 || url,www.adobe.com/support/security/advisories/apsa06-02.html
|
13506
|
+
13914 || WEB-ACTIVEX AcroPDF.PDF ActiveX function call unicode access || bugtraq,21155 || cve,2005-0035 || cve,2006-6027 || cve,2006-6236 || url,www.adobe.com/support/security/advisories/apsa06-02.html
|
13506
13507
|
13915 || WEB-MISC backup file download attempt
|
13507
13508
|
13916 || EXPLOIT Alt-N SecurityGateway username buffer overflow attempt || cve,2008-4193 || url,secunia.com/advisories/30497/
|
13508
13509
|
13917 || WEB-CLIENT Apple QuickTime MOV file string handling integer overflow attempt || bugtraq,15306 || cve,2005-2753
|
@@ -13514,7 +13515,7 @@
|
|
13514
13515
|
13925 || FTP Computer Associates eTrust Secure Content Manager PASV stack overflow attempt || cve,2008-2541
|
13515
13516
|
13926 || EXPLOIT Novell Groupwise HTTP response message parsing overflow || cve,2008-2703
|
13516
13517
|
13927 || TFTP Server log generation buffer overflow attempt || cve,2008-2161
|
13517
|
-
13928 ||
|
13518
|
+
13928 || SPECIFIC-THREATS Adobe RoboHelp r0 SQL injection attempt || cve,2008-2991
|
13518
13519
|
13929 || WEB-MISC Adobe RoboHelp rx SQL injection attempt || cve,2008-2991
|
13519
13520
|
13930 || SPYWARE-PUT Trickler pc privacy cleaner runtime detection - order/register request || url,malware-remover.com/pcprivacycleaner-removal-tool-pc-privacy-cleaner/ || url,www.xp-vista.com/spyware-removal/pcprivacycleaner-pc-privacy-cleaner-removal-instructions
|
13520
13521
|
13931 || SPYWARE-PUT Trickler pc privacy cleaner runtime detection - auto update || url,malware-remover.com/pcprivacycleaner-removal-tool-pc-privacy-cleaner/ || url,www.xp-vista.com/spyware-removal/pcprivacycleaner-pc-privacy-cleaner-removal-instructions
|
@@ -14192,8 +14193,8 @@
|
|
14192
14193
|
14762 || WEB-ACTIVEX iseemedia LPViewer ActiveX function call access || bugtraq,31604 || cve,2008-4384
|
14193
14194
|
14763 || WEB-ACTIVEX iseemedia LPViewer ActiveX function call unicode access || bugtraq,31604 || cve,2008-4384
|
14194
14195
|
14764 || WEB-ACTIVEX Macrovision InstallShield Update Service Agent ActiveX clsid access || bugtraq,31235 || cve,2008-2470
|
14195
|
-
14765 || WEB-ACTIVEX Macrovision InstallShield Update Service Agent ActiveX
|
14196
|
-
14766 || WEB-ACTIVEX Macrovision InstallShield Update Service Agent ActiveX function call access || bugtraq,31235 || cve,2008-2470
|
14196
|
+
14765 || WEB-ACTIVEX Macrovision InstallShield Update Service Agent ActiveX function call || bugtraq,31235 || cve,2008-2470
|
14197
|
+
14766 || DELETED WEB-ACTIVEX Macrovision InstallShield Update Service Agent ActiveX function call access || bugtraq,31235 || cve,2008-2470
|
14197
14198
|
14767 || WEB-ACTIVEX Macrovision InstallShield Update Service Agent ActiveX function call unicode access || bugtraq,31235 || cve,2008-2470
|
14198
14199
|
14768 || MISC Symantec Veritas Storage Scheduler Service NULL Session auth bypass attempt || bugtraq,30596 || cve,2008-3703
|
14199
14200
|
14769 || EXPLOIT DATAC RealWin SCADA System FC_INFOTAG/SET_CONTROL buffer overflow attempt || bugtraq,31418 || cve,2008-4322
|
@@ -14212,10 +14213,10 @@
|
|
14212
14213
|
14897 || WEB-ACTIVEX HP Software Update RulesEngine.dll ActiveX function call access || bugtraq,26950 || cve,2007-6506
|
14213
14214
|
14898 || WEB-ACTIVEX HP Software Update RulesEngine.dll ActiveX function call unicode access || bugtraq,26950 || cve,2007-6506
|
14214
14215
|
14899 || DELETED NETBIOS SMB netdfs unicode little endian bind attempt
|
14215
|
-
14900 || NETBIOS DCERPC NCACN-IP-TCP netdfs NetrDfsEnum attempt || bugtraq,24198 || cve,2007-2446
|
14216
|
+
14900 || NETBIOS DCERPC NCACN-IP-TCP netdfs NetrDfsEnum overflow attempt || bugtraq,24198 || cve,2007-2446
|
14216
14217
|
14986 || SHELLCODE x86 fldz get eip shellcode
|
14217
14218
|
14987 || DELETED NETBIOS SMB netdfs unicode little endian bind attempt
|
14218
|
-
14988 || NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum attempt || bugtraq,24198 || cve,2007-2446
|
14219
|
+
14988 || NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum overflow attempt || bugtraq,24198 || cve,2007-2446
|
14219
14220
|
14989 || WEB-MISC Novell eDirectory SOAP Accept Language header overflow attempt || cve,2008-4479
|
14220
14221
|
14990 || WEB-MISC Novell eDirectory SOAP Accept Charset header overflow attempt || cve,2008-4479
|
14221
14222
|
14991 || SQL IBM DB2 Universal Database xmlquery buffer overflow attempt || bugtraq,29601 || cve,2008-3854
|
@@ -14253,7 +14254,7 @@
|
|
14253
14254
|
15080 || MULTIMEDIA VideoLAN VLC Media Player WAV processing integer overflow attempt || bugtraq,30058 || cve,2008-2430
|
14254
14255
|
15081 || WEB-CLIENT Sun Java Web Start xml encoding buffer overflow attempt || bugtraq,28083 || cve,2008-1188 || url,sunsolve.sun.com/search/document.do?assetkey=1-66-233323-1
|
14255
14256
|
15123 || WEB-CLIENT Rich Text Format file request
|
14256
|
-
15126 || WEB-CLIENT Internet Explorer nested
|
14257
|
+
15126 || WEB-CLIENT Internet Explorer nested tag memory corruption attempt || bugtraq,32721 || cve,2008-4844 || url,www.microsoft.com/technet/security/bulletin/ms08-078.mspx
|
14257
14258
|
15127 || NETBIOS SMB sp_replwritetovarbin vulnerable function WriteAndX andx attempt || bugtraq,32710 || cve,2008-5416 || url,www.microsoft.com/technet/security/bulletin/MS09-004.mspx
|
14258
14259
|
15128 || NETBIOS SMB sp_replwritetovarbin vulnerable function WriteAndX attempt || bugtraq,32710 || cve,2008-5416 || url,www.microsoft.com/technet/security/bulletin/MS09-004.mspx
|
14259
14260
|
15129 || NETBIOS SMB sp_replwritetovarbin vulnerable function WriteAndX unicode andx attempt || bugtraq,32710 || cve,2008-5416 || url,www.microsoft.com/technet/security/bulletin/MS09-004.mspx
|
@@ -14274,15 +14275,15 @@
|
|
14274
14275
|
15144 || SQL sp_replwritetovarbin vulnerable function attempt || bugtraq,32710 || cve,2008-5416 || url,www.microsoft.com/technet/security/bulletin/MS09-004.mspx
|
14275
14276
|
15145 || EXPLOIT Apple CUPS TrueColor PNG filter overly large image height integer overflow attempt || bugtraq,32518 || cve,2008-5286 || url,www.cups.org/str.php?L2974
|
14276
14277
|
15146 || EXPLOIT Apple CUPS RGB+Alpha PNG filter overly large image height integer overflow attempt || bugtraq,32518 || cve,2008-5286 || url,www.cups.org/str.php?L2974
|
14277
|
-
15147 ||
|
14278
|
+
15147 || WEB-CLIENT Microsoft IE malformed iframe buffer overflow attempt || cve,2004-1050
|
14278
14279
|
15150 || CHAT Jive Software Openfire Jabber Server login Authentication bypass attempt || bugtraq,32189
|
14279
14280
|
15151 || CHAT Jive Software Openfire Jabber Server logout Authentication bypass attempt || bugtraq,32189
|
14280
14281
|
15152 || CHAT Jive Software Openfire Jabber Server setup-index Authentication bypass attempt || bugtraq,32189
|
14281
|
-
15153 || CHAT Jive Software Openfire Jabber Server setup Authentication bypass attempt || bugtraq,32189
|
14282
|
+
15153 || CHAT Jive Software Openfire Jabber Server setup Authentication bypass attempt || bugtraq,32189 || cve,2008-6509
|
14282
14283
|
15154 || CHAT Jive Software Openfire Jabber Server gif Authentication bypass attempt || bugtraq,32189
|
14283
14284
|
15155 || CHAT Jive Software Openfire Jabber Server png Authentication bypass attempt || bugtraq,32189
|
14284
14285
|
15156 || CHAT Jive Software Openfire Jabber Server serverdown Authentication bypass attempt || bugtraq,32189
|
14285
|
-
15157 || WEB-CLIENT VideoLAN VLC Media Player XSPF memory corruption attempt || cve,2008-4558
|
14286
|
+
15157 || WEB-CLIENT VideoLAN VLC Media Player XSPF memory corruption attempt TEST || cve,2008-4558
|
14286
14287
|
15158 || WEB-MISC XML Shareable Playlist Format file download attempt
|
14287
14288
|
15159 || WEB-ACTIVEX Evans FTP ActiveX clsid access || bugtraq,32814
|
14288
14289
|
15160 || WEB-ACTIVEX Evans FTP ActiveX clsid unicode access || bugtraq,32814
|
@@ -14315,7 +14316,7 @@
|
|
14315
14316
|
15187 || MISC Multiple vendors CUPS HPGL filter remote code execution attempt || bugtraq,31688 || cve,2008-3641
|
14316
14317
|
15188 || MISC Multiple vendors CUPS HPGL filter remote code execution attempt || bugtraq,31688 || cve,2008-3641 || url,www.cups.org/str.php?L2911
|
14317
14318
|
15189 || MISC Multiple vendors CUPS HPGL filter remote code execution attempt || bugtraq,31688 || cve,2008-3641 || url,www.cups.org/str.php?L2911
|
14318
|
-
15190 || WEB-MISC Youngzsoft CCProxy CONNECT Request buffer overflow attempt || bugtraq,31416
|
14319
|
+
15190 || WEB-MISC Youngzsoft CCProxy CONNECT Request buffer overflow attempt || bugtraq,31416 || cve,2008-6415
|
14319
14320
|
15191 || SPECIFIC-THREATS Mozilla Firefox animated PNG processing integer overflow || cve,2008-4064
|
14320
14321
|
15192 || WEB-ACTIVEX SizerOne ActiveX clsid access || bugtraq,33148 || cve,2008-4827
|
14321
14322
|
15193 || WEB-ACTIVEX SizerOne ActiveX clsid unicode access || bugtraq,33148 || cve,2008-4827
|
@@ -14396,10 +14397,10 @@
|
|
14396
14397
|
15308 || WEB-ACTIVEX Microsoft Animation Control ActiveX clsid unicode access || url,support.microsoft.com/kb/960715
|
14397
14398
|
15309 || WEB-ACTIVEX Microsoft Animation Control ActiveX function call access || url,support.microsoft.com/kb/960715
|
14398
14399
|
15310 || WEB-ACTIVEX Microsoft Animation Control ActiveX function call unicode access || url,support.microsoft.com/kb/960715
|
14399
|
-
15311 || WEB-ACTIVEX Research In Motion AxLoader ActiveX clsid access || url,support.microsoft.com/kb/960715
|
14400
|
-
15312 || WEB-ACTIVEX Research In Motion AxLoader ActiveX clsid unicode access || url,support.microsoft.com/kb/960715
|
14401
|
-
15313 || WEB-ACTIVEX Research In Motion AxLoader ActiveX function call access || url,support.microsoft.com/kb/960715
|
14402
|
-
15314 || WEB-ACTIVEX Research In Motion AxLoader ActiveX function call unicode access || url,support.microsoft.com/kb/960715
|
14400
|
+
15311 || WEB-ACTIVEX Research In Motion AxLoader ActiveX clsid access || bugtraq,33663 || cve,2009-0305 || url,support.microsoft.com/kb/960715
|
14401
|
+
15312 || WEB-ACTIVEX Research In Motion AxLoader ActiveX clsid unicode access || bugtraq,33663 || cve,2009-0305 || url,support.microsoft.com/kb/960715
|
14402
|
+
15313 || WEB-ACTIVEX Research In Motion AxLoader ActiveX function call access || bugtraq,33663 || cve,2009-0305 || url,support.microsoft.com/kb/960715
|
14403
|
+
15314 || WEB-ACTIVEX Research In Motion AxLoader ActiveX function call unicode access || bugtraq,33663 || cve,2009-0305 || url,support.microsoft.com/kb/960715
|
14403
14404
|
15315 || WEB-ACTIVEX Akamai DownloadManager ActiveX clsid access || url,support.microsoft.com/kb/960715
|
14404
14405
|
15316 || WEB-ACTIVEX Akamai DownloadManager ActiveX clsid unicode access || url,support.microsoft.com/kb/960715
|
14405
14406
|
15317 || WEB-ACTIVEX Akamai DownloadManager ActiveX function call access || url,support.microsoft.com/kb/960715
|
@@ -14508,9 +14509,9 @@
|
|
14508
14509
|
15428 || WEB-CLIENT Mozilla Firefox SVG data processing memory corruption attempt || bugtraq,33990 || cve,2009-0771 || url,www.mozilla.org/security/announce/2009/mfsa2009-07.html
|
14509
14510
|
15429 || CONTENT-REPLACE Yahoo Messenger deny outbound login attempt
|
14510
14511
|
15430 || WEB-CLIENT Microsoft EMF+ GpFont.SetData buffer overflow attempt || bugtraq,34250 || cve,2009-1217
|
14511
|
-
15431 || SPECIFIC-THREATS Firefox 3 xsl parsing heap overflow attempt || bugtraq,34235 || cve,2009-1169
|
14512
|
+
15431 || SPECIFIC-THREATS Firefox 3 xsl parsing heap overflow attempt || bugtraq,34235 || cve,2009-1169 || url,www.mozilla.org/security/announce/2009/mfsa2009-12.html
|
14512
14513
|
15432 || WEB-PHP wordpress cat parameter arbitrary file execution attempt || bugtraq,28845 || cve,2008-4769
|
14513
|
-
15434 || WEB-MISC HP OpenView Network Node Manager OvOSLocale parameter buffer overflow attempt || bugtraq,
|
14514
|
+
15434 || WEB-MISC HP OpenView Network Node Manager OvOSLocale parameter buffer overflow attempt || bugtraq,34134 || cve,2009-0920
|
14514
14515
|
15435 || EXPLOIT IBM Director CIM server consumer name handling denial of service attempt || bugtraq,34061 || cve,2009-0879
|
14515
14516
|
15436 || EXPLOIT IBM Tivoli Storage Manager Express Backup counter heap corruption attempt || bugtraq,34077 || cve,2008-4563 || url,www-01.ibm.com/support/docview.wss?uid=swg21377388
|
14516
14517
|
15437 || EXPLOIT IBM Tivoli Storage Manager Express Backup message length heap corruption attempt || bugtraq,34077 || cve,2008-4563 || url,www-01.ibm.com/support/docview.wss?uid=swg21377388
|
@@ -14518,18 +14519,18 @@
|
|
14518
14519
|
15439 || CONTENT-REPLACE QQ 2009 deny tcp login
|
14519
14520
|
15440 || CONTENT-REPLACE QQ 2008 deny udp login
|
14520
14521
|
15441 || CONTENT-REPLACE QQ 2009 deny tcp login
|
14521
|
-
15442 || MYSQL XML Functions ExtractValue Scalar XPath denial of service attempt || cve,2009-0819 || url,dev.mysql.com/doc/refman/5.1/en/news-5-1-32.html || url,secunia.com/advisories/34115
|
14522
|
-
15443 || MYSQL XML Functions UpdateXML Scalar XPath denial of service attempt || cve,2009-0819 || url,dev.mysql.com/doc/refman/5.1/en/news-5-1-32.html || url,secunia.com/advisories/34115
|
14522
|
+
15442 || MYSQL XML Functions ExtractValue Scalar XPath denial of service attempt || bugtraq,33972 || cve,2009-0819 || url,dev.mysql.com/doc/refman/5.1/en/news-5-1-32.html || url,secunia.com/advisories/34115
|
14523
|
+
15443 || MYSQL XML Functions UpdateXML Scalar XPath denial of service attempt || bugtraq,33972 || cve,2009-0819 || url,dev.mysql.com/doc/refman/5.1/en/news-5-1-32.html || url,secunia.com/advisories/34115
|
14523
14524
|
15444 || WEB-MISC Core Audio Format file download attempt
|
14524
14525
|
15445 || ORACLE Oracle Application Server BPEL module cross site scripting attempt || cve,2008-4014
|
14525
|
-
15446 || WEB-MISC Novell eDirectory management console Accept-Language buffer overflow attempt || cve,2008-5094 || url,download.novell.com/Download?buildid=Cf15mVyA3GI~
|
14526
|
+
15446 || WEB-MISC Novell eDirectory management console Accept-Language buffer overflow attempt || bugtraq,31553 || cve,2008-4479 || cve,2008-5094 || url,download.novell.com/Download?buildid=Cf15mVyA3GI~
|
14526
14527
|
15447 || DELETED WEB-CLIENT Firefox XML parser memory corruption attempt || cve,2009-1232
|
14527
14528
|
15448 || NETBIOS DCERPC NCADG-IP-UDP srvsvc NetrShareEnum null policy handle attempt || arachnids,454
|
14528
14529
|
15463 || WEB-CLIENT Microsoft Excel file request
|
14529
14530
|
15464 || WEB-CLIENT Microsoft Excel file request
|
14530
14531
|
15471 || WEB-CLIENT asp file upload
|
14531
14532
|
15472 || WEB-CLIENT Nullsoft Winamp pls file player name handling buffer overflow attempt || bugtraq,16410 || cve,2006-0476
|
14532
|
-
15473 || WEB-CLIENT Multiple media players M3U playlist file handling buffer overflow attempt || bugtraq,16410 || bugtraq,21206 || cve,2006-0476 || cve,2006-6063
|
14533
|
+
15473 || WEB-CLIENT Multiple media players M3U playlist file handling buffer overflow attempt || bugtraq,16410 || bugtraq,16623 || bugtraq,21206 || cve,2006-0476 || cve,2006-0708 || cve,2006-6063
|
14533
14534
|
15476 || SPYWARE-PUT Waledac spam bot HTTP POST request || url,blogs.technet.com/mmpc/archive/2009/04/14/wheres-waledac.aspx
|
14534
14535
|
15477 || EXPLOIT Oracle BEA WebLogic overlong JESSIONID buffer overflow attempt || cve,2008-5457
|
14535
14536
|
15478 || SPECIFIC-THREATS Adobe Flash Player invalid object reference code execution attempt || bugtraq,33880 || cve,2009-0520
|
@@ -14537,7 +14538,7 @@
|
|
14537
14538
|
15481 || BOTNET-CNC Zeus/Zbot malware config file download request || url,www.viruslist.com/en/viruses/encyclopedia?virusid=21782783
|
14538
14539
|
15482 || EXPLOIT Sun Java System sockd authentication buffer overflow attempt || cve,2007-2881
|
14539
14540
|
15483 || WEB-MISC Adobe Shockwave Flash file request
|
14540
|
-
15484 || IMAP CRAM-MD5 authentication method buffer overflow || bugtraq,11675 || bugtraq,23172 || cve,2004-1520 || cve,2007-1675
|
14541
|
+
15484 || IMAP CRAM-MD5 authentication method buffer overflow || bugtraq,11675 || bugtraq,14317 || bugtraq,23172 || cve,2004-1520 || cve,2007-1675
|
14541
14542
|
15485 || SPECIFIC-THREATS IBM Lotus Notes DOC attachment viewer buffer overflow || bugtraq,26146 || cve,2007-5544
|
14542
14543
|
15486 || DELETED BACKDOOR Kraken command and control server search attempt || url,www.securityfocus.com/brief/743
|
14543
14544
|
15487 || MULTIMEDIA Apple QuickTime SMIL qtnext redirect file execution attempt || bugtraq,29650 || cve,2008-1585
|
@@ -14604,7 +14605,7 @@
|
|
14604
14605
|
15582 || WEB-MISC ARJ format file download attempt
|
14605
14606
|
15583 || WEB-CLIENT F-Secure AntiVirus library heap overflow attempt || bugtraq,12515 || cve,2005-0350
|
14606
14607
|
15584 || SQL char and sysobjects - possible sql injection recon attempt || url,isc.sans.org/diary.html?storyid=3823
|
14607
|
-
15585 || WEB-CLIENT Excel file download request
|
14608
|
+
15585 || DELETED WEB-CLIENT Excel file download request
|
14608
14609
|
15586 || WEB-CLIENT Powerpoint file download request
|
14609
14610
|
15587 || WEB-CLIENT Word file download request
|
14610
14611
|
15588 || WEB-ACTIVEX Microsoft Video 1 ActiveX clsid access || cve,2008-0015 || url,www.microsoft.com/technet/security/Bulletin/MS09-032.mspx || url,www.microsoft.com/technet/security/advisory/972890.mspx
|
@@ -14692,14 +14693,14 @@
|
|
14692
14693
|
15670 || WEB-ACTIVEX Microsoft Video 6 ActiveX clsid access || bugtraq,35558 || cve,2008-0015 || cve,2009-0901 || url,www.microsoft.com/technet/security/Bulletin/MS09-032.mspx || url,www.microsoft.com/technet/security/Bulletin/MS09-037.mspx || url,www.microsoft.com/technet/security/Bulletin/MS09-060.mspx || url,www.microsoft.com/technet/security/advisory/972890.mspx
|
14693
14694
|
15671 || WEB-ACTIVEX Microsoft Video 6 ActiveX clsid unicode access || bugtraq,35558 || cve,2008-0015 || cve,2009-0901 || url,www.microsoft.com/technet/security/Bulletin/MS09-032.mspx || url,www.microsoft.com/technet/security/Bulletin/MS09-037.mspx || url,www.microsoft.com/technet/security/Bulletin/MS09-060.mspx || url,www.microsoft.com/technet/security/advisory/972890.mspx
|
14694
14695
|
15672 || WEB-ACTIVEX Microsoft Video 7 ActiveX clsid access || cve,2008-0015 || url,www.microsoft.com/technet/security/Bulletin/MS09-032.mspx || url,www.microsoft.com/technet/security/advisory/972890.mspx
|
14695
|
-
15673 || WEB-ACTIVEX Microsoft Video 7 ActiveX clsid unicode access || cve,2008-0015 || url,www.microsoft.com/technet/security/Bulletin/MS09-032.mspx || url,www.microsoft.com/technet/security/advisory/972890.mspx
|
14696
|
+
15673 || DELETED WEB-ACTIVEX Microsoft Video 7 ActiveX clsid unicode access || cve,2008-0015 || url,www.microsoft.com/technet/security/Bulletin/MS09-032.mspx || url,www.microsoft.com/technet/security/advisory/972890.mspx
|
14696
14697
|
15674 || WEB-ACTIVEX Microsoft Video 8 ActiveX clsid access || cve,2008-0015 || url,www.microsoft.com/technet/security/Bulletin/MS09-032.mspx || url,www.microsoft.com/technet/security/advisory/972890.mspx
|
14697
14698
|
15675 || WEB-ACTIVEX Microsoft Video 8 ActiveX clsid unicode access || cve,2008-0015 || url,www.microsoft.com/technet/security/Bulletin/MS09-032.mspx || url,www.microsoft.com/technet/security/advisory/972890.mspx
|
14698
14699
|
15676 || WEB-ACTIVEX Microsoft Video 9 ActiveX clsid access || cve,2008-0015 || url,www.microsoft.com/technet/security/Bulletin/MS09-032.mspx || url,www.microsoft.com/technet/security/advisory/972890.mspx
|
14699
14700
|
15677 || WEB-ACTIVEX Microsoft Video 9 ActiveX clsid unicode access || cve,2008-0015 || url,www.microsoft.com/technet/security/Bulletin/MS09-032.mspx || url,www.microsoft.com/technet/security/advisory/972890.mspx
|
14700
14701
|
15678 || SPECIFIC-THREATS Microsoft DirectShow ActiveX exploit via JavaScript || cve,2008-0015 || url,www.microsoft.com/technet/security/advisory/972890.mspx || url,www.microsoft.com/technet/security/bulletin/ms09-032.mspx
|
14701
14702
|
15679 || SPECIFIC-THREATS Microsoft DirectShow ActiveX exploit via JavaScript - unicode encoding || cve,2008-0015 || url,www.microsoft.com/technet/security/advisory/972890.mspx || url,www.microsoft.com/technet/security/bulletin/ms09-032.mspx
|
14702
|
-
15684 ||
|
14703
|
+
15684 || EXPLOIT Multiple product snews uri handling code execution attempt || bugtraq,25053 || bugtraq,25945 || cve,2007-3845 || cve,2007-3896 || cve,2007-4041 || url,www.microsoft.com/technet/security/advisory/943521.mspx || url,www.microsoft.com/technet/security/bulletin/ms07-057.mspx
|
14703
14704
|
15696 || DELETED SPECIFIC-THREATS Mozilla Firefox 3.5 TraceMonkey JavaScript engine uninitialized memory corruption attempt || bugtraq,35660 || cve,2009-2477 || url,www.kb.cert.org/vuls/id/443060
|
14704
14705
|
15697 || WEB-CLIENT Generic javascript obfuscation attempt || bugtraq,35660
|
14705
14706
|
15698 || WEB-CLIENT Possible generic javascript heap spray attempt || bugtraq,35660
|
@@ -14767,7 +14768,7 @@
|
|
14767
14768
|
15889 || EXPLOIT SAPLPD 0x32 command buffer overflow attempt || bugtraq,27613 || cve,2008-0621
|
14768
14769
|
15890 || EXPLOIT SAPLPD 0x33 command buffer overflow attempt || bugtraq,27613 || cve,2008-0621
|
14769
14770
|
15891 || EXPLOIT SAPLPD 0x34 command buffer overflow attempt || bugtraq,27613 || cve,2008-0621
|
14770
|
-
15892 ||
|
14771
|
+
15892 || DOS SAPLPD 0x53 command denial of service attempt || bugtraq,27613 || cve,2008-0621
|
14771
14772
|
15893 || WEB-CLIENT fCreateShellLink function use - potential attack || bugtraq,29792 || cve,2008-2959
|
14772
14773
|
15894 || SPECIFIC-THREATS Microsoft Color Management Module remote code execution attempt || cve,2005-1219 || url,www.microsoft.com/technet/security/bulletin/ms05-016.mspx
|
14773
14774
|
15895 || DELETED CHAT Pidgin MSN P2P message 64bit integer overflow attempt || bugtraq,35067 || cve,2009-1376 || cve,2009-2694
|
@@ -14785,7 +14786,7 @@
|
|
14785
14786
|
15907 || EXPLOIT Linux Kernel DCCP Protocol Handler dccp_setsockopt_change integer overflow attempt || bugtraq,30704 || cve,2008-3276
|
14786
14787
|
15908 || WEB-MISC Trend Micro OfficeScan multiple CGI modules HTTP form processing buffer overflow attempt || cve,2008-3862
|
14787
14788
|
15909 || WEB-CLIENT Apple QuickTime VR Track Header Atom heap corruption attempt || bugtraq,33384 || cve,2009-0002 || url,support.apple.com/kb/HT3403
|
14788
|
-
15910 ||
|
14789
|
+
15910 || EXPLOIT Microsoft Internet Explorer getElementById object corruption || bugtraq,30614 || cve,2008-2254 || url,www.microsoft.com/technet/security/Bulletin/MS08-045.mspx
|
14789
14790
|
15911 || NETBIOS DCERPC NCACN-IP-TCP spoolss RouteRefreshPrinterChangeNotification attempt || cve,2007-2446
|
14790
14791
|
15921 || WEB-CLIENT Microsoft media format file download request
|
14791
14792
|
15922 || WEB-CLIENT mp3 file download request
|
@@ -14825,7 +14826,6 @@
|
|
14825
14826
|
15956 || ORACLE http Server mod_access restriction bypass attempt || bugtraq,13418 || cve,2005-1383
|
14826
14827
|
15957 || WEB-CLIENT Sophos Anti-Virus zip file handling DoS attempt || bugtraq,14270 || cve,2005-1530
|
14827
14828
|
15958 || WEB-MISC Novell ZENworks Remote Management overflow attempt || bugtraq,13678 || cve,2005-1543
|
14828
|
-
15959 || SPECIFIC-THREATS Microsoft ASP.NET viewstate DoS attempt || cve,2005-1665
|
14829
14829
|
15960 || SPECIFIC-THREATS Novell eDirectory MS-DOS device name DoS attempt || cve,2005-1729
|
14830
14830
|
15961 || SPECIFIC-THREATS 3Com Network Supervisor directory traversal attempt || bugtraq,14715 || cve,2005-2020
|
14831
14831
|
15962 || SPECIFIC-THREATS Sybase EAServer WebConsole overflow attempt || bugtraq,14287 || cve,2005-2297
|
@@ -14851,8 +14851,8 @@
|
|
14851
14851
|
15987 || WEB-MISC Microsoft Visio DXF file download request
|
14852
14852
|
15988 || SPECIFIC-THREATS Microsoft ISA Server DNS spoofing attempt || bugtraq,11605 || cve,2004-0892
|
14853
14853
|
15989 || EXPLOIT Squid ASN.1 header parsing denial of service attempt || bugtraq,11385 || cve,2004-0918
|
14854
|
-
15990 || WEB-MISC
|
14855
|
-
15991 ||
|
14854
|
+
15990 || WEB-MISC Multiple Vendor server file disclosure attempt || bugtraq,11245 || bugtraq,19106 || cve,2004-0928 || cve,2006-3853
|
14855
|
+
15991 || DOS Multiple vendor DNS message decompression denial of service attempt || bugtraq,13729 || cve,2005-0036
|
14856
14856
|
15992 || SPECIFIC-THREATS Trend Micro Products Antivirus Library overflow attempt || bugtraq,12643 || cve,2005-0533
|
14857
14857
|
15993 || SPECIFIC-THREATS Adobe Flash Player ActionScript intrf_count integer overflow attempt || bugtraq,35907 || cve,2009-1869
|
14858
14858
|
15994 || SPECIFIC-THREATS Squid strListGetItem denial of service attempt || bugtraq,36091 || cve,2009-2855
|
@@ -14868,7 +14868,7 @@
|
|
14868
14868
|
16005 || SPECIFIC-THREATS Mozilla browsers JavaScript argument passing code execution attempt || bugtraq,22694 || cve,2007-0777
|
14869
14869
|
16006 || SPECIFIC-THREATS Quicktime color table id memory corruption attempt || bugtraq,22839 || cve,2007-0718 || url,docs.info.apple.com/article.html?artnum=305149
|
14870
14870
|
16007 || SPECIFIC-THREATS Microsoft Internet Explorer colgroup tag uninitialized memory exploit attempt || bugtraq,23771 || cve,2007-0944 || url,www.microsoft.com/technet/security/bulletin/ms07-027.mspx
|
14871
|
-
16008 ||
|
14871
|
+
16008 || WEB-MISC Microsoft Internet Explorer 7 html object memory corruption attempt || cve,2007-0947
|
14872
14872
|
16009 || SPECIFIC-THREATS Mozilla products overflow event handling memory corruption attempt || bugtraq,24376 || cve,2007-2876
|
14873
14873
|
16010 || SPECIFIC-THREATS Microsoft Internet Explorer Javascript Page update race condition attempt || bugtraq,24283 || cve,2007-3091
|
14874
14874
|
16011 || SPECIFIC-THREATS Microsoft Internet Explorer CSS property method handling memory corruption attempt || bugtraq,23769 || cve,2007-0945
|
@@ -14895,9 +14895,9 @@
|
|
14895
14895
|
16032 || WEB-CLIENT Microsoft Internet Explorer HTML Decoding memory corruption attempt || bugtraq,18309 || cve,2006-2382
|
14896
14896
|
16033 || SPECIFIC-THREATS Microsoft Internet Explorer compressed content attempt || bugtraq,19987 || cve,2006-3873
|
14897
14897
|
16034 || SPECIFIC-THREATS Samba spools RPC smb_io_notify_option_type_data request handling buffer overflow attempt || cve,2007-2446
|
14898
|
-
16035 ||
|
14899
|
-
16036 ||
|
14900
|
-
16037 ||
|
14898
|
+
16035 || WEB-CLIENT Microsoft Internet Explorer createTextRange code execution attempt || bugtraq,17196 || cve,2006-1359
|
14899
|
+
16036 || WEB-CLIENT Mozilla Products QueryInterface method memory corruption attempt || bugtraq,16476 || cve,2006-0295
|
14900
|
+
16037 || WEB-CLIENT Mozilla products graphics and XML features integer overflows attempt || bugtraq,16476 || cve,2006-0297
|
14901
14901
|
16038 || MISC Mozilla Thunderbird WYSIWIG engine filtering IFRAME JavaScript execution attempt || bugtraq,16770 || cve,2006-0884
|
14902
14902
|
16039 || MISC EMC Dantz Retrospect Backup Agent denial of service attempt || cve,2006-0995
|
14903
14903
|
16040 || EXPLOIT SpamAssassin spamd vpopmail and paranoid options code execution attempt || bugtraq,18290 || cve,2006-2447
|
@@ -14915,7 +14915,7 @@
|
|
14915
14915
|
16052 || WEB-CLIENT Novell iManager Tomcat http post handling DoS attempt || bugtraq,20841 || cve,2006-4517
|
14916
14916
|
16053 || WEB-CLIENT GNU tar PAX extended headers handling overflow attempt || bugtraq,16764 || cve,2006-0300
|
14917
14917
|
16054 || WEB-CLIENT Quicktime bitmap multiple header overflow || bugtraq,17953 || cve,2006-2238
|
14918
|
-
16055 ||
|
14918
|
+
16055 || WEB-CLIENT Apple iTunes AAC file handling integer overflow attempt || bugtraq,18730 || cve,2006-1467
|
14919
14919
|
16056 || WEB-MISC Symantec Scan Engine authentication bypass attempt || bugtraq,17637 || cve,2006-0230
|
14920
14920
|
16057 || SPECIFIC-THREATS sendmail smtp timeout buffer overflow attempt || bugtraq,17192 || cve,2006-0058
|
14921
14921
|
16058 || SPECIFIC-THREATS Samba WINS Server Name Registration handling stack buffer overflow attempt || bugtraq,26455 || cve,2007-5398
|
@@ -15161,7 +15161,7 @@
|
|
15161
15161
|
16406 || WEB-MISC JPEG file download attempt
|
15162
15162
|
16407 || WEB-MISC JPEG file download attempt
|
15163
15163
|
16424 || WEB-ACTIVEX Windows Script Host Shell Object ActiveX clsid access || url,www.exploit-db.com/exploits/11457
|
15164
|
-
16425 || WEB-CLIENT Portable Executable binary file
|
15164
|
+
16425 || WEB-CLIENT request for Portable Executable binary file || url,www.microsoft.com/whdc/system/platform/firmware/PECOFF.mspx
|
15165
15165
|
16426 || WEB-MISC Sun Java System Web Server 7.0 WebDAV format string exploit attempt - PROPFIND method || bugtraq,37910 || cve,2010-0388
|
15166
15166
|
16427 || WEB-MISC Sun Java System Web Server 7.0 WebDAV format string exploit attempt - LOCK method || bugtraq,37910 || cve,2010-0388
|
15167
15167
|
16428 || EXPLOIT Microsoft Outlook Express and Windows Mail NNTP handling buffer overflow attempt || cve,2007-3897 || url,www.microsoft.com/technet/security/Bulletin/MS07-056.mspx
|
@@ -15180,7 +15180,7 @@
|
|
15180
15180
|
16441 || BOTNET-CNC Possible Zeus User-Agent - Download || url,en.wikipedia.org/wiki/Zeus_(trojan_horse)
|
15181
15181
|
16442 || BOTNET-CNC Possible Zeus User-Agent - Mozilla || url,en.wikipedia.org/wiki/Zeus_(trojan_horse)
|
15182
15182
|
16443 || CHAT deny Gmail chat DNS request
|
15183
|
-
16444 || SPECIFIC-
|
15183
|
+
16444 || SPECIFIC-THREATS HP StorageWorks storage mirroring double take service code execution attempt || cve,2008-1661 || url,h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01362558
|
15184
15184
|
16445 || SPECIFIC-THREATS Digium Asterisk IAX2 ack response denial of service attempt || bugtraq,28901 || cve,2008-1897 || url,downloads.digium.com/pub/security/AST-2008-006.html
|
15185
15185
|
16446 || RPC portmap Solaris sadmin tcp request || bugtraq,31751 || cve,2008-4556
|
15186
15186
|
16447 || RPC portmap Solaris sadmin udp request || bugtraq,31751 || cve,2008-4556
|
@@ -15225,7 +15225,7 @@
|
|
15225
15225
|
16500 || NETBIOS DCERPC NCACN-IP-TCP dns R_DnssrvEnumRecords overflow attempt || bugtraq,23470 || cve,2007-1748 || url,www.microsoft.com/technet/security/Bulletin/MS07-029.mspx
|
15226
15226
|
16501 || WEB-CLIENT Mozilla Firefox WOFF font processing integer overflow attempt - TrueType || bugtraq,38298 || cve,2010-1028 || url,www.kb.cert.org/vuls/id/964549
|
15227
15227
|
16502 || WEB-CLIENT Mozilla Firefox WOFF font processing integer overflow attempt - CFF-based || bugtraq,38298 || cve,2010-1028 || url,www.kb.cert.org/vuls/id/964549
|
15228
|
-
16513 || SQL Jive Software Openfire Jabber Server SQL injection attempt || bugtraq,32189 || cve,2008-6509
|
15228
|
+
16513 || SQL Jive Software Openfire Jabber Server SQL injection attempt || bugtraq,32189 || cve,2008-6508 || cve,2008-6509 || cve,2008-6510
|
15229
15229
|
16514 || CHAT Trillian AIM XML tag handling heap buffer overflow attempt || bugtraq,32645 || cve,2008-5403 || url,dev.aol.com/aim/oscar/
|
15230
15230
|
16515 || SMTP Novell Groupwise Internet Agent RCPT command overflow attempt || bugtraq,33560 || cve,2009-0410
|
15231
15231
|
16516 || ORACLE Database sys.olapimpl_t package odcitablestart overflow attempt || cve,2008-3974
|
@@ -15233,7 +15233,7 @@
|
|
15233
15233
|
16518 || WEB-CLIENT Free Download Manager .torrent parsing announce overflow attempt || bugtraq,33555 || cve,2009-0184
|
15234
15234
|
16519 || WEB-CLIENT Free Download Manager .torrent parsing name overflow attempt || bugtraq,33555 || cve,2009-0184
|
15235
15235
|
16520 || WEB-CLIENT Free Download Manager .torrent parsing path overflow attempt || bugtraq,33555 || cve,2009-0184
|
15236
|
-
16521 || WEB-CLIENT Squid Proxy http version number overflow attempt || bugtraq,33604 || cve,2009-
|
15236
|
+
16521 || WEB-CLIENT Squid Proxy http version number overflow attempt || bugtraq,33604 || cve,2009-0478
|
15237
15237
|
16522 || WEB-CLIENT Novell QuickFinder server cross-site-scripting attempt || cve,2009-0611
|
15238
15238
|
16523 || POLICY PDF with click-to-launch executable || url,blog.didierstevens.com/2010/03/29/escape-from-pdf/ || url,blogs.adobe.com/adobereader/2010/04/didier_stevens_launch_function.html
|
15239
15239
|
16524 || FTP ProFTPD username sql injection attempt || bugtraq,33722 || cve,2009-0542
|
@@ -15748,7 +15748,7 @@
|
|
15748
15748
|
17100 || WEB-ACTIVEX CommuniCrypt Mail ANSMTP.dll/AOSMTP.dll ActiveX clsid unicode access || url,osvdb.org/show/osvdb/64839
|
15749
15749
|
17101 || WEB-ACTIVEX CommuniCrypt Mail ANSMTP.dll/AOSMTP.dll ActiveX function call access || url,osvdb.org/show/osvdb/64839
|
15750
15750
|
17102 || WEB-ACTIVEX CommuniCrypt Mail ANSMTP.dll/AOSMTP.dll ActiveX function call unicode access || url,osvdb.org/show/osvdb/64839
|
15751
|
-
17103 || WEB-IIS IIS 5.1 alternate data stream authentication bypass attempt ||
|
15751
|
+
17103 || WEB-IIS IIS 5.1 alternate data stream authentication bypass attempt || cve,2010-2731 || url,www.microsoft.com/technet/security/bulletin/MS10-065.mspx
|
15752
15752
|
17104 || WEB-CLIENT FeedDemon OPML file handling buffer overflow attempt || bugtraq,33630 || cve,2009-0546
|
15753
15753
|
17105 || WEB-CLIENT FeedDemon unicode OPML file handling buffer overflow attempt || bugtraq,33630 || cve,2009-0546
|
15754
15754
|
17106 || WEB-MISC download of RMF file - potentially malicious || bugtraq,39077 || cve,2010-0842
|
@@ -15803,4 +15803,908 @@
|
|
15803
15803
|
17206 || RPC Multiple vendors librpc.dll stack buffer overflow attempt - tcp || bugtraq,38472 || cve,2009-2754
|
15804
15804
|
17207 || EXPLOIT IBM Cognos Server backdoor account remote code execution attempt || bugtraq,38084 || cve,2010-0557
|
15805
15805
|
17208 || EXPLOIT Squid Proxy HTCP packet processing denial of service attempt || bugtraq,38212 || cve,2010-0639
|
15806
|
-
17209 || SQL IBM DB2 DATABASE SERVER SQL REPEAT Buffer Overflow || bugtraq,37976
|
15806
|
+
17209 || SQL IBM DB2 DATABASE SERVER SQL REPEAT Buffer Overflow || bugtraq,37976 || cve,2010-0462
|
15807
|
+
17210 || POLICY Portable Executable binary file transfer over SMB
|
15808
|
+
17211 || WEB-CLIENT Quicktime marshaled punk remote code execution || cve,2010-1818
|
15809
|
+
17212 || WEB-CLIENT Mozilla Firefox JavaScript eval arbitrary code execution attempt || cve,2005-1532 || url,secunia.com/advisories/15528/
|
15810
|
+
17213 || WEB-CLIENT Mozilla Firefox Chrome Page Loading Restriction Bypass attempt || cve,2005-2706 || url,secunia.com/advisories/16911/
|
15811
|
+
17214 || SPECIFIC-THREATS Adobe Reader and Acrobat libtiff TIFFFetchShortPair stack buffer overflow attempt || cve,2006-3459 || cve,2010-0188
|
15812
|
+
17215 || SPECIFIC-THREATS Adobe Reader and Acrobat libtiff TIFFFetchShortPair stack buffer overflow attempt || cve,2006-3459 || cve,2010-0188
|
15813
|
+
17216 || WEB-CLIENT Apple Safari TABLE tag with large CELLSPACING attribute exploit attempt || bugtraq,17634 || cve,2006-1986
|
15814
|
+
17217 || WEB-CLIENT Apple Safari invalid FRAME tag remote code execution attempt || bugtraq,17634 || cve,2006-1987
|
15815
|
+
17218 || WEB-CLIENT Apple Safari LI tag with large VALUE attribute exploit attempt || bugtraq,17634 || cve,2006-1988
|
15816
|
+
17219 || SPECIFIC-THREATS Firefox domain name handling buffer overflow attempt || bugtraq,14784 || cve,2005-2871
|
15817
|
+
17220 || SPECIFIC-THREATS Firefox domain name handling buffer overflow attempt || bugtraq,14784 || cve,2005-2871
|
15818
|
+
17221 || SPECIFIC-THREATS Firefox domain name handling buffer overflow attempt || bugtraq,14784 || cve,2005-2871
|
15819
|
+
17222 || SPECIFIC-THREATS Firefox domain name handling buffer overflow attempt || bugtraq,14784 || cve,2005-2871
|
15820
|
+
17223 || SPECIFIC-THREATS Adobe Flash Player navigateToURL cross-site scripting attempt || bugtraq,26960 || cve,2007-6244
|
15821
|
+
17224 || SMTP McAfee WebShield SMTP bounce message format string attempt || bugtraq,16742 || cve,2006-0559
|
15822
|
+
17225 || SPECIFIC-THREATS Alt-N MDaemon WorldClient invalid user || cve,2008-2631
|
15823
|
+
17226 || WEB-ACTIVEX AXIS Camera ActiveX initialization via script || bugtraq,33408 || cve,2008-5260
|
15824
|
+
17227 || WEB-CLIENT Microsoft Excel sheet name memory corruption attempt || bugtraq,24691 || cve,2007-3490
|
15825
|
+
17228 || SPECIFIC-THREATS Microsoft Windows Media Player skin decompression code execution attempt || bugtraq,25307 || cve,2007-3035
|
15826
|
+
17229 || WEB-CLIENT Tiff file download - little-endian
|
15827
|
+
17230 || WEB-CLIENT Tiff file download - big-endian
|
15828
|
+
17231 || WEB-CLIENT Microsoft Kodak Imaging small offset malformed tiff - little-endian || cve,2007-2217 || url,www.microsoft.com/technet/security/Bulletin/MS07-055.mspx
|
15829
|
+
17232 || WEB-CLIENT Microsoft Kodak Imaging large offset malformed tiff - big-endian || cve,2007-2217 || url,www.microsoft.com/technet/security/Bulletin/MS07-055.mspx
|
15830
|
+
17233 || SPECIFIC-THREATS Adobe Reader and Acrobat TTF SING table parsing remote code execution attempt || cve,2010-2883 || url,www.adobe.com/support/security/advisories/apsa10-02.html
|
15831
|
+
17234 || SPECIFIC-THREATS VBMania mass mailing worm activity || url,www.virustotal.com/file-scan/report.html?id=fedb7b404754cf85737fb7e50f33324b84eb4c0b98024c7d3302039a901b04b7-1284133892
|
15832
|
+
17235 || SPECIFIC-THREATS VBMania mass mailing worm download attempt || url,www.virustotal.com/file-scan/report.html?id=fedb7b404754cf85737fb7e50f33324b84eb4c0b98024c7d3302039a901b04b7-1284133892
|
15833
|
+
17236 || WEB-CLIENT Mozilla Firefox nsPropertyTable PropertyList memory corruption attempt || cve,2009-3070 || url,secunia.com/advisories/36671/
|
15834
|
+
17237 || DELETED WEB-CLIENT XBM file download
|
15835
|
+
17238 || WEB-CLIENT ACD Systems ACDSee Products XBM file handling buffer overflow attempt || bugtraq,37685 || url,osvdb.org/show/osvdb/63643
|
15836
|
+
17239 || IMAP Alt-N MDaemon IMAP server CREATE command buffer overflow attempt || bugtraq,14315
|
15837
|
+
17240 || IMAP Alt-N MDaemon IMAP server CREATE command buffer overflow attempt || bugtraq,14315
|
15838
|
+
17241 || WEB-CLIENT Microsoft wmv file download request
|
15839
|
+
17243 || EXPLOIT MIT Kerberos V5 krb5_recvauth double free attempt || bugtraq,14239 || cve,2005-1689
|
15840
|
+
17244 || SPECIFIC-THREATS Antivirus ACE file handling buffer overflow attempt || cve,2005-2385 || cve,2005-2720
|
15841
|
+
17245 || WEB-CLIENT Mozilla Firefox image dragging exploit attempt || cve,2005-0230
|
15842
|
+
17246 || DELETED SPECIFIC-THREATS Multiple vendor Antivirus magic byte detection evasion attempt || cve,2005-3370 || cve,2005-3371 || cve,2005-3372 || cve,2005-3373 || cve,2005-3374 || cve,2005-3375 || cve,2005-3376 || cve,2005-3377 || cve,2005-3378 || cve,2005-3379 || cve,2005-3380 || cve,2005-3381 || cve,2005-3382
|
15843
|
+
17247 || DELETED SPECIFIC-THREATS Multiple vendor Antivirus magic byte detection evasion attempt || cve,2005-3370 || cve,2005-3371 || cve,2005-3372 || cve,2005-3373 || cve,2005-3374 || cve,2005-3375 || cve,2005-3376 || cve,2005-3377 || cve,2005-3378 || cve,2005-3379 || cve,2005-3380 || cve,2005-3381 || cve,2005-3382
|
15844
|
+
17248 || DELETED SPECIFIC-THREATS Multiple vendor Antivirus magic byte detection evasion attempt || cve,2005-3370 || cve,2005-3371 || cve,2005-3372 || cve,2005-3373 || cve,2005-3374 || cve,2005-3375 || cve,2005-3376 || cve,2005-3377 || cve,2005-3378 || cve,2005-3379 || cve,2005-3380 || cve,2005-3381 || cve,2005-3382
|
15845
|
+
17257 || SPECIFIC-THREATS Adobe Flash Player and Reader remote code execution attempt || cve,2010-2884 || url,www.adobe.com/support/security/advisories/apsa10-03.html
|
15846
|
+
17258 || WEB-CLIENT Mozilla Firefox XUL tree element code execution attempt || bugtraq,34181 || cve,2009-1044
|
15847
|
+
17259 || WEB-CLIENT .mov file request
|
15848
|
+
17260 || SPECIFIC-THREATS Mozilla Firefox Javascript contentWindow in an iframe exploit attempt || bugtraq,17671 || cve,2006-1993
|
15849
|
+
17261 || WEB-CLIENT Microsoft Internet Explorer createTextRange code execution attempt || bugtraq,17196 || cve,2006-1359
|
15850
|
+
17262 || WEB-CLIENT Microsoft Internet Explorer createTextRange code execution attempt || bugtraq,17196 || cve,2006-1359
|
15851
|
+
17263 || SPECIFIC-THREATS Microsoft Internet Explorer createTextRange code execution attempt || bugtraq,17196 || cve,2006-1359
|
15852
|
+
17264 || ORACLE Permission declaration exploit attempt || bugtraq,38115 || cve,2010-0866
|
15853
|
+
17265 || WEB-CLIENT Mozilla Firefox plugin access control bypass attempt || bugtraq,12655 || cve,2005-0527
|
15854
|
+
17266 || SPECIFIC-THREATS Multiple vendor malformed ZIP archive Antivirus detection bypass attempt || bugtraq,12793 || url,ftp.aerasec.de/pub/advisories/unfiltered-escape-sequences/unfiltered-escape-sequences.txt || url,lists.grok.org.uk/pipermail/full-disclosure/2005-March/032530.html
|
15855
|
+
17267 || SPECIFIC-THREATS Multiple vendor malformed ZIP archive Antivirus detection bypass attempt || bugtraq,12793 || url,ftp.aerasec.de/pub/advisories/unfiltered-escape-sequences/unfiltered-escape-sequences.txt || url,lists.grok.org.uk/pipermail/full-disclosure/2005-March/032530.html
|
15856
|
+
17268 || SPECIFIC-THREATS Mozilla Firefox sidebar panel arbitrary code execution attempt || bugtraq,12884 || cve,2005-0402
|
15857
|
+
17269 || TELNET Client env_opt_add Buffer Overflow attempt || bugtraq,12919 || cve,2005-0468
|
15858
|
+
17270 || ORACLE DBMS_METADATA Package SQL Injection attempt || cve,2005-1197
|
15859
|
+
17271 || WEB-CLIENT Microsoft Windows Web View script injection attempt || bugtraq,13248 || cve,2005-1191
|
15860
|
+
17272 || WEB-CLIENT RealNetworks RealPlayer AVI parsing buffer overflow attempt || bugtraq,13530 || cve,2005-2052
|
15861
|
+
17273 || SPECIFIC-THREATS MIT Kerberos V5 KDC krb5_unparse_name overflow attempt || cve,2005-1174 || url,secunia.com/advisories/16041/
|
15862
|
+
17274 || SPECIFIC-THREATS MIT Kerberos V5 KDC krb5_unparse_name overflow attempt || cve,2005-1175 || url,secunia.com/advisories/16041/
|
15863
|
+
17275 || SPECIFIC-THREATS Symantec Brightmail AntiSpam nested Zip handling denial of service attempt || bugtraq,14757 || url,ftp.symantec.com/public/english_us_canada/products/sba/sba_60x/updates/release_notes_p157.txt
|
15864
|
+
17276 || MISC Multiple vendor Antivirus magic byte detection evasion attempt || cve,2005-3370 || cve,2005-3371 || cve,2005-3372 || cve,2005-3373 || cve,2005-3374 || cve,2005-3375 || cve,2005-3376 || cve,2005-3377 || cve,2005-3378 || cve,2005-3379 || cve,2005-3380 || cve,2005-3381 || cve,2005-3382
|
15865
|
+
17277 || WEB-MISC Multiple vendor Antivirus magic byte detection evasion attempt || cve,2005-3370 || cve,2005-3371 || cve,2005-3372 || cve,2005-3373 || cve,2005-3374 || cve,2005-3375 || cve,2005-3376 || cve,2005-3377 || cve,2005-3378 || cve,2005-3379 || cve,2005-3380 || cve,2005-3381 || cve,2005-3382
|
15866
|
+
17278 || WEB-MISC Multiple vendor Antivirus magic byte detection evasion attempt || cve,2005-3370 || cve,2005-3371 || cve,2005-3372 || cve,2005-3373 || cve,2005-3374 || cve,2005-3375 || cve,2005-3376 || cve,2005-3377 || cve,2005-3378 || cve,2005-3379 || cve,2005-3380 || cve,2005-3381 || cve,2005-3382
|
15867
|
+
17279 || WEB-MISC Ipswitch Whatsup Small Business directory traversal attempt || bugtraq,15291 || cve,2005-1939
|
15868
|
+
17280 || WEB-MISC Ipswitch Whatsup Small Business directory traversal attempt || bugtraq,15291 || cve,2005-1939
|
15869
|
+
17281 || SPECIFIC-THREATS Panda Antivirus ZOO archive decompression buffer overflow attempt || cve,2005-3922
|
15870
|
+
17282 || MISC Panda Antivirus ZOO archive decompression buffer overflow attempt || cve,2005-3922
|
15871
|
+
17283 || SMTP Mercury Mail Transport System Buffer Overflow attempt || bugtraq,16396 || cve,2005-4411
|
15872
|
+
17284 || WEB-CLIENT Microsoft Office malformed routing slip code execution attempt || bugtraq,17000 || cve,2006-0009
|
15873
|
+
17285 || WEB-CLIENT Microsoft Powerpoint PPT file parsing memory corruption attempt || bugtraq,18993 || cve,2006-3656
|
15874
|
+
17286 || SPECIFIC-THREATS Microsoft Visual Basic for Applications document properties overflow attempt || bugtraq,19414 || cve,2006-3649
|
15875
|
+
17287 || IMAP Cisco IOS HTTP service HTML injection attempt || bugtraq,15602 || cve,2005-3921
|
15876
|
+
17288 || SPECIFIC-THREATS Adobe Acrobat font parsing integer overflow attempt || bugtraq,44203 || cve,2010-2862
|
15877
|
+
17289 || SPECIFIC-THREATS GNU gzip LZH decompression make_table overflow attempt || cve,2006-4335 || url,secunia.com/advisories/21996/
|
15878
|
+
17290 || WEB-CLIENT Quicktime Plug-In Security Bypass || bugtraq,20138 || cve,2006-4965
|
15879
|
+
17291 || POLICY base64-encoded uri data object found || url,tools.ietf.org/html/rfc2397
|
15880
|
+
17292 || WEB-CLIENT Microsoft Powerpoint malformed data record code execution attempt || bugtraq,20322 || cve,2006-3876
|
15881
|
+
17293 || ORACLE sdo_lrs.convert_to_lrs_layer buffer overflow attempt || bugtraq,20588 || cve,2006-5340
|
15882
|
+
17294 || DOS Microsoft Windows NAT Helper DNS query denial of service attempt || bugtraq,20804 || cve,2006-5614
|
15883
|
+
17295 || WEB-MISC Trend Micro OfficeScan Console authentication buffer overflow attempt || bugtraq,24641 || bugtraq,24935 || cve,2007-3454 || cve,2007-3455
|
15884
|
+
17296 || WEB-MISC Outlook Web Access XSRF attempt || cve,2010-3213 || url,www.microsoft.com/technet/security/advisory/2401593.mspx
|
15885
|
+
17297 || SPECIFIC-THREATS McAfee VirusScan on-access scanner long unicode filename handling buffer overflow attempt || bugtraq,23543 || url,knowledge.mcafee.com/SupportSite/dynamickc.do?externalId=612750&command=show&forward=nonthreadedKC
|
15886
|
+
17298 || MISC IBM Tivoli Monitoring Express Universal Agent Buffer Overflow || bugtraq,23558 || cve,2007-2137
|
15887
|
+
17299 || SPECIFIC-THREATS ISC BIND RRSIG query denial of service attempt || bugtraq,23738 || cve,2007-2241
|
15888
|
+
17301 || WEB-CLIENT Microsoft Word TextBox sub-document memory corruption attempt || bugtraq,23380 || cve,2007-1910
|
15889
|
+
17302 || DOS Linux kernel SCTP Unknown Chunk Types denial of service attempt || bugtraq,24376 || cve,2007-2876
|
15890
|
+
17303 || WEB-CLIENT Microsoft Internet Explorer clone object memory corruption attempt || bugtraq,26816 || cve,2007-3903
|
15891
|
+
17304 || WEB-CLIENT Microsoft Works file converter file section header index table stack overflow attempt || bugtraq,27658 || cve,2008-0105
|
15892
|
+
17305 || SPECIFIC-THREATS ClamAV libclamav PE file handling integer overflow attempt || cve,2008-0318
|
15893
|
+
17306 || SPECIFIC-THREATS Microsoft Malware Protection Engine file processing denial of service attempt || cve,2008-1437 || url,www.microsoft.com/technet/security/bulletin/MS08-029.mspx
|
15894
|
+
17307 || SPECIFIC-THREATS MS SQL Server INSERT Statement Buffer Overflow attempt || cve,2008-0106
|
15895
|
+
17308 || WEB-CLIENT Microsoft Word SmartTag record code execution attempt || bugtraq,30124 || cve,2008-2244
|
15896
|
+
17309 || SPECIFIC-THREATS CoolPlayer Playlist File Handling Buffer Overflow || bugtraq,30418 || cve,2008-3408
|
15897
|
+
17310 || SPECIFIC-THREATS Microsoft Powerpoint Viewer Memory Allocation Code Execution || bugtraq,30552 || cve,2008-0120
|
15898
|
+
17311 || SPECIFIC-THREATS Microsoft Internet Explorer CSS import cross-domain restriction bypass attempt || bugtraq,15660 || cve,2005-4089
|
15899
|
+
17312 || SPECIFIC-THREATS Microsoft Internet Explorer CSS import cross-domain restriction bypass attempt || bugtraq,15660 || cve,2005-4089
|
15900
|
+
17313 || ORACLE database server crafted view privelege escalation attempt || bugtraq,17246 || cve,2006-1705
|
15901
|
+
17314 || WEB-CLIENT OLE Document file download
|
15902
|
+
17315 || WEB-CLIENT OpenOffice OLE File Stream Buffer Overflow || bugtraq,28819 || cve,2008-0320
|
15903
|
+
17316 || WEB-CLIENT Microsoft Windows Folder GUID Code Execution attempt || bugtraq,19389 || cve,2006-3281
|
15904
|
+
17317 || SPECIFIC-THREATS OpenSSH sshd Identical Blocks DOS attempt || bugtraq,20216 || cve,2006-4924
|
15905
|
+
17318 || WEB-CLIENT Microsoft Powerpoint MCAtom remote code execution attempt || bugtraq,20495 || cve,2006-5296
|
15906
|
+
17319 || WEB-CLIENT Microsoft Powerpoint MCAtom remote code execution attempt || bugtraq,20495 || cve,2006-5296
|
15907
|
+
17320 || WEB-CLIENT Microsoft Powerpoint MCAtom remote code execution attempt || bugtraq,20495 || cve,2006-5296
|
15908
|
+
17321 || NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters name overflow attempt || bugtraq,25092 || cve,2007-6701 || url,support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5005400.html
|
15909
|
+
17322 || SHELLCODE x86 OS agnostic fnstenv geteip dword xor decoder
|
15910
|
+
17323 || SHELLCODE x86 OS agnostic fnstenv geteip dword xor decoder unescaped
|
15911
|
+
17324 || SHELLCODE x86 Linux reverse connect shellcode
|
15912
|
+
17325 || SHELLCODE x86 OS agnostic alpha numeric upper case decoder variant
|
15913
|
+
17326 || EXPLOIT Citrix Program Neighborhood Client buffer overflow attempt || bugtraq,15907 || cve,2005-3652
|
15914
|
+
17327 || IMAP Qualcomm WorldMail Server Response
|
15915
|
+
17328 || IMAP Qualcomm WorldMail IMAP Literal Token Parsing Buffer Overflow || bugtraq,15980 || cve,2005-4267
|
15916
|
+
17329 || FTP EPRT overflow attempt || bugtraq,15998 || cve,2005-4459
|
15917
|
+
17330 || WEB-CLIENT Microsoft Windows GRE WMF Handling Memory Read Exception attempt || bugtraq,16167 || cve,2006-0143
|
15918
|
+
17331 || POP3 Lotus Notes HTML Speed Reader Long URL buffer overflow attempt || bugtraq,16576 || cve,2005-2618
|
15919
|
+
17332 || SMTP Content-Disposition attachment
|
15920
|
+
17333 || SMTP Lotus Notes Attachment Viewer UUE file buffer overflow attempt || bugtraq,16576 || cve,2005-2618
|
15921
|
+
17334 || SPECIFIC-THREATS RealPlayer SWF Flash File buffer overflow attempt || bugtraq,17202 || cve,2006-0323
|
15922
|
+
17335 || SHELLCODE x86 OS agnostic fnstenv geteip byte xor decoder
|
15923
|
+
17336 || SHELLCODE x86 OS agnostic call geteip byte xor decoder
|
15924
|
+
17337 || SHELLCODE x86 Win32 export table enumeration variant
|
15925
|
+
17338 || SHELLCODE x86 Windows 32-bit SEH get EIP technique
|
15926
|
+
17339 || SHELLCODE x86 generic OS alpha numeric mixed case decoder
|
15927
|
+
17340 || SHELLCODE x86 OS agnostic alpha numeric upper case decoder
|
15928
|
+
17341 || SHELLCODE x86 OS agnostic alpha UTF8 tolower avoidance decoder
|
15929
|
+
17342 || SHELLCODE x86 OS agnostic unicode mixed case decoder
|
15930
|
+
17343 || SHELLCODE x86 OS agnostic unicode upper case decoder
|
15931
|
+
17344 || SHELLCODE x86 OS agnostic xor dword decoder
|
15932
|
+
17345 || SHELLCODE x86 OS agnostic dword additive feedback decoder
|
15933
|
+
17346 || SPECIFIC-THREATS IBM Lotus Notes Cross Site Scripting attempt || bugtraq,14164 || cve,2005-2175
|
15934
|
+
17347 || WEB-CLIENT Microsoft Windows Color Management Module buffer overflow attempt || bugtraq,14214 || cve,2005-1219
|
15935
|
+
17348 || WEB-CLIENT Microsoft Windows Color Management Module buffer overflow attempt || bugtraq,14214 || cve,2005-1219
|
15936
|
+
17349 || WEB-CLIENT Microsoft Windows Color Management Module buffer overflow attempt || bugtraq,14214 || cve,2005-1219
|
15937
|
+
17350 || ORACLE Application Server Forms Arbitrary System Command Execution Attempt || bugtraq,14319 || cve,2005-2372
|
15938
|
+
17351 || WEB-CLIENT Winamp ID3v2 Tag Handling Buffer Overflow attempt || bugtraq,14276 || cve,2005-2310
|
15939
|
+
17352 || EXPLOIT ClamAV CHM File Handling Integer Overflow attempt || bugtraq,14359 || cve,2005-2450
|
15940
|
+
17353 || EXPLOIT Sun Solaris printd Daemon Arbitrary File Deletion attempt || bugtraq,14510 || cve,2005-4797
|
15941
|
+
17354 || SPECIFIC-THREATS Apache Byte-Range Filter denial of service attempt || bugtraq,14660 || cve,2005-2728
|
15942
|
+
17355 || WEB-CLIENT Microsoft Internet Explorer JPEG Decoder Vulnerabilities attempt || bugtraq,14282 || cve,2005-2308
|
15943
|
+
17356 || EXPLOIT NOD32 Anti-Virus ARJ Archive Handling Buffer Overflow attempt || bugtraq,14773 || cve,2005-2903
|
15944
|
+
17357 || CHAT Gaim AIM-ICQ Protocol Handling Buffer Overflow attempt || bugtraq,14531 || cve,2005-2103
|
15945
|
+
17358 || EXPLOIT ClamAV UPX File Handling Buffer Overflow attempt || bugtraq,14866 || cve,2005-2920
|
15946
|
+
17359 || WEB-CLIENT xbm image file download request
|
15947
|
+
17360 || WEB-CLIENT Mozilla Firefox XBM image processing buffer overflow attempt || bugtraq,14916 || cve,2005-2701
|
15948
|
+
17361 || SPECIFIC-THREATS Adobe Acrobat Reader PDF Catalog Handling denial of service attempt || bugtraq,21910 || cve,2007-0104 || url,projects.info-pull.com/moab/MOAB-06-01-2007.html
|
15949
|
+
17362 || WEB-CLIENT Microsoft Excel IMDATA buffer overflow attempt || bugtraq,21856 || cve,2007-0027
|
15950
|
+
17363 || WEB-CLIENT Apple computer finder DMG volume name memory corruption || cve,2007-0197
|
15951
|
+
17364 || WEB-CLIENT Microsoft Help Workshop CNT Help contents
|
15952
|
+
17365 || WEB-CLIENT Microsoft Help Workshop CNT Help contents buffer overflow attempt || bugtraq,22100 || cve,2007-0352
|
15953
|
+
17366 || WEB-CLIENT Microsoft Help Workshop HPJ OPTIONS section buffer overflow attempt || bugtraq,22135 || cve,2007-0427
|
15954
|
+
17367 || FTP Microsoft Internet Explorer FTP Response Parsing Memory Corruption || bugtraq,22489 || cve,2007-0217
|
15955
|
+
17368 || WEB-CLIENT Microsoft Word document stream handling code execution attempt || bugtraq,25567 || cve,2007-0870
|
15956
|
+
17369 || IMAP MailEnable Service APPEND Command Handling Buffer Overflow || bugtraq,22792 || cve,2007-0494
|
15957
|
+
17370 || WEB-MISC Squid authentication headers handling denial of service attempt || bugtraq,14977 || cve,2005-2917
|
15958
|
+
17371 || WEB-MISC Squid authentication headers handling denial of service attempt || bugtraq,14977 || cve,2005-2917
|
15959
|
+
17372 || WEB-CLIENT Apple QuickTime udta atom parsing heap overflow vulnerability || bugtraq,22844 || cve,2007-0714
|
15960
|
+
17373 || SPECIFIC-THREATS QuickTime panorama atoms buffer overflow attempt || bugtraq,26342 || cve,2007-4675 || url,docs.info.apple.com/article.html?artnum=306896
|
15961
|
+
17374 || SPECIFIC-THREATS Microsoft Windows HLP File Handling heap overflow attempt || bugtraq,23382 || cve,2007-1912
|
15962
|
+
17375 || DELETED ORACLE dbms_snap_internal.delete_refresh_operations buffer overflow attempt || bugtraq,23532 || cve,2007-2126 || url,www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2007.html
|
15963
|
+
17376 || WEB-MISC IBM Lotus Expeditor cai URI handler command execution attempt || cve,2008-1965 || url,www-01.ibm.com/support/docview.wss?uid=swg21303813
|
15964
|
+
17377 || SPECIFIC-THREATS Microsoft excel Malformed Filter Records Handling Code Execution attempt || bugtraq,23780 || cve,2007-1214
|
15965
|
+
17378 || WEB-CLIENT Mozilla Firefox Animated PNG Processing integer overflow || cve,2008-4064
|
15966
|
+
17379 || WEB-CLIENT Mozilla Firefox Animated PNG Processing integer overflow || cve,2008-4064
|
15967
|
+
17380 || WEB-CLIENT PNG file download request
|
15968
|
+
17381 || SPECIFIC-THREATS Apple QuickTime PDAT Atom parsing buffer overflow attempt || cve,2008-3625 || url,support.apple.com/kb/HT3027
|
15969
|
+
17382 || SPECIFIC-THREATS Microsoft Project Invalid Memory Pointer Code Execution attempt || bugtraq,28607 || cve,2008-1088
|
15970
|
+
17383 || SPECIFIC-THREATS Microsoft Publisher Object Handler Validation Code Execution attempted || bugtraq,29158 || cve,2008-0119
|
15971
|
+
17384 || WEB-CLIENT Microsoft Internet Explorer setRequestHeader overflow attempt || bugtraq,28379 || cve,2008-1544
|
15972
|
+
17385 || WEB-CLIENT Microsoft Internet Explorer setRequestHeader overflow attempt || bugtraq,28379 || cve,2008-1544
|
15973
|
+
17386 || SPECIFIC-THREATS Lighttpd mod_fastcgi Extension CGI Variable Overwriting Vulnerability attempt || bugtraq,25622 || cve,2007-4727
|
15974
|
+
17387 || WEB-MISC Apache Tomcat allowLinking URIencoding directory traversal attempt || bugtraq,30633 || cve,2008-2938
|
15975
|
+
17388 || WEB-CLIENT OpenOffice EMF file EMR record parsing integer overflow attempt || cve,2008-2238 || url,www.openoffice.org/security/cves/CVE-2008-2238.html
|
15976
|
+
17389 || SPECIFIC-THREATS mozilla firefox DOMNodeRemoved attack attempt || bugtraq,18228 || cve,2006-2779
|
15977
|
+
17390 || DOS ClamAV Antivirus Function Denial of Service attempt || bugtraq,32555 || cve,2008-5314
|
15978
|
+
17391 || WEB-MISC Tomcat UNIX platform directory traversal || bugtraq,22960 || cve,2007-0450 || url,tomcat.apache.org/tomcat-6.0-doc/changelog.html
|
15979
|
+
17392 || SHELLCODE JavaScript var shellcode
|
15980
|
+
17393 || SHELLCODE JavaScript var heapspray
|
15981
|
+
17394 || WEB-CLIENT GIF file download request
|
15982
|
+
17395 || SPECIFIC-THREATS Sun Java Web Start Splashscreen GIF decoding buffer overflow attempt || cve,2008-2086
|
15983
|
+
17396 || EXPLOIT VNC client authentication response
|
15984
|
+
17397 || EXPLOIT VNCViewer Authenticate buffer overflow attempt || bugtraq,33568 || cve,2009-0388
|
15985
|
+
17398 || WEB-CLIENT Mozilla Firefox Javascript array.splice memory corruption attempt || bugtraq,33990 || cve,2009-0773
|
15986
|
+
17399 || WEB-CLIENT Mozilla Firefox Javascript array.splice memory corruption attempt || bugtraq,33990 || cve,2009-0773
|
15987
|
+
17400 || WEB-CLIENT rename of JavaScript unescape function - likely malware obfuscation
|
15988
|
+
17401 || SPECIFIC-THREATS Internet Explorer nested tag memory corruption attempt - unescaped || bugtraq,32721 || cve,2008-4844 || url,www.microsoft.com/technet/security/bulletin/ms08-078.mspx
|
15989
|
+
17402 || SPECIFIC-THREATS Internet Explorer nested tag memory corruption attempt || bugtraq,32721 || cve,2008-4844 || url,www.microsoft.com/technet/security/bulletin/ms08-078.mspx
|
15990
|
+
17403 || WEB-CLIENT OpenOffice RTF File parsing heap buffer overflow attempt || bugtraq,24450 || cve,2007-0245
|
15991
|
+
17404 || EXPLOIT Microsoft Word Converter XST structure buffer overflow attempt || cve,2008-4841 || url,www.microsoft.com/technet/security/bulletin/ms09-010.mspx
|
15992
|
+
17405 || EXPLOIT Microsoft Word Converter XST structure buffer overflow attempt || cve,2008-4841 || url,www.microsoft.com/technet/security/bulletin/ms09-010.mspx
|
15993
|
+
17406 || EXPLOIT Microsoft Word Converter XST structure buffer overflow attempt || cve,2008-4841 || url,www.microsoft.com/technet/security/bulletin/ms09-010.mspx
|
15994
|
+
17407 || WEB-CLIENT Windows help file download request || cve,2006-3357 || cve,2006-4138
|
15995
|
+
17408 || WEB-CLIENT Microsoft DirectX Targa image file heap overflow attempt || bugtraq,24963 || cve,2006-4183
|
15996
|
+
17409 || WEB-CLIENT Mozilla Products IDN Spoofing Vulnerability Attempt || bugtraq,12470 || cve,2005-0233
|
15997
|
+
17410 || WEB-MISC Generic HyperLink Buffer Overflow attempt || bugtraq,13045 || bugtraq,14195 || cve,2005-0057 || cve,2005-0986
|
15998
|
+
17411 || SPECIFIC-THREATS Microsoft Internet Explorer CDF cross-domain scripting attempt || bugtraq,12427 || cve,2005-0056 || url,www.microsoft.com/technet/security/bulletin/ms05-014.mspx
|
15999
|
+
17412 || MYSQL CREATE FUNCTION mysql.func Arbitrary Library Injection attempt || bugtraq,12781 || cve,2005-0710
|
16000
|
+
17413 || SPECIFIC-THREATS Microsoft Jet DB Engine Buffer Overflow attempt || bugtraq,12960 || cve,2005-0944
|
16001
|
+
17414 || SPECIFIC-THREATS Mozilla Firefox Javascript Engine Information Disclosure attempt || bugtraq,12998 || cve,2005-0989
|
16002
|
+
17415 || SPECIFIC-THREATS Mozilla Firefox Javascript Engine Information Disclosure attempt || bugtraq,12998 || cve,2005-0989
|
16003
|
+
17416 || ORACLE Database Intermedia Denial of Service Attempt || bugtraq,14935
|
16004
|
+
17417 || ORACLE Database Intermedia Denial of Service Attempt || bugtraq,14935
|
16005
|
+
17418 || ORACLE Oracle connection established
|
16006
|
+
17419 || ORACLE Oracle database SQL compiler read-only join auth bypass attempt || cve,2007-3855
|
16007
|
+
17420 || WEB-MISC Citrix Program Neighborhood Agent Arbitrary Shortcut Creation attempt || bugtraq,13379 || cve,2004-1077
|
16008
|
+
17421 || WEB-CLIENT Microsoft OLE automation string manipulation overflow attempt || bugtraq,25282 || cve,2007-2224
|
16009
|
+
17422 || SPECIFIC-THREATS Firefox defineSetter function pointer memory corruption attempt || bugtraq,35758 || cve,2009-2469
|
16010
|
+
17423 || WEB-MISC Citrix Program Neighborhood Agent Buffer Overflow attempt || bugtraq,13373 || cve,2004-1078
|
16011
|
+
17424 || SPECIFIC-THREATS Mozilla Firefox IconURL Arbitrary Javascript Execution attempt || bugtraq,13544 || cve,2005-1477
|
16012
|
+
17425 || SPECIFIC-THREATS RealPlayer ActiveX Import playlist name buffer overflow attempt || bugtraq,26130 || cve,2007-5601
|
16013
|
+
17426 || WEB-CLIENT RAT file download request
|
16014
|
+
17427 || SPECIFIC-THREATS Oracle database DBMS_Scheduler privilege escalation attempt || bugtraq,13509 || cve,2005-1496
|
16015
|
+
17430 || SPECIFIC-THREATS BitDefender Antivirus PDF processing memory corruption attempt || bugtraq,32396 || cve,2008-5409
|
16016
|
+
17431 || EXPLOIT Microsoft IIS SChannel improper certificate verification || cve,2009-0085 || url,www.microsoft.com/technet/security/bulletin/ms09-007.mspx
|
16017
|
+
17432 || WEB-MISC Squid Gopher protocol handling buffer overflow attempt || bugtraq,12276 || cve,2005-0094
|
16018
|
+
17433 || EXPLOIT Sun Solaris DHCP Client Arbitrary Code Execution attempt || bugtraq,14687 || cve,2005-2870
|
16019
|
+
17434 || WEB-CLIENT Mozilla Firefox Unicode sequence handling stack corruption attempt || bugtraq,14918 || cve,2005-2702
|
16020
|
+
17435 || NETBIOS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceList attempt || bugtraq,15065 || cve,2005-2120 || url,www.microsoft.com/technet/security/bulletin/ms05-047.mspx
|
16021
|
+
17436 || NETBIOS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceListSize attempt || bugtraq,15065 || cve,2005-2120 || url,www.microsoft.com/technet/security/bulletin/ms05-047.mspx
|
16022
|
+
17437 || NETBIOS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceList attempt || bugtraq,15065 || cve,2005-2120 || url,www.microsoft.com/technet/security/bulletin/ms05-047.mspx
|
16023
|
+
17438 || NETBIOS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceListSize attempt || bugtraq,15065 || cve,2005-2120 || url,www.microsoft.com/technet/security/bulletin/ms05-047.mspx
|
16024
|
+
17439 || EXPLOIT Microsoft Distributed Transaction Controller TIP DoS attempt || bugtraq,15058 || cve,2005-1979
|
16025
|
+
17440 || WEB-MISC RSA authentication agent for web redirect buffer overflow attempt || bugtraq,26424 || cve,2005-4734
|
16026
|
+
17441 || WEB-MISC .lnk file download attempt
|
16027
|
+
17442 || POLICY download of Windows .lnk file that executes cmd.exe detected || bugtraq,15069 || cve,2005-2122 || url,www.microsoft.com/technet/security/Bulletin/MS05-049.mspx
|
16028
|
+
17443 || WEB-CLIENT Microsoft DirectShow AVI decoder buffer overflow attempt || bugtraq,15063 || cve,2005-2128
|
16029
|
+
17444 || SPECIFIC-THREATS Firefox 3 xsl parsing heap overflow attempt || bugtraq,34235 || cve,2009-1169 || url,www.mozilla.org/security/announce/2009/mfsa2009-12.html
|
16030
|
+
17445 || SPECIFIC-THREATS Symantec Backup Exec System Recovery Manager unauthorized file upload attempt || cve,2008-0457 || url,seer.entsupport.symantec.com/docs/297171.htm
|
16031
|
+
17446 || SPECIFIC-THREATS Microsoft Internet Explorer FTP client directory traversal attempt || cve,2004-1376
|
16032
|
+
17447 || WEB-MISC 407 Proxy Authentication Required
|
16033
|
+
17448 || SPECIFIC-THREATS Microsoft Internet Explorer HTTPS proxy information disclosure vulnerability || cve,2005-2830 || url,www.microsoft.com/technet/security/Bulletin/MS05-054.mspx
|
16034
|
+
17449 || WEB-MISC Novell ZENworks patch management SQL injection attempt || bugtraq,15220 || cve,2005-3315
|
16035
|
+
17450 || WEB-MISC CommuniGate Systems CommuniGate Pro LDAP Server buffer overflow attempt || bugtraq,16407 || cve,2006-0468 || url,www.gleg.net/cg_advisory.txt
|
16036
|
+
17451 || DELETED WEB-MISC Sun Directory Server LDAP denial of service attempt || cve,2006-0647 || url,lists.immunitysec.com/pipermail/dailydave/2006-February/002914.html
|
16037
|
+
17452 || DELETED WEB-MISC Sun Directory Server LDAP denial of service attempt || cve,2006-0647 || url,lists.immunitysec.com/pipermail/dailydave/2006-February/002914.html
|
16038
|
+
17453 || DELETED WEB-MISC Sun Directory Server LDAP denial of service attempt || cve,2006-0647 || url,lists.immunitysec.com/pipermail/dailydave/2006-February/002914.html
|
16039
|
+
17454 || DELETED WEB-MISC Sun Directory Server LDAP denial of service attempt || cve,2006-0647 || url,lists.immunitysec.com/pipermail/dailydave/2006-February/002914.html
|
16040
|
+
17455 || DELETED WEB-MISC Sun Directory Server LDAP denial of service attempt || cve,2006-0647 || url,lists.immunitysec.com/pipermail/dailydave/2006-February/002914.html
|
16041
|
+
17456 || DELETED WEB-MISC Sun Directory Server LDAP denial of service attempt || cve,2006-0647 || url,lists.immunitysec.com/pipermail/dailydave/2006-February/002914.html
|
16042
|
+
17457 || WEB-CLIENT Macromedia Flash ActionDefineFunction memory access vulnerability exploit attempt || bugtraq,15334 || cve,2005-2628
|
16043
|
+
17458 || WEB-CLIENT BitDefender Internet Security script code execution attempt || cve,2009-0850
|
16044
|
+
17459 || WEB-CLIENT BitDefender Internet Security script code execution attempt || cve,2009-0850
|
16045
|
+
17460 || WEB-CLIENT BitDefender Internet Security script code execution attempt || cve,2009-0850
|
16046
|
+
17461 || SPECIFIC-THREATS RealNetworks RealPlayer zipped skin file buffer overflow attempt || bugtraq,15382 || cve,2005-2630
|
16047
|
+
17462 || WEB-CLIENT Microsoft Internet Explorer marquee object handling memory corruption attempt || cve,2009-0554 || url,www.microsoft.com/technet/security/bulletin/ms09-014.mspx
|
16048
|
+
17463 || SPECIFIC-THREATS Internet Explorer File Download Dialog Box Manipulation || bugtraq,15823 || cve,2005-2829 || url,www.microsoft.com/technet/security/Bulletin/MS05-054.mspx
|
16049
|
+
17464 || WEB-ACTIVEX AOL Radio AmpX ActiveX clsid access || bugtraq,26396 || cve,2007-5755
|
16050
|
+
17465 || WEB-ACTIVEX AOL Radio AmpX ActiveX clsid unicode access || bugtraq,26396 || cve,2007-5755
|
16051
|
+
17466 || SPECIFIC-THREATS IBM Lotus Domino Web Access 7 ActiveX exploit attempt || bugtraq,26972 || cve,2007-4474
|
16052
|
+
17467 || WEB-CLIENT Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt || bugtraq,25945 || cve,2007-3896 || url,www.microsoft.com/technet/security/advisory/943521.mspx || url,www.microsoft.com/technet/security/bulletin/ms07-057.mspx
|
16053
|
+
17468 || WEB-CLIENT Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt || bugtraq,25945 || cve,2007-3896 || url,www.microsoft.com/technet/security/advisory/943521.mspx || url,www.microsoft.com/technet/security/bulletin/ms07-057.mspx
|
16054
|
+
17469 || SPECIFIC-THREATS Mplayer Real Demuxer stream_read heap overflow attempt || bugtraq,31473 || cve,2008-3827
|
16055
|
+
17470 || SPECIFIC-THREATS Apple QuickTime STSD JPEG atom heap corruption attempt || bugtraq,33390 || cve,2009-0007
|
16056
|
+
17471 || SPECIFIC-THREATS Adobe Acrobat JavaScript getIcon method buffer overflow attempt || bugtraq,34169 || cve,2009-0927
|
16057
|
+
17472 || SPECIFIC-THREATS Adobe Acrobat JavaScript getIcon method buffer overflow attempt || bugtraq,34169 || cve,2009-0927
|
16058
|
+
17473 || ORACLE DBMS_CDC_SUBSCRIBE.EXTEND_WINDOW arbitrary command execution attempt || bugtraq,13236 || cve,2005-1197
|
16059
|
+
17474 || ORACLE DBMS_CDC_SUBSCRIBE.CREATE_SUBSCRIPTION arbitrary command execution attempt || bugtraq,13236 || cve,2005-1197
|
16060
|
+
17475 || ORACLE DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION arbitrary command execution attempt || bugtraq,13236 || cve,2005-1197
|
16061
|
+
17476 || ORACLE DBMS_CDC_SUBSCRIBE.PURGE_WINDOW arbitrary command execution attempt || bugtraq,13236 || cve,2005-1197
|
16062
|
+
17477 || ORACLE DBMS_CDC_SUBSCRIBE.DROP_SUBSCRIPTION arbitrary command execution attempt || bugtraq,13236 || cve,2005-1197
|
16063
|
+
17478 || ORACLE DBMS_CDC_SUBSCRIBE.SUBSCRIBE arbitrary command execution attempt || bugtraq,13236 || cve,2005-1197
|
16064
|
+
17479 || ORACLE DBMS_CDC_ISUBSCRIBE.SUBSCRIBE arbitrary command execution attempt || bugtraq,13236 || cve,2005-1197
|
16065
|
+
17480 || ORACLE DBMS_CDC_ISUBSCRIBE.CREATE_SUBSCRIPTION arbitrary command execution attempt || bugtraq,13236 || cve,2005-1197
|
16066
|
+
17481 || SPECIFIC-THREATS Microsoft Exchange and Outlook TNEF Decoding Integer Overflow attempt || bugtraq,16197 || cve,2006-0002
|
16067
|
+
17482 || WEB-CLIENT Mozilla NNTP URL Handling Buffer Overflow attempt || bugtraq,12131 || cve,2004-1316
|
16068
|
+
17483 || DNS squid proxy dns A record response denial of service attempt || bugtraq,12551 || cve,2005-0446
|
16069
|
+
17484 || DNS squid proxy dns PTR record response denial of service attempt || bugtraq,12551 || cve,2005-0446
|
16070
|
+
17485 || DNS Symantec Gateway products DNS cache poisoning attempt || cve,2005-0817
|
16071
|
+
17486 || WEB-MISC Trend Micro Control Manager Chunked overflow attempt || bugtraq,15865 || cve,2005-1929
|
16072
|
+
17487 || WEB-CLIENT Microsoft Internet Explorer Script Engine Stack Exhaustion Denial of Service attempt || bugtraq,16687 || cve,2006-0753
|
16073
|
+
17488 || SPECIFIC-THREATS Excel Malformed Range Code Execution attempt || bugtraq,15780 || cve,2005-4131
|
16074
|
+
17489 || SPECIFIC-THREATS Microsoft Windows Help File Heap Buffer Overflow attempt || bugtraq,17325 || cve,2006-1591
|
16075
|
+
17490 || SPECIFIC-THREATS Microsoft Windows itss.dll CHM File Handling Heap Corruption attempt || bugtraq,17926 || cve,2006-2297
|
16076
|
+
17491 || SPECIFIC-THREATS Microsoft Word mso.dll LsCreateLine Memory Corruption || bugtraq,18905 || cve,2006-3493
|
16077
|
+
17492 || SPECIFIC-THREATS Microsoft Excel Malformed SELECTION Record Code Execution attempt || bugtraq,18853 || cve,2006-1301
|
16078
|
+
17493 || SPECIFIC-THREATS ClamAV UPX FileHandling Heap overflow attempt || bugtraq,19381 || cve,2006-4018
|
16079
|
+
17494 || WEB-CLIENT Microsoft Internet Explorer Long URL Buffer Overflow attempt || bugtraq,19667 || cve,2006-3869
|
16080
|
+
17495 || SPECIFIC-THREATS Squid proxy DNS response spoofing attempt || bugtraq,13592 || cve,2005-1519
|
16081
|
+
17496 || WEB-CLIENT Microsoft Powerpoint malformed NamedShows record code execution attempt || bugtraq,20226 || cve,2006-4694
|
16082
|
+
17497 || WEB-CLIENT Microsoft Powerpoint malformed NamedShows record code execution attempt || bugtraq,20226 || cve,2006-4694
|
16083
|
+
17498 || WEB-MISC Tomcat UNIX platform directory traversal || bugtraq,22960 || cve,2007-0450 || url,tomcat.apache.org/tomcat-6.0-doc/changelog.html
|
16084
|
+
17499 || WEB-MISC Tomcat UNIX platform directory traversal || bugtraq,22960 || cve,2007-0450 || url,tomcat.apache.org/tomcat-6.0-doc/changelog.html
|
16085
|
+
17500 || WEB-MISC Tomcat UNIX platform directory traversal || bugtraq,22960 || cve,2007-0450 || url,tomcat.apache.org/tomcat-6.0-doc/changelog.html
|
16086
|
+
17501 || WEB-MISC Tomcat UNIX platform directory traversal || bugtraq,22960 || cve,2007-0450 || url,tomcat.apache.org/tomcat-6.0-doc/changelog.html
|
16087
|
+
17502 || WEB-MISC Tomcat UNIX platform directory traversal || bugtraq,22960 || cve,2007-0450 || url,tomcat.apache.org/tomcat-6.0-doc/changelog.html
|
16088
|
+
17503 || IMAP MailEnable IMAP Service Invalid Command Buffer Overlow LOGIN || bugtraq,21252
|
16089
|
+
17504 || EXPLOIT Novell ZENworks Asset Management buffer overflow attempt || bugtraq,21395 || cve,2006-6299
|
16090
|
+
17505 || WEB-CLIENT Microsoft Word formatted disk pages table memory corruption attempt || bugtraq,21589 || cve,2006-6561
|
16091
|
+
17506 || WEB-CLIENT Microsoft Word formatted disk pages table memory corruption attempt || bugtraq,21589 || cve,2006-6561
|
16092
|
+
17507 || WEB-CLIENT Microsoft Word formatted disk pages table memory corruption attempt || bugtraq,21589 || cve,2006-6561
|
16093
|
+
17508 || WEB-MISC Microsoft .NET Application download attempt || bugtraq,21688 || cve,2006-6696
|
16094
|
+
17509 || WEB-MISC Microsoft .NET Manifest download attempt || bugtraq,21688 || cve,2006-6696
|
16095
|
+
17510 || WEB-MISC Microsoft .NET Deploy download attempt || bugtraq,21688 || cve,2006-6696
|
16096
|
+
17511 || WEB-CLIENT Excel malformed Graphic Code Execution || bugtraq,16181 || cve,2006-0030
|
16097
|
+
17512 || WEB-CLIENT Microsoft Internet Explorer Script Action Handler buffer overflow attempt || bugtraq,17131 || cve,2006-1245
|
16098
|
+
17513 || WEB-CLIENT Microsoft Internet Explorer Script Action Handler buffer overflow attempt || bugtraq,17131 || cve,2006-1245
|
16099
|
+
17514 || WEB-CLIENT Microsoft Internet Explorer Script Action Handler buffer overflow attempt || bugtraq,17131 || cve,2006-1245
|
16100
|
+
17515 || WEB-CLIENT Microsoft Internet Explorer Script Action Handler buffer overflow attempt || bugtraq,17131 || cve,2006-1245
|
16101
|
+
17516 || WEB-CLIENT Microsoft Internet Explorer Script Action Handler buffer overflow attempt || bugtraq,17131 || cve,2006-1245
|
16102
|
+
17517 || WEB-CLIENT excel Malformed Record Code Execution attempt || bugtraq,17101 || cve,2006-0031
|
16103
|
+
17518 || FTP FlashGet PWD command stack buffer overflow attempt || bugtraq,30685 || cve,2008-4321
|
16104
|
+
17519 || SPECIFIC-THREATS Mozilla Firefox UTF-8 URL Handling Stack Buffer Overflow || bugtraq,31346 || cve,2008-0016
|
16105
|
+
17520 || EXPLOIT CA ARCserve Backup DB Engine Denial of Service || bugtraq,31684 || cve,2008-4399
|
16106
|
+
17521 || SPECIFIC-THREATS GoodTech SSH Server SFTP Processing Buffer Overflow || bugtraq,31879 || cve,2008-4726
|
16107
|
+
17522 || SPECIFIC-THREATS Sun Java Runtime Environment Pack200 Decompression Integer Overflow || bugtraq,31879 || cve,2008-4726
|
16108
|
+
17523 || SPECIFIC-THREATS Apple QuickTime H.264 Movie File Buffer Overflow || bugtraq,36328 || cve,2009-2799
|
16109
|
+
17524 || SPECIFIC-THREATS Fujitsu SystemcastWizard Lite PXEService UDP Handling Buffer Overflow || bugtraq,33342 || cve,2009-0270
|
16110
|
+
17525 || SPECIFIC-THREATS Microsoft IIS 5.0 WebDav Request Directory Security Bypass || bugtraq,35232 || cve,2009-1122
|
16111
|
+
17526 || SPECIFIC-THREATS Adobe Acrobat and Adobe Reader U3D RHAdobeMeta Buffer Overflow || bugtraq,35282 || cve,2009-1855
|
16112
|
+
17527 || SPECIFIC-THREATS VideoLAN VLC Media Player MP4_BoxDumpStructure Buffer Overflow || bugtraq,35232 || cve,2009-1122
|
16113
|
+
17528 || SPECIFIC-THREATS nginx URI parsing buffer overflow attempt || bugtraq,36384 || cve,2009-2629
|
16114
|
+
17529 || SPECIFIC-THREATS Adobe RoboHelp Server Arbitrary File Upload and Execute || bugtraq,35282 || cve,2009-1855
|
16115
|
+
17530 || SPECIFIC-THREATS HP OpenView Storage Data Protector Stack Buffer Overflow || cve,2007-2280 || cve,2007-2881
|
16116
|
+
17531 || SPECIFIC-THREATS Apple Quicktime MOV File JVTCompEncodeFrame Heap Overflow || bugtraq,23650 || cve,2007-2295
|
16117
|
+
17532 || SPECIFIC-THREATS Microsoft Excel TXO and OBJ Records Parsing Stack Memory Corruption || bugtraq,32618 || cve,2008-4265
|
16118
|
+
17533 || WEB-MISC Apache Struts Information Disclosure Attempt || bugtraq,32104 || cve,2008-6505
|
16119
|
+
17534 || MISC IPP Application Content
|
16120
|
+
17535 || MISC Apple CUPS Text to PostScript Filter Integer Overflow attempt || bugtraq,31690 || cve,2008-3640
|
16121
|
+
17536 || WEB-MISC Free Download Manager Remote Control Server HTTP Auth Header buffer overflow attempt || bugtraq,33554 || cve,2009-0183
|
16122
|
+
17537 || SPECIFIC-THREATS Microsoft Excel Unspecified Null Page Name Memory Corruption Attempt || bugtraq,15926 || cve,2006-0031
|
16123
|
+
17538 || SPECIFIC-THREATS Microsoft Excel Unspecified Page Name Memory Corruption Attempt || bugtraq,15926 || cve,2006-0031
|
16124
|
+
17539 || SPECIFIC-THREATS Microsoft Excel Unspecified Grafic Pointer Memory Corruption Attempt || bugtraq,15926 || cve,2006-0030
|
16125
|
+
17540 || WEB-CLIENT LZH file download
|
16126
|
+
17541 || SPECIFIC-THREATS Avast! Antivirus Engine Remote LHA buffer overflow attempt || bugtraq,19903 || cve,2006-4626
|
16127
|
+
17542 || SPECIFIC-THREATS Excel MalformedPalete Record Memory Corruption attempt || bugtraq,21922 || cve,2007-0031
|
16128
|
+
17543 || WEB-CLIENT Excel Column Record Handling Memory Corruption attempt || bugtraq,21925 || cve,2007-0030
|
16129
|
+
17544 || SPECIFIC-THREATS Wireshark LWRES Dissector getaddrsbyname buffer overflow attempt || bugtraq,37985 || cve,2010-0304
|
16130
|
+
17545 || WEB-ACTIVEX Lotus Domino Web Access ActiveX Controls buffer overflow attempt || bugtraq,38457 || url,www-01.ibm.com/support/docview.wss?uid=swg21421808
|
16131
|
+
17546 || POLICY Microsoft Media Player compressed skin download - .wmd || bugtraq,25305 || cve,2007-3037 || url,www.microsoft.com/technet/security/Bulletin/MS07-047.mspx
|
16132
|
+
17547 || WEB-CLIENT Apple Quicktime SMIL transfer
|
16133
|
+
17548 || WEB-CLIENT Apple Quicktime SMIL File Handling Integer Overflow attempt || bugtraq,24873 || cve,2007-2394
|
16134
|
+
17549 || SPECIFIC-THREATS Internet Explorer Error Handling Code Execution || bugtraq,25916 || cve,2007-3892
|
16135
|
+
17550 || SPECIFIC-THREATS Microsoft Word Font Parsing Buffer Overflow attempt || bugtraq,14216 || cve,2005-0564
|
16136
|
+
17551 || CHAT MSN Messenger and Windows Live Messenger Code Execution attempt || bugtraq,25461 || cve,2007-2931
|
16137
|
+
17552 || WEB-CLIENT Adobe Pagemaker file request
|
16138
|
+
17553 || SPECIFIC-THREATS Adobe Pagemaker Font Name Buffer Overflow attempt || bugtraq,25989 || cve,2007-5169
|
16139
|
+
17554 || SPECIFIC-THREATS Microsoft Internet Explorer DOM object cache management memory corruption attempt || bugtraq,26817 || cve,2007-5344
|
16140
|
+
17555 || SPECIFIC-THREATS Macrovision InstallShield Update Service ActiveX exploit attempt || bugtraq,26280 || bugtraq,31235 || cve,2007-5660 || url,support.installshield.com/kb/view.asp?articleid=Q113602
|
16141
|
+
17556 || SPECIFIC-THREATS Firebird database invalid state memory corruption || bugtraq,27403 || cve,2008-0387
|
16142
|
+
17557 || WEB-ACTIVEX Novell iPrint ActiveX operation parameter overflow || bugtraq,27939 || bugtraq,29736 || bugtraq,30813 || bugtraq,30986 || cve,2008-0935 || cve,2008-2431 || cve,2008-2432 || cve,2008-2908 || url,secunia.com/advisories/40782 || url,support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5028061.html
|
16143
|
+
17558 || SPECIFIC-THREATS CUPS Gif Decoding Routine Buffer Overflow attempt || bugtraq,28544 || cve,2008-1373
|
16144
|
+
17559 || SPECIFIC-THREATS IBM Lotus Notes Applix Graphics Parsing Buffer Overflow || bugtraq,28454 || cve,2007-5405
|
16145
|
+
17560 || SPECIFIC-THREATS Microsoft Word Global Array Index Heap Overflow attempt || bugtraq,32583 || cve,2008-4026
|
16146
|
+
17561 || SPECIFIC-THREATS RealNetworks RealPlayer IVR Overly Long Filename Code Execution attempt || bugtraq,33652 || cve,2009-0375
|
16147
|
+
17562 || SPECIFIC-THREATS Sun Java Runtime Environment Pack200 Decompression Integer Overflow attempt || bugtraq,32608 || cve,2008-5352
|
16148
|
+
17563 || SPECIFIC-THREATS Sun Java Runtime Environment JAR File Processing Stack Buffer Overflow || bugtraq,32608 || cve,2008-5354
|
16149
|
+
17564 || WEB-IIS WebDAV Request Directory Security Bypass attempt || bugtraq,34993 || cve,2009-1535
|
16150
|
+
17565 || SPECIFIC-THREATS Microsoft Office PowerPoint PP7 File Handling Memory Corruption attempt || bugtraq,34880 || cve,2009-0225
|
16151
|
+
17566 || SPECIFIC-THREATS Microsoft Internet Explorer 7 Event Handler Memory Corruption || bugtraq,35224 || cve,2009-1530
|
16152
|
+
17567 || SPECIFIC-THREATS LANDesk Management Suite Alerting Service buffer overflow || bugtraq,23483 || cve,2007-1674
|
16153
|
+
17568 || WEB-MISC Microsoft Office XP URL Handling Buffer Overflow attempt || bugtraq,12480 || cve,2004-0848
|
16154
|
+
17569 || EXPLOIT BEA Weblogic Admin Console Cross Site Scripting Vulnerability attempt || bugtraq,13793 || cve,2005-1747
|
16155
|
+
17570 || SPECIFIC-THREATS Mozilla Firefox IFRAME style change handling code execution || bugtraq,28448 || cve,2008-1236 || url,secunia.com/advisories/29526 || url,www.mozilla.org/security/announce/2008/mfsa2008-15.html
|
16156
|
+
17571 || WEB-ACTIVEX obfuscated instantiation of ActiveX object - likely malicious || cve,2008-3558
|
16157
|
+
17572 || WEB-CLIENT Microsoft XML Core Services cross-site information disclosure attempt || bugtraq,32155 || cve,2008-4029 || url,www.microsoft.com/technet/security/Bulletin/MS08-069.mspx
|
16158
|
+
17573 || WEB-CLIENT ffdshow codec URL parsing buffer overflow attempt || bugtraq,32438 || cve,2008-5381
|
16159
|
+
17574 || SPECIFIC-THREATS Sophos Anti-Virus Visio File Parsing Buffer Overflow attempt || bugtraq,14362 || cve,2005-2768
|
16160
|
+
17575 || WEB-ACTIVEX SizerOne 2 ActiveX clsid access || bugtraq,33148 || cve,2008-4827
|
16161
|
+
17576 || WEB-ACTIVEX SizerOne 2 ActiveX clsid unicode access || bugtraq,33148 || cve,2008-4827
|
16162
|
+
17577 || POLICY CA BightStor ARCserver Backup possible insecure method attempt || cve,2007-5328 || url,secunia.com/advisories/27192/
|
16163
|
+
17578 || SPECIFIC-THREATS Microsoft Word Section Table Array Buffer Overflow attempt || bugtraq,22225 || cve,2007-0515
|
16164
|
+
17579 || SPECIFIC-THREATS Microsoft Office Drawing Record msofbtOPT Code Execution attempt || bugtraq,22383 || cve,2007-0671
|
16165
|
+
17580 || SPECIFIC-THREATS Microsoft Internet Explorer span tag memory corruption attempt || bugtraq,17468 || cve,2006-1188
|
16166
|
+
17581 || SPECIFIC-THREATS Mozilla Firefox tag order memory corruption attempt || bugtraq,17516 || cve,2006-0749
|
16167
|
+
17582 || WEB-ACTIVEX Symantec Norton AntiVirus CcErrDisp ActiveX function call access || bugtraq,12175
|
16168
|
+
17583 || WEB-ACTIVEX Symantec Norton AntiVirus CcErrDisp ActiveX function call unicode access || bugtraq,12175
|
16169
|
+
17584 || ORACLE UTL_FILE directory traversal attempt || bugtraq,12749 || cve,2005-0701
|
16170
|
+
17585 || SPECIFIC-THREATS Internet Explorer possible javascript onunload event memory corruption || bugtraq,22678 || cve,2007-1094
|
16171
|
+
17586 || WEB-CLIENT Sun Java Web Start malicious parameter value || bugtraq,11726 || cve,2004-1029
|
16172
|
+
17587 || SPECIFIC-THREATS AcroPDF.PDF ActiveX exploit attempt || bugtraq,12989 || bugtraq,21155 || cve,2005-0035 || cve,2006-6027 || url,www.adobe.com/support/security/advisories/apsa06-02.html
|
16173
|
+
17588 || WEB-ACTIVEX Microsoft Internet Explorer Install Engine ActiveX clsid access || bugtraq,11366 || cve,2004-0216 || url,www.microsoft.com/technet/security/Bulletin/MS04-038.mspx
|
16174
|
+
17589 || WEB-ACTIVEX Microsoft Internet Explorer Install Engine ActiveX clsid unicode access || bugtraq,11366 || cve,2004-0216 || url,www.microsoft.com/technet/security/Bulletin/MS04-038.mspx
|
16175
|
+
17590 || ORACLE DBMS_ASSERT.simple_sql_name double quote SQL injection attempt || bugtraq,19203
|
16176
|
+
17591 || WEB-CLIENT Microsoft Word Crafted Sprm memory corruption attempt || bugtraq,32584 || cve,2008-4837
|
16177
|
+
17592 || WEB-ACTIVEX Microsoft MyInfo.dll ActiveX clsid access || bugtraq,19636 || cve,2006-4495 || url,www.xsec.org/index.php?module=Releases&act=view&type=1&id=16
|
16178
|
+
17593 || WEB-ACTIVEX Microsoft msdxm.ocx ActiveX clsid access || bugtraq,19636 || cve,2006-4495 || url,www.xsec.org/index.php?module=Releases&act=view&type=1&id=16
|
16179
|
+
17594 || WEB-ACTIVEX Microsoft creator.dll 1 ActiveX clsid access || bugtraq,19636 || cve,2006-4495 || url,www.xsec.org/index.php?module=Releases&act=view&type=1&id=16
|
16180
|
+
17595 || WEB-ACTIVEX Microsoft creator.dll 2 ActiveX clsid access || bugtraq,19636 || cve,2006-4495 || url,www.xsec.org/index.php?module=Releases&act=view&type=1&id=16
|
16181
|
+
17596 || WEB-ACTIVEX Microsoft ciodm.dll ActiveX clsid access || bugtraq,19636 || cve,2006-4495 || url,www.xsec.org/index.php?module=Releases&act=view&type=1&id=16
|
16182
|
+
17597 || WEB-PHP TikiWiki jhot.php script file upload attempt || bugtraq,19819 || url,tikiwiki.org/tiki-read_article.php?articleid=136
|
16183
|
+
17598 || SPECIFIC-THREATS IBM DB2 Universal Database accsec command without rdbnam || bugtraq,19586 || cve,2006-4257
|
16184
|
+
17599 || SPECIFIC-THREATS IBM DB2 Universal Database rdbname denial of service attempt || bugtraq,19586 || cve,2006-4257
|
16185
|
+
17600 || WEB-CLIENT .xul document retrieval
|
16186
|
+
17601 || WEB-CLIENT Mozilla Firefox file type memory corruption attempt || bugtraq,32281 || cve,2008-5016 || url,www.mozilla.org/security/announce/2008/mfsa2008-52.html
|
16187
|
+
17602 || WEB-CLIENT ClamAV antivirus CHM file handling denial of service || bugtraq,30994 || cve,2008-1389 || url,sourceforge.net/project/shownotes.php?group_id=86638&release_id=623661
|
16188
|
+
17603 || WEB-CLIENT Mozilla Firefox file type memory corruption attempt || bugtraq,32281 || cve,2008-5021 || url,www.mozilla.org/security/announce/2008/mfsa2008-55.html
|
16189
|
+
17604 || SPECIFIC-THREATS Java AWT ConvolveOp memory corruption attempt || bugtraq,21675 || url,sunsolve.sun.com/search/document.do?assetkey=1-26-102729-1
|
16190
|
+
17605 || WEB-CGI Trend Micro OfficeScan CGI password decryption buffer overflow attempt || bugtraq,28020 || cve,2008-1365 || url,secunia.com/advisories/29124
|
16191
|
+
17606 || SPECIFIC-THREATS Adobe Flash ASnative command execution attempt || bugtraq,32896 || cve,2008-5499 || url,www.adobe.com/support/security/bulletins/apsb08-24.html
|
16192
|
+
17607 || SPECIFIC-THREATS Xi Software Net Transport eDonkey Protocol Buffer Overflow attempt || bugtraq,40617
|
16193
|
+
17609 || WEB-MISC Sun Java Web Server Webdav Stack Buffer Overflow attempt || bugtraq,37874 || cve,2010-0361
|
16194
|
+
17610 || WEB-CLIENT GStreamer QuickTime file parsing multiple heap overflow attempt || bugtraq,33405 || cve,2009-0398
|
16195
|
+
17611 || WEB-CLIENT GStreamer QuickTime file parsing multiple heap overflow attempt || bugtraq,33405 || cve,2009-0398
|
16196
|
+
17612 || WEB-CLIENT GStreamer QuickTime file parsing multiple heap overflow attempt || bugtraq,33405 || cve,2009-0398
|
16197
|
+
17613 || WEB-MISC Mozilla Firefox browser engine memory corruption attempt || bugtraq,35326 || cve,2009-1392
|
16198
|
+
17614 || WEB-ACTIVEX SAP GUI SAPBExCommonResources ActiveX clsid access || url,securitytracker.com/alerts/2010/Mar/1023760.html
|
16199
|
+
17615 || WEB-ACTIVEX SAP GUI SAPBExCommonResources ActiveX clsid unicode access || url,securitytracker.com/alerts/2010/Mar/1023760.html
|
16200
|
+
17616 || WEB-ACTIVEX SAP GUI SAPBExCommonResources ActiveX function call access || url,securitytracker.com/alerts/2010/Mar/1023760.html
|
16201
|
+
17617 || WEB-ACTIVEX SAP GUI SAPBExCommonResources ActiveX function call unicode access || url,securitytracker.com/alerts/2010/Mar/1023760.html
|
16202
|
+
17618 || SPECIFIC-THREATS Microsoft Windows hraphics engine EMF rendering vulnerability || bugtraq,15352 || cve,2005-2123
|
16203
|
+
17619 || ORACLE database server crafted view privelege escalation attempt || bugtraq,17246 || cve,2006-1705
|
16204
|
+
17620 || SPECIFIC-THREATS Products Discovery Service Buffer Overflow || bugtraq,20364 || cve,2006-5143
|
16205
|
+
17621 || SPECIFIC-THREATS Products Discovery Service Buffer Overflow || bugtraq,20364 || cve,2006-5143
|
16206
|
+
17622 || SPECIFIC-THREATS Microsoft Internet Explorer object reference memory corruption attempt || cve,2007-3902 || url,www.securityfocus.com/bid/26506
|
16207
|
+
17623 || SPECIFIC-THREATS Sun Java Runtime Environment Type1 Font parsing integer overflow attempt || bugtraq,34240 || cve,2009-1099
|
16208
|
+
17624 || SPECIFIC-THREATS Sun Java Runtime Environment Type1 Font parsing integer overflow attempt || bugtraq,34240 || cve,2009-1099
|
16209
|
+
17625 || ORACLE Oracle Database Core RDBMS component denial of service attempt || bugtraq,26108 || cve,2007-5530
|
16210
|
+
17626 || SPECIFIC-THREATS Microsoft Windows embedded web font handling buffer overflow attempt || bugtraq,16194 || cve,2006-0010
|
16211
|
+
17627 || DELETED POLICY Possible Microsoft telnet NTLM reflection attempt || cve,2000-0834 || cve,2009-1930 || url,secunia.com/advisories/36222/
|
16212
|
+
17628 || SPECIFIC-THREATS Sun Microsystems Java gif handling memory corruption attempt || bugtraq,22085 || cve,2007-0243
|
16213
|
+
17629 || WEB-CLIENT Mozilla Firefox Chrome Page Loading Restriction Bypass attempt || bugtraq,14920 || cve,2005-2706
|
16214
|
+
17630 || WEB-CLIENT Mozilla multiple products CSSValue array memory corruption attempt || bugtraq,29802 || cve,2008-2785
|
16215
|
+
17631 || WEB-CLIENT Sun Java Web Start JNLP java-vm-args buffer overflow attempt || bugtraq,30148 || cve,2008-3111
|
16216
|
+
17633 || WEB-CLIENT RealNetworks RealPlayer SWF frame handling buffer overflow attempt || bugtraq,30370 || cve,2007-5400
|
16217
|
+
17634 || NETBIOS DCERPC NCACN-IP-TCPbrightstor-arc function 0 little endian object call overflow attempt || cve,2008-4398 || url,support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143
|
16218
|
+
17635 || NETBIOS DCERPC NCACN-IP-TCPbrightstor-arc function 0 little endian overflow attempt || cve,2008-4398 || url,support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143
|
16219
|
+
17636 || NETBIOS DCERPC NCACN-IP-TCPbrightstor-arc function 0 object call overflow attempt || cve,2008-4398 || url,support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143
|
16220
|
+
17637 || NETBIOS DCERPC NCACN-IP-TCPbrightstor-arc function 0 overflow attempt || cve,2008-4398 || url,support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143
|
16221
|
+
17638 || Oracle Secure Backup Administration Server login.php Cookies Command Injection attempt || bugtraq,33177 || cve,2008-4006
|
16222
|
+
17639 || NETBIOS Samba Root File System access bypass attempt || bugtraq,33118 || cve,2009-0022
|
16223
|
+
17640 || NETBIOS DCERPC NCACN-IP-TCP brightstor opnum 43 overflow attempt || bugtraq,22005 || cve,2007-0169 || url,www.kb.cert.org/vuls/id/180336
|
16224
|
+
17641 || SPECIFIC-THREATS CUPS and Xpdf JBIG2 symbol dictionary buffer overflow attempt || cve,2009-0195 || url,www.cups.org/str.php?L3129
|
16225
|
+
17642 || WEB-CLIENT Mozilla Firefox ConstructFrame with floating first-letter memory corruption attempt || bugtraq,35765 || cve,2009-2462
|
16226
|
+
17643 || EXPLOIT CA BrightStor ARCServe logger servie null-pointer dereference attempt || cve,2007-2772
|
16227
|
+
17644 || SPECIFIC-THREATS Internet Explorer object clone deletion memory corruption attempt || cve,2009-0075 || url,www.microsoft.com/technet/security/bulletin/MS09-002.mspx
|
16228
|
+
17645 || WEB-CLIENT Microsoft Internet Explorer CSS strings parsing memory corruption attempt || cve,2007-0943 || url,www.microsoft.com/technet/security/bulletin/ms07-045.mspx
|
16229
|
+
17646 || WEB-CLIENT Microsoft Powerpoint Legacy file format picture object code execution attempt || bugtraq,34834 || cve,2009-0223
|
16230
|
+
17648 || WEB-IIS source code disclosure attempt || bugtraq,14764
|
16231
|
+
17649 || WEB-CLIENT Microsoft Word array data handling buffer overflow attempt || bugtraq,23804 || cve,2007-0035
|
16232
|
+
17650 || SPECIFIC-THREATS Adobe Pagemaker Key Strings Stack Buffer Overflow attempt || bugtraq,31999 || cve,2007-6432
|
16233
|
+
17651 || SPECIFIC-THREATS Multiple AV vendor invalid archive checksum bypass attempt || bugtraq,12771 || url,archives.neohapsis.com/archives/fulldisclosure/2005-03/0207.html
|
16234
|
+
17652 || WEB-MISC Microsoft IIS source code disclosure attempt || cve,2005-2678 || url,secunia.com/advisories/16548
|
16235
|
+
17653 || WEB-MISC Microsoft IIS source code disclosure attempt || cve,2005-2678 || url,secunia.com/advisories/16548
|
16236
|
+
17654 || SPECIFIC-THREATS Facebook Photo Uploader ActiveX exploit attempt || bugtraq,27534 || bugtraq,27756 || cve,2008-5711 || url,www.microsoft.com/technet/security/advisory/953839.mspx
|
16237
|
+
17656 || WEB-MISC Apache HTTP server mod_rewrite module LDAP scheme handling buffer overflow attempt || cve,2006-3747
|
16238
|
+
17657 || EXPLOIT Symantec NetBackup BPCD Daemon exploit attempt || bugtraq,21565 || cve,2006-6222
|
16239
|
+
17658 || SPECIFIC-THREATS Adobe Flash frame type identifier memory corruption attempt || bugtraq,15332 || cve,2005-2628
|
16240
|
+
17659 || ORACLE xdb.dbms_xmlschema buffer overflow attempt || bugtraq,16287 || cve,2006-0272
|
16241
|
+
17660 || SPECIFIC-THREATS Java Web Start arbitrary command execution attempt || bugtraq,39346 || cve,2010-0886 || cve,2010-1423
|
16242
|
+
17661 || EXPLOIT Samba send_mailslot buffer overflow attempt || bugtraq,26791 || cve,2007-6015
|
16243
|
+
17662 || DELETEC SPECIFIC-THREAT Sun Solaris DHCP Client Arbitrary Code Execution attempt || bugtraq,14687 || cve,2005-2870
|
16244
|
+
17664 || WEB-CLIENT GIF image descriptor memory corruption attempt || bugtraq,18915 || bugtraq,22630 || cve,2006-0007 || cve,2007-1071 || url,www.microsoft.com/technet/security/bulletin/ms06-039.mspx
|
16245
|
+
17666 || WEB-CLIENT RealNetworks RealPlayer invalid chunk size heap overflow attempt || bugtraq,17202 || cve,2005-2922
|
16246
|
+
17668 || POLICY attempted download of a PDF with embedded JavaScript || url,www.adobe.com/devnet/acrobat/javascript.html
|
16247
|
+
17669 || SPECIFIC-THREATS Oracle Application Server 10g OPMN service format string vulnerability exploit attempt || bugtraq,34461 || cve,2009-0993 || url,www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html
|
16248
|
+
17670 || WEB-ACTIVEX BigAnt Office Manager ActiveX clsid access || bugtraq,39721
|
16249
|
+
17671 || WEB-ACTIVEX BigAnt Office Manager ActiveX clsid unicode access || bugtraq,39721
|
16250
|
+
17672 || WEB-ACTIVEX BigAnt Office Manager ActiveX function call access || bugtraq,39721
|
16251
|
+
17673 || WEB-ACTIVEX BigAnt Office Manager ActiveX function call unicode access || bugtraq,39721
|
16252
|
+
17674 || WEB-ACTIVEX Skype Extras Manager ActiveX clsid access || bugtraq,36459 || cve,2009-4741
|
16253
|
+
17675 || WEB-ACTIVEX Skype Extras Manager ActiveX clsid unicode access || bugtraq,36459 || cve,2009-4741
|
16254
|
+
17676 || WEB-ACTIVEX Skype Extras Manager ActiveX function call access || bugtraq,36459 || cve,2009-4741
|
16255
|
+
17677 || WEB-ACTIVEX Skype Extras Manager ActiveX function call unicode access || bugtraq,36459 || cve,2009-4741
|
16256
|
+
17678 || WEB-CLIENT Adobe BMP image handler buffer overflow attempt || bugtraq,28874 || cve,2008-1765
|
16257
|
+
17679 || WEB-MISC Apple disk image download request
|
16258
|
+
17680 || SPECIFIC-THREATS ISC BIND DNSSEC Validation Multiple RRsets DoS || bugtraq,22231 || cve,2007-0494
|
16259
|
+
17698 || SPECIFIC-THREATS RealNetworks RealPlayer wav chunk string overflow attempt in email || bugtraq,12697 || cve,2005-0611
|
16260
|
+
17701 || SPECIFIC-THREATS Office Viewer ActiveX arbitrary command execution attempt || bugtraq,23811 || bugtraq,33238 || bugtraq,33243 || bugtraq,33245 || cve,2007-2588 || url,moaxb.blogspot.com/2007/05/moaxb-04-office-viewer-oaocx-v-32.html
|
16261
|
+
17702 || NETBIOS DCERPC NCACN-IP-TCP srvsvc NetrDfsCreateExitPoint dos attempt || bugtraq,15460 || cve,2005-3644 || url,www.microsoft.com/technet/security/advisory/911052.mspx
|
16262
|
+
17703 || SPECIFIC-THREATS Internet Explorer popup title bar spoofing attempt || bugtraq,12602 || cve,2005-0500
|
16263
|
+
17704 || SPECIFIC-THREATS McAfee LHA file parsing buffer overflow attempt || bugtraq,10243 || cve,2005-0643
|
16264
|
+
17705 || WEB-IIS web agent chunked encoding overflow attempt || bugtraq,13524 || cve,2005-1471
|
16265
|
+
17706 || MISC Veritas NetBackup java user interface service format string attack attempt || cve,2005-2715
|
16266
|
+
17707 || NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect trend_req_num buffer overflow attempt || bugtraq,22639 || cve,2007-1070 || url,esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034290
|
16267
|
+
17708 || EXPLOIT VNC password request URL buffer overflow attempt || bugtraq,17378 || cve,2006-1652
|
16268
|
+
17710 || EXPLOIT Veritas NetBackup vmd shared library buffer overflow attempt || bugtraq,15353 || cve,2005-3116
|
16269
|
+
17711 || WEB-CLIENT Microsoft Windows ASF parsing memory corruption attempt || cve,2007-0064 || url,www.microsoft.com/technet/security/bulletin/ms07-068.mspx
|
16270
|
+
17712 || SPECIFIC-THREATS TFTP PUT Microsoft RIS filename overwrite attempt || cve,2006-5584 || url,www.microsoft.com/technet/security/bulletin/ms06-077.mspx
|
16271
|
+
17713 || EXPLOIT Novell NetMail NMAP STOR buffer overflow attempt || bugtraq,21725 || cve,2006-6424
|
16272
|
+
17714 || NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect CMON_ActiveUpdate attempt || bugtraq,22639 || cve,2007-1070 || url,esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034290
|
16273
|
+
17715 || NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect CMON_ActiveUpdate attempt || bugtraq,22639 || cve,2007-1070 || url,esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034290
|
16274
|
+
17716 || SPECIFIC-THREATS IBM Lotus Notes DOC attachment viewer buffer overflow || bugtraq,26146 || cve,2007-5544
|
16275
|
+
17717 || SMTP IBM Lotus Notes HTML input tag buffer overflow attempt || bugtraq,26200 || cve,2007-4222 || url,www-1.ibm.com/support/docview.wss?rs=477&uid=swg21272930
|
16276
|
+
17718 || SPECIFIC-THREATS Oracle MDSYS drop table trigger injection attempt || bugtraq,33177 || cve,2008-3979
|
16277
|
+
17719 || SPECIFIC-THREATS Mozilla Firefox ClearTextRun exploit attempt || bugtraq,34743 || cve,2009-1313
|
16278
|
+
17722 || ORACLE Oracle XDB.XDB_PITRIG_PKG buffer overflow attempt || bugtraq,27229 || cve,2008-0339 || url,www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2008.html
|
16279
|
+
17724 || SPECIFIC-THREATS malicious ASP file upload attempt || bugtraq,18858 || cve,2006-0026 || url,www.microsoft.com/technet/security/bulletin/ms06-034.mspx
|
16280
|
+
17725 || WEB-CLIENT Opera file URI handling buffer overflow || bugtraq,32323 || cve,2008-5178
|
16281
|
+
17726 || SPECIFIC-THREATS Internet Explorer address bar spoofing attempt || bugtraq,17404 || cve,2006-1626
|
16282
|
+
17727 || SPECIFIC-THREATS Sun JDK image parsing library ICC buffer overflow attempt || bugtraq,24004 || cve,2007-2788 || url,scary.beasts.org/security/CESA-2006-004.html
|
16283
|
+
17728 || MISC Panda Antivirus ZOO archive decompression buffer overflow attempt || cve,2005-3922
|
16284
|
+
17729 || SPECIFIC-THREATS Microsoft Internet Explorer EMBED element memory corruption attempt || bugtraq,34424 || cve,2009-0553 || url,www.microsoft.com/technet/security/Bulletin/MS09-014.mspx
|
16285
|
+
17730 || WEB-CLIENT Microsoft XML Core Services MIME Viewer memory corruption attempt || cve,2007-0099 || url,www.microsoft.com/technet/security/bulletin/MS08-069.mspx
|
16286
|
+
17732 || WEB-CLIENT TIFF file request
|
16287
|
+
17733 || WEB-MISC XML file download request
|
16288
|
+
17734 || WEB-MISC Excel REPT integer underflow attempt || bugtraq,31706 || cve,2008-4019
|
16289
|
+
17735 || SPECIFIC-THREATS Adobe Pagemaker Font Name Buffer Overflow attempt || bugtraq,25989 || cve,2007-5169
|
16290
|
+
17736 || SPECIFIC-THREATS McAfee LHA Type-2 file handling overflow attempt || bugtraq,12832 || cve,2005-0644
|
16291
|
+
17737 || SPECIFIC-THREATS Microsoft collaboration data objects buffer overflow attempt || bugtraq,15067 || cve,2005-1987
|
16292
|
+
17738 || SPECIFIC-THREATS Linux Kernel SNMP Netfilter Memory Corruption attempt || bugtraq,18081 || cve,2006-2444
|
16293
|
+
17739 || POLICY FlashPix file download request
|
16294
|
+
17740 || SPECIFIC-THREATS Apple Quicktime FlashPix processing overflow attempt || bugtraq,36328 || cve,2009-2798
|
16295
|
+
17745 || NETBIOS SMB TRANS2 Find_First2 request attempt
|
16296
|
+
17746 || NETBIOS SMB client TRANS response Find_First2 filesize overflow attempt || cve,2005-0045 || url,www.microsoft.com/technet/security/bulletin/MS05-011.mspx
|
16297
|
+
17748 || WEB-MISC TLSv1 Client_Certificate handshake
|
16298
|
+
17749 || RPC Linux Kernel nfsd v4 CAP_MKNOD security bypass attempt || bugtraq,34205 || cve,2009-1072
|
16299
|
+
17751 || WEB-CLIENT OpenType Font file download request
|
16300
|
+
17776 || WEB-CLIENT Sun Java HsbParser.getSoundBank stack buffer overflow attempt || bugtraq,36881 || cve,2009-3867
|
16301
|
+
17777 || SPECIFIC-THREATS IBM Lotus Notes WPD attachment handling buffer overflow || bugtraq,34086 || cve,2008-4564
|
16302
|
+
17778 || SPECIFIC-THREATS BitDefender Internet Security script code execution attempt || cve,2009-0850
|
16303
|
+
17779 || DELETED SPECIFIC-THREATS Adobe RoboHelp r0 SQL injection attempt || cve,2008-2991
|
16304
|
+
17780 || SPECIFIC-THREATS CBO CBL CBM buffer overflow attempt || bugtraq,13944 || cve,2005-1212 || cve,2006-3448 || nessus,18492 || url,www.microsoft.com/technet/security/Bulletin/MS07-005.mspx || url,www.microsoft.com/technet/security/bulletin/MS05-031.mspx
|
16305
|
+
17781 || SPECIFIC-THREATS Microsoft Internet Explorer createTextRange code execution attempt || bugtraq,17196 || cve,2006-1359
|
16306
|
+
17782 || SCADA Modbus write multiple registers from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
16307
|
+
17783 || SCADA Modbus write single register from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
16308
|
+
17784 || SCADA Modbus write single coil from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
16309
|
+
17785 || SCADA Modbus write multiple coils from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
16310
|
+
17786 || SCADA Modbus write file record from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
16311
|
+
17787 || SCADA Modbus read discrete inputs from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
16312
|
+
17788 || SCADA Modbus read coils from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
16313
|
+
17789 || SCADA Modbus read input register from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
16314
|
+
17790 || SCADA Modbus read holding registers from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
16315
|
+
17791 || SCADA Modbus read/write multiple registers from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
16316
|
+
17792 || SCADA Modbus read fifo queue from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
16317
|
+
17793 || SCADA Modbus read file record from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
16318
|
+
17794 || SCADA Modbus read exception status from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
16319
|
+
17795 || SCADA Modbus initiate diagnostic from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
16320
|
+
17796 || SCADA Modbus get com event counter from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
16321
|
+
17797 || SCADA Modbus get com event log from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
16322
|
+
17798 || SCADA Modbus report slave id from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
16323
|
+
17799 || SCADA Modbus read device identification from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
16324
|
+
17800 || SCADA Modbus mask write register from external source || url,www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf
|
16325
|
+
17801 || WEB-CLIENT Director Movie File Embeded
|
16326
|
+
17802 || WEB-CLIENT Director Movie File Download
|
16327
|
+
17803 || WEB-CLIENT Adobe Shockwave Director rcsL chunk memory corruption attempt || bugtraq,42682 || cve,2010-2873 || url,www.adobe.com/support/security/bulletins/apsb10-20.html
|
16328
|
+
17804 || WEB-CLIENT Mozilla Firefox html tag attributes memory corruption || cve,2010-3765
|
16329
|
+
17805 || SPYWARE-PUT Worm.Win32.Neeris.BF contact to server attempt || url,www.virustotal.com/latest-report.html?resource=968470dd871f3047cf48b23f0c83985f
|
16330
|
+
17806 || SPECIFIC-THREATS Adobe Shockwave Director rcsL chunk remote code execution attempt || bugtraq,44291 || cve,2010-3653
|
16331
|
+
17807 || SPECIFIC-THREATS Adobe Shockwave Director rcsL chunk remote code execution attempt || bugtraq,44291 || cve,2010-3653
|
16332
|
+
17808 || SPECIFIC-THREATS Adobe Flash authplay.dll memory corruption attempt || cve,2010-3654 || url,www.adobe.com/support/security/advisories/apsa10-05.html
|
16333
|
+
17809 || WEB-CLIENT quicktime movie file transfer
|
16334
|
+
17810 || WEB-MISC potential malware - download of server32.exe || url,en.wikipedia.org/wiki/Zeus_(trojan_horse)
|
16335
|
+
17811 || WEB-MISC potential malware - download of svchost.exe
|
16336
|
+
17812 || WEB-MISC potential malware - download of iexplore.exe
|
16337
|
+
17813 || WEB-MISC potential malware - download of iprinp.dll
|
16338
|
+
17814 || WEB-MISC potential malware - download of winzf32.dll
|
16339
|
+
17815 || SPYWARE-PUT Thinkpoint fake antivirus - user display || url,www.symantec.com/security_response/writeup.jsp?docid=2010-090610-2408-99
|
16340
|
+
17816 || SPYWARE-PUT Thinkpoint fake antivirus - credit card submission || url,www.symantec.com/security_response/writeup.jsp?docid=2010-090610-2408-99
|
16341
|
+
17817 || SPECIFIC-THREATS Thinkpoint fake antivirus binary download || url,www.symantec.com/security_response/writeup.jsp?docid=2010-090610-2408-99
|
16342
|
+
17818 || BLACKLIST DNS request for known malware domain ktr.t134.net || url,labs.snort.org/docs/17818.html
|
16343
|
+
17819 || BLACKLIST DNS request for known malware domain motuh.com || url,labs.snort.org/docs/17819.html
|
16344
|
+
17820 || BLACKLIST DNS request for known malware domain myanimalclips.com || url,labs.snort.org/docs/17820.html
|
16345
|
+
17821 || BLACKLIST DNS request for known malware domain ketsymbol.com || url,labs.snort.org/docs/17821.html
|
16346
|
+
17822 || BLACKLIST DNS request for known malware domain ics.hotbar.com || url,labs.snort.org/docs/17822.html
|
16347
|
+
17823 || BLACKLIST DNS request for known malware domain www.myroitracking.com || url,labs.snort.org/docs/17823.html
|
16348
|
+
17824 || BLACKLIST DNS request for known malware domain teenxmovs.net || url,labs.snort.org/docs/17824.html
|
16349
|
+
17825 || BLACKLIST DNS request for known malware domain px.smowtion.com || url,labs.snort.org/docs/17825.html
|
16350
|
+
17826 || BLACKLIST DNS request for known malware domain cheaps1.info || url,labs.snort.org/docs/17826.html
|
16351
|
+
17827 || BLACKLIST DNS request for known malware domain sexmoviesland.net || url,labs.snort.org/docs/17827.html
|
16352
|
+
17828 || BLACKLIST DNS request for known malware domain 67.201.36.16 || url,labs.snort.org/docs/17828.html
|
16353
|
+
17829 || BLACKLIST DNS request for known malware domain c7.zxxds.net || url,labs.snort.org/docs/17829.html
|
16354
|
+
17830 || BLACKLIST DNS request for known malware domain dickvsclit.net || url,labs.snort.org/docs/17830.html
|
16355
|
+
17831 || BLACKLIST DNS request for known malware domain edrichfinearts.com || url,labs.snort.org/docs/17831.html
|
16356
|
+
17832 || BLACKLIST DNS request for known malware domain img100.xvideos.com || url,labs.snort.org/docs/17832.html
|
16357
|
+
17833 || BLACKLIST DNS request for known malware domain www.dsnextgen.com || url,labs.snort.org/docs/17833.html
|
16358
|
+
17834 || BLACKLIST DNS request for known malware domain 343.boolans.com || url,labs.snort.org/docs/17834.html
|
16359
|
+
17835 || BLACKLIST DNS request for known malware domain xpresdnet.com || url,labs.snort.org/docs/17835.html
|
16360
|
+
17836 || BLACKLIST DNS request for known malware domain gbsup.com || url,labs.snort.org/docs/17836.html
|
16361
|
+
17837 || BLACKLIST DNS request for known malware domain xxsmovies.com || url,labs.snort.org/docs/17837.html
|
16362
|
+
17838 || BLACKLIST DNS request for known malware domain vc.iwriteweb.com || url,labs.snort.org/docs/17838.html
|
16363
|
+
17839 || BLACKLIST DNS request for known malware domain js.222233.com || url,labs.snort.org/docs/17839.html
|
16364
|
+
17840 || BLACKLIST DNS request for known malware domain www.grannyplanet.com || url,labs.snort.org/docs/17840.html
|
16365
|
+
17841 || BLACKLIST DNS request for known malware domain coop.crwdcntrl.net || url,labs.snort.org/docs/17841.html
|
16366
|
+
17842 || BLACKLIST DNS request for known malware domain extrahotx.net || url,labs.snort.org/docs/17842.html
|
16367
|
+
17843 || BLACKLIST DNS request for known malware domain extralargevideos.com || url,labs.snort.org/docs/17843.html
|
16368
|
+
17844 || BLACKLIST DNS request for known malware domain www.derquda.com || url,labs.snort.org/docs/17844.html
|
16369
|
+
17845 || BLACKLIST DNS request for known malware domain aahydrogen.com || url,labs.snort.org/docs/17845.html
|
16370
|
+
17846 || BLACKLIST DNS request for known malware domain trumpetlicks.com || url,labs.snort.org/docs/17846.html
|
16371
|
+
17847 || BLACKLIST DNS request for known malware domain mskla.com || url,labs.snort.org/docs/17847.html
|
16372
|
+
17848 || BLACKLIST DNS request for known malware domain play.unionsky.cn || url,labs.snort.org/docs/17848.html
|
16373
|
+
17849 || BLACKLIST DNS request for known malware domain fuckersucker.com || url,labs.snort.org/docs/17849.html
|
16374
|
+
17850 || BLACKLIST DNS request for known malware domain pornfucklist.com || url,labs.snort.org/docs/17850.html
|
16375
|
+
17851 || BLACKLIST DNS request for known malware domain game.685faiudeme.com || url,labs.snort.org/docs/17851.html
|
16376
|
+
17852 || BLACKLIST DNS request for known malware domain 447.cc || url,labs.snort.org/docs/17852.html
|
16377
|
+
17853 || BLACKLIST DNS request for known malware domain dommonview.com || url,labs.snort.org/docs/17853.html
|
16378
|
+
17854 || BLACKLIST DNS request for known malware domain www.lamiaexragazza.com || url,labs.snort.org/docs/17854.html
|
16379
|
+
17855 || BLACKLIST DNS request for known malware domain acofinder.com || url,labs.snort.org/docs/17855.html
|
16380
|
+
17856 || BLACKLIST DNS request for known malware domain fuckfuckvids.com || url,labs.snort.org/docs/17856.html
|
16381
|
+
17857 || BLACKLIST DNS request for known malware domain www.cnhack.cn || url,labs.snort.org/docs/17857.html
|
16382
|
+
17858 || BLACKLIST DNS request for known malware domain kingsizematures.com || url,labs.snort.org/docs/17858.html
|
16383
|
+
17859 || BLACKLIST DNS request for known malware domain promotds.com || url,labs.snort.org/docs/17859.html
|
16384
|
+
17860 || BLACKLIST DNS request for known malware domain mejac.com || url,labs.snort.org/docs/17860.html
|
16385
|
+
17861 || BLACKLIST DNS request for known malware domain zq2.9wee.com || url,labs.snort.org/docs/17861.html
|
16386
|
+
17862 || BLACKLIST DNS request for known malware domain 122.770304123.cn || url,labs.snort.org/docs/17862.html
|
16387
|
+
17863 || BLACKLIST DNS request for known malware domain rpt2.21civ.com || url,labs.snort.org/docs/17863.html
|
16388
|
+
17864 || BLACKLIST DNS request for known malware domain tubexxxmatures.com || url,labs.snort.org/docs/17864.html
|
16389
|
+
17865 || BLACKLIST DNS request for known malware domain 110.770304123.cn || url,labs.snort.org/docs/17865.html
|
16390
|
+
17866 || BLACKLIST DNS request for known malware domain aebankonline.com || url,labs.snort.org/docs/17866.html
|
16391
|
+
17867 || BLACKLIST DNS request for known malware domain utm.trk.myfuncards.com || url,labs.snort.org/docs/17867.html
|
16392
|
+
17868 || BLACKLIST DNS request for known malware domain a.qq2233.com || url,labs.snort.org/docs/17868.html
|
16393
|
+
17869 || BLACKLIST DNS request for known malware domain px.mgplatform.com || url,labs.snort.org/docs/17869.html
|
16394
|
+
17870 || BLACKLIST DNS request for known malware domain trojan8.com || url,labs.snort.org/docs/17870.html
|
16395
|
+
17871 || BLACKLIST DNS request for known malware domain brutalxvideos.com || url,labs.snort.org/docs/17871.html
|
16396
|
+
17872 || BLACKLIST DNS request for known malware domain www3.sexown.com || url,labs.snort.org/docs/17872.html
|
16397
|
+
17873 || BLACKLIST DNS request for known malware domain mummimpegs.com || url,labs.snort.org/docs/17873.html
|
16398
|
+
17874 || BLACKLIST DNS request for known malware domain f19dd4abb8b8bdf2.cn || url,labs.snort.org/docs/17874.html
|
16399
|
+
17875 || BLACKLIST DNS request for known malware domain www.very-young-boys.com || url,labs.snort.org/docs/17875.html
|
16400
|
+
17876 || BLACKLIST DNS request for known malware domain 91629.com || url,labs.snort.org/docs/17876.html
|
16401
|
+
17877 || BLACKLIST DNS request for known malware domain animal36.com || url,labs.snort.org/docs/17877.html
|
16402
|
+
17878 || BLACKLIST DNS request for known malware domain ayb.host127-0-0-1.com || url,labs.snort.org/docs/17878.html
|
16403
|
+
17879 || BLACKLIST DNS request for known malware domain cfg.353wanwan.com || url,labs.snort.org/docs/17879.html
|
16404
|
+
17880 || BLACKLIST DNS request for known malware domain www.027dj.com || url,labs.snort.org/docs/17880.html
|
16405
|
+
17881 || BLACKLIST DNS request for known malware domain fucktosky.com || url,labs.snort.org/docs/17881.html
|
16406
|
+
17882 || BLACKLIST DNS request for known malware domain procca.com || url,labs.snort.org/docs/17882.html
|
16407
|
+
17883 || BLACKLIST DNS request for known malware domain autouploaders.net || url,labs.snort.org/docs/17883.html
|
16408
|
+
17884 || BLACKLIST DNS request for known malware domain gimmemyporn.com || url,labs.snort.org/docs/17884.html
|
16409
|
+
17885 || BLACKLIST DNS request for known malware domain waytoall.com || url,labs.snort.org/docs/17885.html
|
16410
|
+
17886 || BLACKLIST DNS request for known malware domain www.spamature.com || url,labs.snort.org/docs/17886.html
|
16411
|
+
17887 || BLACKLIST DNS request for known malware domain info.collectionerrorreport.com || url,labs.snort.org/docs/17887.html
|
16412
|
+
17888 || BLACKLIST DNS request for known malware domain bn.xp1.ru4.com || url,labs.snort.org/docs/17888.html
|
16413
|
+
17889 || BLACKLIST DNS request for known malware domain www.ajie520.com || url,labs.snort.org/docs/17889.html
|
16414
|
+
17890 || BLACKLIST DNS request for known malware domain 114search1.118114.cn || url,labs.snort.org/docs/17890.html
|
16415
|
+
17891 || BLACKLIST DNS request for known malware domain bestkind.ru || url,labs.snort.org/docs/17891.html
|
16416
|
+
17892 || BLACKLIST DNS request for known malware domain clickpotato.tv || url,labs.snort.org/docs/17892.html
|
16417
|
+
17893 || BLACKLIST DNS request for known malware domain www.zxc0001.com || url,labs.snort.org/docs/17893.html
|
16418
|
+
17894 || BLACKLIST DNS request for known malware domain streq.cn || url,labs.snort.org/docs/17894.html
|
16419
|
+
17895 || BLACKLIST DNS request for known malware domain pyow.prixi-soft.ir || url,labs.snort.org/docs/17895.html
|
16420
|
+
17896 || BLACKLIST DNS request for known malware domain 113552url.cptgt.com || url,labs.snort.org/docs/17896.html
|
16421
|
+
17897 || BLACKLIST DNS request for known malware domain www.moneytw8.com || url,labs.snort.org/docs/17897.html
|
16422
|
+
17898 || BLACKLIST URI request for known malicious URI - /get2.php?c=VTOXUGUI&d=26606B6739343F216560 || url,labs.snort.org/docs/17898.html
|
16423
|
+
17899 || BLACKLIST URI request for known malicious URI - /reques0.asp?kind=006&mac= || url,labs.snort.org/docs/17899.html
|
16424
|
+
17900 || BLACKLIST URI request for known malicious URI - /basic/cn3c2/c.*dll || url,labs.snort.org/docs/17900.html
|
16425
|
+
17901 || BLACKLIST URI request for known malicious URI - /mybackup21.rar || url,labs.snort.org/docs/17901.html
|
16426
|
+
17902 || BLACKLIST URI request for known malicious URI - /?getexe=loader.exe || url,labs.snort.org/docs/17902.html
|
16427
|
+
17903 || BLACKLIST URI request for known malicious URI - stid= || url,labs.snort.org/docs/17903.html
|
16428
|
+
17904 || BLACKLIST URI request for known malicious URI - /tongji.js || url,labs.snort.org/docs/17904.html
|
16429
|
+
17905 || BLACKLIST URI request for known malicious URI - 1de49069b6044785e9dfcd4c035cfd0c.php || url,labs.snort.org/docs/17905.html
|
16430
|
+
17906 || BLACKLIST URI request for known malicious URI - 2x/.*php || url,labs.snort.org/docs/17906.html
|
16431
|
+
17907 || BLACKLIST URI request for known malicious URI - /MNG/Download/?File=AZF|DATADIR|Download || url,labs.snort.org/docs/17907.html
|
16432
|
+
17908 || BLACKLIST URI request for known malicious URI - /images/crypt_22.exe || url,labs.snort.org/docs/17908.html
|
16433
|
+
17909 || BLACKLIST URI request for known malicious URI - /images/css/1.exe || url,labs.snort.org/docs/17909.html
|
16434
|
+
17910 || BLACKLIST URI request for known malicious URI - /7xdown.exe || url,labs.snort.org/docs/17910.html
|
16435
|
+
17911 || BLACKLIST URI request for known malicious URI - /winhelper.exe || url,labs.snort.org/docs/17911.html
|
16436
|
+
17912 || BLACKLIST URI request for known malicious URI - /upopwin/count.asp?mac= || url,labs.snort.org/docs/17912.html
|
16437
|
+
17913 || BLACKLIST URI request for known malicious URI - /ok.exe || url,labs.snort.org/docs/17913.html
|
16438
|
+
17914 || BLACKLIST URI request for known malicious URI - /LjBin/Bin.Dll || url,labs.snort.org/docs/17914.html
|
16439
|
+
17915 || BLACKLIST URI request for known malicious URI - /1001ns/cfg3n.bin || url,labs.snort.org/docs/17915.html
|
16440
|
+
17916 || BLACKLIST URI request for known malicious URI - /dh/stats.bin || url,labs.snort.org/docs/17916.html
|
16441
|
+
17917 || BLACKLIST URI request for known malicious URI - /zeus/config.bin || url,labs.snort.org/docs/17917.html
|
16442
|
+
17918 || PHISHING-SPAM aaof.onlinelewiss22r.ru known spam email attempt
|
16443
|
+
17919 || PHISHING-SPAM akiq.onlinetommie54y.ru known spam email attempt
|
16444
|
+
17920 || PHISHING-SPAM aobuii.onlinelewiss22r.ru known spam email attempt
|
16445
|
+
17921 || PHISHING-SPAM argue.medrayner44c.ru known spam email attempt
|
16446
|
+
17922 || PHISHING-SPAM ava.refilleldredge89r.ru known spam email attempt
|
16447
|
+
17923 || PHISHING-SPAM axoseb.medicdrugsxck.ru known spam email attempt
|
16448
|
+
17924 || PHISHING-SPAM azo.onlinetommie54y.ru known spam email attempt
|
16449
|
+
17925 || PHISHING-SPAM back.pharmroyce83b.ru known spam email attempt
|
16450
|
+
17926 || PHISHING-SPAM by.pharmroyce83b.ru known spam email attempt
|
16451
|
+
17927 || PHISHING-SPAM cardinals.refilldud86o.ru known spam email attempt
|
16452
|
+
17928 || PHISHING-SPAM chemist.onlineruggiero33q.ru known spam email attempt
|
16453
|
+
17929 || PHISHING-SPAM chula.pharmroyce83b.ru known spam email attempt
|
16454
|
+
17930 || PHISHING-SPAM classification.refillreade47j.ru known spam email attempt
|
16455
|
+
17931 || PHISHING-SPAM compensate.refilldud86o.ru known spam email attempt
|
16456
|
+
17932 || PHISHING-SPAM cswjlxey.ru known spam email attempt
|
16457
|
+
17933 || PHISHING-SPAM current.refillreade47j.ru known spam email attempt
|
16458
|
+
17934 || PHISHING-SPAM cyacaz.pilltodd73p.ru known spam email attempt
|
16459
|
+
17935 || PHISHING-SPAM deepcenter.ru known spam email attempt
|
16460
|
+
17936 || PHISHING-SPAM delegate.refillreade47j.ru known spam email attempt
|
16461
|
+
17937 || PHISHING-SPAM diet.medrayner44c.ru known spam email attempt
|
16462
|
+
17938 || PHISHING-SPAM direct.refillreade47j.ru known spam email attempt
|
16463
|
+
17939 || PHISHING-SPAM divyo.pillking74s.ru known spam email attempt
|
16464
|
+
17940 || PHISHING-SPAM drugsgeorge65g.ru known spam email attempt
|
16465
|
+
17941 || PHISHING-SPAM dux.erectnoll24k.ru known spam email attempt
|
16466
|
+
17942 || PHISHING-SPAM dypoh.erectjefferey85n.ru known spam email attempt
|
16467
|
+
17943 || PHISHING-SPAM eaihar.refilleldredge89r.ru known spam email attempt
|
16468
|
+
17944 || PHISHING-SPAM eeez.onlinehamel83i.ru known spam email attempt
|
16469
|
+
17945 || PHISHING-SPAM egi.refilleldredge89r.ru known spam email attempt
|
16470
|
+
17946 || PHISHING-SPAM ehyw.cumedicdrugsx.ru known spam email attempt
|
16471
|
+
17947 || PHISHING-SPAM eka.onlinehamel83i.ru known spam email attempt
|
16472
|
+
17948 || PHISHING-SPAM election.refillreade47j.ru known spam email attempt
|
16473
|
+
17949 || PHISHING-SPAM elik.drugslevy46b.ru known spam email attempt
|
16474
|
+
17950 || PHISHING-SPAM epeno.onlinelewiss22r.ru known spam email attempt
|
16475
|
+
17951 || PHISHING-SPAM erectgodart30s.ru known spam email attempt
|
16476
|
+
17952 || PHISHING-SPAM erol.camedicdrugsx.ru known spam email attempt
|
16477
|
+
17953 || PHISHING-SPAM exa.drugslevy46b.ru known spam email attempt
|
16478
|
+
17954 || PHISHING-SPAM eyu.onlinehamel83i.ru known spam email attempt
|
16479
|
+
17955 || PHISHING-SPAM fashionchannel.ru known spam email attempt
|
16480
|
+
17956 || PHISHING-SPAM fauxy.pillking74s.ru known spam email attempt
|
16481
|
+
17957 || PHISHING-SPAM food.refillreade47j.ru known spam email attempt
|
16482
|
+
17958 || PHISHING-SPAM generality.onlinehill21q.ru known spam email attempt
|
16483
|
+
17959 || PHISHING-SPAM goyry.ramedicdrugsx.ru known spam email attempt
|
16484
|
+
17960 || PHISHING-SPAM gueepa.erectnoll24k.ru known spam email attempt
|
16485
|
+
17961 || PHISHING-SPAM has.refillreade47j.ru known spam email attempt
|
16486
|
+
17962 || PHISHING-SPAM have.medrayner44c.ru known spam email attempt
|
16487
|
+
17963 || PHISHING-SPAM headtest.ru known spam email attempt
|
16488
|
+
17964 || PHISHING-SPAM huhuh.pilltodd73p.ru known spam email attempt
|
16489
|
+
17965 || PHISHING-SPAM hyem.pilltodd73p.ru known spam email attempt
|
16490
|
+
17966 || PHISHING-SPAM icysa.refilleldredge89r.ru known spam email attempt
|
16491
|
+
17967 || PHISHING-SPAM iiy.refilleldredge89r.ru known spam email attempt
|
16492
|
+
17968 || PHISHING-SPAM iki.onlinetommie54y.ru known spam email attempt
|
16493
|
+
17969 || PHISHING-SPAM iner.medicdrugsxdl.ru known spam email attempt
|
16494
|
+
17970 || PHISHING-SPAM in.onlinehill21q.ru known spam email attempt
|
16495
|
+
17971 || PHISHING-SPAM intelpost.ru known spam email attempt
|
16496
|
+
17972 || PHISHING-SPAM inunuw.medicdrugsxpo.ru known spam email attempt
|
16497
|
+
17973 || PHISHING-SPAM ipiig.drugslevy46b.ru known spam email attempt
|
16498
|
+
17974 || PHISHING-SPAM iqor.pilltodd73p.ru known spam email attempt
|
16499
|
+
17975 || PHISHING-SPAM is.medrayner44c.ru known spam email attempt
|
16500
|
+
17976 || PHISHING-SPAM itaca.erectnoll24k.ru known spam email attempt
|
16501
|
+
17977 || PHISHING-SPAM ive.pilltodd73p.ru known spam email attempt
|
16502
|
+
17978 || PHISHING-SPAM iweqyz.erectjefferey85n.ru known spam email attempt
|
16503
|
+
17979 || PHISHING-SPAM iycyde.medicdrugsxco.ru known spam email attempt
|
16504
|
+
17980 || PHISHING-SPAM iyw.refilleldredge89r.ru known spam email attempt
|
16505
|
+
17981 || PHISHING-SPAM jaecoh.erectnoll24k.ru known spam email attempt
|
16506
|
+
17982 || PHISHING-SPAM jael.pillking74s.ru known spam email attempt
|
16507
|
+
17983 || PHISHING-SPAM jex.remedicdrugsx.ru known spam email attempt
|
16508
|
+
17984 || PHISHING-SPAM john.onlinehill21q.ru known spam email attempt
|
16509
|
+
17985 || PHISHING-SPAM joseph.refillreade47j.ru known spam email attempt
|
16510
|
+
17986 || PHISHING-SPAM jyn.medicdrugsxdl.ru known spam email attempt
|
16511
|
+
17987 || PHISHING-SPAM jyzyv.refilleldredge89r.ru known spam email attempt
|
16512
|
+
17988 || PHISHING-SPAM koosaf.erectnoll24k.ru known spam email attempt
|
16513
|
+
17989 || PHISHING-SPAM lybah.pilltodd73p.ru known spam email attempt
|
16514
|
+
17990 || PHISHING-SPAM manila.onlinephilbert42f.ru known spam email attempt
|
16515
|
+
17991 || PHISHING-SPAM masa.erectjefferey85n.ru known spam email attempt
|
16516
|
+
17992 || PHISHING-SPAM medpenny17j.ru known spam email attempt
|
16517
|
+
17993 || PHISHING-SPAM minionspre.ru known spam email attempt
|
16518
|
+
17994 || PHISHING-SPAM nazuwu.onlinelewiss22r.ru known spam email attempt
|
16519
|
+
17995 || PHISHING-SPAM negotiations.refilldud86o.ru known spam email attempt
|
16520
|
+
17996 || PHISHING-SPAM niqiv.erectjefferey85n.ru known spam email attempt
|
16521
|
+
17997 || PHISHING-SPAM odimys.medicdrugsxlb.ru known spam email attempt
|
16522
|
+
17998 || PHISHING-SPAM odoog.onlinelewiss22r.ru known spam email attempt
|
16523
|
+
17999 || PHISHING-SPAM oekaka.aimedicdrugsx.ru known spam email attempt
|
16524
|
+
18000 || PHISHING-SPAM oeqio.erectnoll24k.ru known spam email attempt
|
16525
|
+
18001 || PHISHING-SPAM of.onlinephilbert42f.ru known spam email attempt
|
16526
|
+
18002 || PHISHING-SPAM of.refilldud86o.ru known spam email attempt
|
16527
|
+
18003 || PHISHING-SPAM of.refillreade47j.ru known spam email attempt
|
16528
|
+
18004 || PHISHING-SPAM oipek.onlinehamel83i.ru known spam email attempt
|
16529
|
+
18005 || PHISHING-SPAM oji.medicdrugsxto.ru known spam email attempt
|
16530
|
+
18006 || PHISHING-SPAM onotye.onlinelewiss22r.ru known spam email attempt
|
16531
|
+
18007 || PHISHING-SPAM opy.erectjefferey85n.ru known spam email attempt
|
16532
|
+
18008 || PHISHING-SPAM orderbuzz.ru known spam email attempt
|
16533
|
+
18009 || PHISHING-SPAM ouu.almedicdrugsx.ru known spam email attempt
|
16534
|
+
18010 || PHISHING-SPAM oxuc.pillking74s.ru known spam email attempt
|
16535
|
+
18011 || PHISHING-SPAM pillrolfe64l.ru known spam email attempt
|
16536
|
+
18012 || PHISHING-SPAM recently.refilldud86o.ru known spam email attempt
|
16537
|
+
18013 || PHISHING-SPAM records.onlinephilbert42f.ru known spam email attempt
|
16538
|
+
18014 || PHISHING-SPAM reobaj.onlinehamel83i.ru known spam email attempt
|
16539
|
+
18015 || PHISHING-SPAM research.onlinehill21q.ru known spam email attempt
|
16540
|
+
18016 || PHISHING-SPAM returning.refillreade47j.ru known spam email attempt
|
16541
|
+
18017 || PHISHING-SPAM right.refillreade47j.ru known spam email attempt
|
16542
|
+
18018 || PHISHING-SPAM riwaro.erectjefferey85n.ru known spam email attempt
|
16543
|
+
18019 || PHISHING-SPAM ruuav.erectnoll24k.ru known spam email attempt
|
16544
|
+
18020 || PHISHING-SPAM ryhux.medicdrugsxpa.ru known spam email attempt
|
16545
|
+
18021 || PHISHING-SPAM software-buyshop-7.ru known spam email attempt
|
16546
|
+
18022 || PHISHING-SPAM specialyou.ru known spam email attempt
|
16547
|
+
18023 || PHISHING-SPAM starring.pharmroyce83b.ru known spam email attempt
|
16548
|
+
18024 || PHISHING-SPAM store-softwarebuy-7.ru known spam email attempt
|
16549
|
+
18025 || PHISHING-SPAM sya.onlinehamel83i.ru known spam email attempt
|
16550
|
+
18026 || PHISHING-SPAM tabdarin80s.ru known spam email attempt
|
16551
|
+
18027 || PHISHING-SPAM tabgordan13n.ru known spam email attempt
|
16552
|
+
18028 || PHISHING-SPAM tablangston19a.ru known spam email attempt
|
16553
|
+
18029 || PHISHING-SPAM tabwebster77c.ru known spam email attempt
|
16554
|
+
18030 || PHISHING-SPAM tanuen.dimedicdrugsx.ru known spam email attempt
|
16555
|
+
18031 || PHISHING-SPAM the.onlinehill21q.ru known spam email attempt
|
16556
|
+
18032 || PHISHING-SPAM the.onlineruggiero33q.ru known spam email attempt
|
16557
|
+
18033 || PHISHING-SPAM to.medrayner44c.ru known spam email attempt
|
16558
|
+
18034 || PHISHING-SPAM trails.pharmroyce83b.ru known spam email attempt
|
16559
|
+
18035 || PHISHING-SPAM trusting-me.ru known spam email attempt
|
16560
|
+
18036 || PHISHING-SPAM twodays.ru known spam email attempt
|
16561
|
+
18037 || PHISHING-SPAM tyqaja.pilltodd73p.ru known spam email attempt
|
16562
|
+
18038 || PHISHING-SPAM uboi.onlinehamel83i.ru known spam email attempt
|
16563
|
+
18039 || PHISHING-SPAM uf.drugslevy46b.ru known spam email attempt
|
16564
|
+
18040 || PHISHING-SPAM uielij.pillking74s.ru known spam email attempt
|
16565
|
+
18041 || PHISHING-SPAM unasu.medicdrugsxto.ru known spam email attempt
|
16566
|
+
18042 || PHISHING-SPAM upazo.pilltodd73p.ru known spam email attempt
|
16567
|
+
18043 || PHISHING-SPAM utuqaj.pillking74s.ru known spam email attempt
|
16568
|
+
18044 || PHISHING-SPAM uuji.refilleldredge89r.ru known spam email attempt
|
16569
|
+
18045 || PHISHING-SPAM variation.refilldud86o.ru known spam email attempt
|
16570
|
+
18046 || PHISHING-SPAM via.refillreade47j.ru known spam email attempt
|
16571
|
+
18047 || PHISHING-SPAM voiceless.pharmroyce83b.ru known spam email attempt
|
16572
|
+
18048 || PHISHING-SPAM was.medrayner44c.ru known spam email attempt
|
16573
|
+
18049 || PHISHING-SPAM word.onlinephilbert42f.ru known spam email attempt
|
16574
|
+
18050 || PHISHING-SPAM world.onlinehill21q.ru known spam email attempt
|
16575
|
+
18051 || PHISHING-SPAM www.buhni.ru known spam email attempt
|
16576
|
+
18052 || PHISHING-SPAM www.visitcover.ru known spam email attempt
|
16577
|
+
18053 || PHISHING-SPAM xob.erectnoll24k.ru known spam email attempt
|
16578
|
+
18054 || PHISHING-SPAM ygy.onlinetommie54y.ru known spam email attempt
|
16579
|
+
18055 || PHISHING-SPAM yit.medicdrugsxor.ru known spam email attempt
|
16580
|
+
18056 || PHISHING-SPAM ylum.onlinelewiss22r.ru known spam email attempt
|
16581
|
+
18057 || PHISHING-SPAM ymyuto.onlinelewiss22r.ru known spam email attempt
|
16582
|
+
18058 || PHISHING-SPAM yomy.pillking74s.ru known spam email attempt
|
16583
|
+
18059 || PHISHING-SPAM yzugez.pillking74s.ru known spam email attempt
|
16584
|
+
18060 || PHISHING-SPAM zeroprices.ru known spam email attempt
|
16585
|
+
18061 || PHISHING-SPAM zueuz.onlinehamel83i.ru known spam email attempt
|
16586
|
+
18077 || SPECIFIC-THREATS Mozilla products CSS rendering out-of-bounds array write attempt || cve,2006-1739 || url,osvdb.org/show/osvdb/24660
|
16587
|
+
18078 || SPECIFIC-THREATS Mozilla products CSS rendering out-of-bounds array write attempt || cve,2006-1739 || url,osvdb.org/show/osvdb/24660
|
16588
|
+
18079 || BLACKLIST DNS request for known malware domain jsshmz.gotoip4.com
|
16589
|
+
18080 || BLACKLIST DNS request for known malware domain netrand.house.sina.com.cn
|
16590
|
+
18081 || BLACKLIST DNS request for known malware domain wenyixuan.3322.org
|
16591
|
+
18082 || BLACKLIST DNS request for known malware domain 3q.sbwanwan.com
|
16592
|
+
18083 || BLACKLIST DNS request for known malware domain 863.dclsba.com
|
16593
|
+
18084 || BLACKLIST DNS request for known malware domain drs317a.gotoip4.com
|
16594
|
+
18085 || BLACKLIST DNS request for known malware domain jsshmz.gotoip4.com
|
16595
|
+
18086 || BLACKLIST DNS request for known malware domain qq.sbwanwan.com
|
16596
|
+
18087 || BLACKLIST DNS request for known malware domain tiantianzaixian.gotoip1.com
|
16597
|
+
18088 || BLACKLIST DNS request for known malware domain wenyixuan.3322.org
|
16598
|
+
18089 || BLACKLIST DNS request for known malware domain www.auto328.com
|
16599
|
+
18090 || BLACKLIST DNS request for known malware domain www.comstelecom.com
|
16600
|
+
18091 || BLACKLIST DNS request for known malware domain www.goodfriends.or.kr
|
16601
|
+
18092 || BLACKLIST DNS request for known malware domain www.hao1345.com
|
16602
|
+
18093 || BLACKLIST DNS request for known malware domain www.opusgame.com
|
16603
|
+
18094 || BLACKLIST DNS request for known malware domain www.theoffstage.com
|
16604
|
+
18095 || BLACKLIST DNS request for known malware domain www.wwmei.com
|
16605
|
+
18096 || WEB-MISC Apache Tomcat username enumeration attempt || bugtraq,35196 || cve,2009-0580
|
16606
|
+
18097 || WEB-ACTIVEX VMWare Remote Console Plug-In ActiveX clsid access || cve,2009-3732
|
16607
|
+
18098 || BLACKLIST URI request for known malicious URI - /set/first.html || url,www.trustdefender.com/blog/2010/10/06/carberp-%E2%80%93-a-new-trojan-in-the-making/
|
16608
|
+
18099 || BLACKLIST URI request for known malicious URI - /cfg/*.plug || url,www.trustdefender.com/blog/2010/10/06/carberp-%E2%80%93-a-new-trojan-in-the-making/
|
16609
|
+
18100 || BOTNET-CNC Tidserv malware command and control channel traffic || url,www.threatexpert.com/report.aspx?uid=cffa846b-93ba-438d-8715-0665b6cd9627
|
16610
|
+
18103 || BLACKLIST DNS request for known malware domain 5yvod.net || cve,2010-3962
|
16611
|
+
18104 || BLACKLIST DNS request for known malware domain b.9s3.info || cve,2010-3962
|
16612
|
+
18105 || BLACKLIST DNS request for known malware domain baidutaobao.gotoip55.com || cve,2010-3962
|
16613
|
+
18106 || BLACKLIST DNS request for known malware domain e.msssm.com || cve,2010-3962
|
16614
|
+
18107 || BLACKLIST DNS request for known malware domain jsshmz.gotoip4.com || cve,2010-3962
|
16615
|
+
18108 || BLACKLIST DNS request for known malware domain phoroshop.es || cve,2010-3962
|
16616
|
+
18109 || BLACKLIST DNS request for known malware domain talk.cetizen.com || cve,2010-3962
|
16617
|
+
18110 || BLACKLIST DNS request for known malware domain tiantianzaixian.gotoip1.com || cve,2010-3962
|
16618
|
+
18111 || BLACKLIST DNS request for known malware domain v.9y9c.co.cc || cve,2010-3962
|
16619
|
+
18112 || BLACKLIST DNS request for known malware domain wenyixuan.3322.org. || cve,2010-3962
|
16620
|
+
18113 || BLACKLIST DNS request for known malware domain wusheng03.3322.org || cve,2010-3962
|
16621
|
+
18114 || BLACKLIST DNS request for known malware domain www.5fqq.com || cve,2010-3962
|
16622
|
+
18115 || BLACKLIST DNS request for known malware domain www.ajs2002.com || cve,2010-3962
|
16623
|
+
18116 || BLACKLIST DNS request for known malware domain www.bnbsoft.co.kr || cve,2010-3962
|
16624
|
+
18117 || BLACKLIST DNS request for known malware domain www.cineseoul.com || cve,2010-3962
|
16625
|
+
18118 || BLACKLIST DNS request for known malware domain www.hao1345.com || cve,2010-3962
|
16626
|
+
18119 || BLACKLIST DNS request for known malware domain www.ilbondrama.net || cve,2010-3962
|
16627
|
+
18120 || BLACKLIST DNS request for known malware domain www.iwebdy.net || cve,2010-3962
|
16628
|
+
18121 || BLACKLIST DNS request for known malware domain www.linzhiling123.com || cve,2010-3962
|
16629
|
+
18122 || BLACKLIST DNS request for known malware domain www.opusgame.com || cve,2010-3962
|
16630
|
+
18123 || BLACKLIST DNS request for known malware domain www.phoroshop.es || cve,2010-3962
|
16631
|
+
18124 || BLACKLIST DNS request for known malware domain www.sijianfeng.com || cve,2010-3962
|
16632
|
+
18125 || BLACKLIST DNS request for known malware domain www.tpydb.com || cve,2010-3962
|
16633
|
+
18126 || BLACKLIST DNS request for known malware domain www.tpydb.com || cve,2010-3962
|
16634
|
+
18127 || BLACKLIST DNS request for known malware domain www.univus.co.kr || cve,2010-3962
|
16635
|
+
18128 || BLACKLIST DNS request for known malware domain www.uwonderfull.com || cve,2010-3962
|
16636
|
+
18129 || BLACKLIST DNS request for known malware domain www.w22rt.com || cve,2010-3962
|
16637
|
+
18130 || BLACKLIST DNS request for known malware domain www.wwmei.com || cve,2010-3962
|
16638
|
+
18131 || BLACKLIST DNS request for known malware domain www.ybtour.co.kr || cve,2010-3962
|
16639
|
+
18132 || SPECIFIC-THREATS malware-associated JavaScript obfuscation function || url,labs.snort.org/docs/18132.html
|
16640
|
+
18133 || BLACKLIST DNS request for known malware domain www.001zs.com || cve,2010-3962
|
16641
|
+
18134 || BLACKLIST DNS request for known malware domain www.551sf.com || cve,2010-3962
|
16642
|
+
18135 || BLACKLIST DNS request for known malware domain www.555hd.com || cve,2010-3962
|
16643
|
+
18136 || BLACKLIST DNS request for known malware domain www.66xihu.com || cve,2010-3962
|
16644
|
+
18137 || BLACKLIST DNS request for known malware domain www.9292cs.cn || cve,2010-3962
|
16645
|
+
18138 || BLACKLIST DNS request for known malware domain www.chateaulegend.com || cve,2010-3962
|
16646
|
+
18139 || BLACKLIST DNS request for known malware domain www.china-aoben.com || cve,2010-3962
|
16647
|
+
18140 || BLACKLIST DNS request for known malware domain www.cqtjg.com || cve,2010-3962
|
16648
|
+
18141 || BLACKLIST DNS request for known malware domain www.dspenter.com || cve,2010-3962
|
16649
|
+
18142 || BLACKLIST DNS request for known malware domain www.eastadmin.com || cve,2010-3962
|
16650
|
+
18143 || BLACKLIST DNS request for known malware domain www.fp0755.cn || cve,2010-3962
|
16651
|
+
18144 || BLACKLIST DNS request for known malware domain www.fp0769.com || cve,2010-3962
|
16652
|
+
18145 || BLACKLIST DNS request for known malware domain www.fp360.net || cve,2010-3962
|
16653
|
+
18146 || BLACKLIST DNS request for known malware domain www.gdfp365.cn || cve,2010-3962
|
16654
|
+
18147 || BLACKLIST DNS request for known malware domain www.gev.cn || cve,2010-3962
|
16655
|
+
18148 || BLACKLIST DNS request for known malware domain www.haoleyou.com || cve,2010-3962
|
16656
|
+
18149 || BLACKLIST DNS request for known malware domain www.haosf08.com || cve,2010-3962
|
16657
|
+
18150 || BLACKLIST DNS request for known malware domain www.jxbaike.com || cve,2010-3962
|
16658
|
+
18151 || BLACKLIST DNS request for known malware domain www.kingsoftduba2009.com || cve,2010-3962
|
16659
|
+
18152 || BLACKLIST DNS request for known malware domain www.mainhu.com || cve,2010-3962
|
16660
|
+
18153 || BLACKLIST DNS request for known malware domain www.maoyiren.com || cve,2010-3962
|
16661
|
+
18154 || BLACKLIST DNS request for known malware domain www.nc57.com || cve,2010-3962
|
16662
|
+
18155 || BLACKLIST DNS request for known malware domain www.pplog.cn || cve,2010-3962
|
16663
|
+
18156 || BLACKLIST DNS request for known malware domain www.pxflm.com || cve,2010-3962
|
16664
|
+
18157 || BLACKLIST DNS request for known malware domain www.quyou365.com || cve,2010-3962
|
16665
|
+
18158 || BLACKLIST DNS request for known malware domain www.shzhaotian.cn || cve,2010-3962
|
16666
|
+
18159 || BLACKLIST DNS request for known malware domain www.soanala.com || cve,2010-3962
|
16667
|
+
18160 || BLACKLIST DNS request for known malware domain www.stony-skunk.com || cve,2010-3962
|
16668
|
+
18161 || BLACKLIST DNS request for known malware domain www.street08.com || cve,2010-3962
|
16669
|
+
18162 || BLACKLIST DNS request for known malware domain www.weilingcy.com || cve,2010-3962
|
16670
|
+
18163 || BLACKLIST DNS request for known malware domain www.yisaa.com || cve,2010-3962
|
16671
|
+
18164 || BLACKLIST DNS request for known malware domain www.yx240.com || cve,2010-3962
|
16672
|
+
18165 || BLACKLIST DNS request for known malware domain e.mssm.com || cve,2010-3962
|
16673
|
+
18166 || BLACKLIST DNS request for known malware domain dfgdd.9y6c.co.cc || cve,2010-3962
|
16674
|
+
18167 || WEB-CLIENT Possible generic javascript heap spray attempt || bugtraq,35660
|
16675
|
+
18168 || WEB-CLIENT Possible generic javascript heap spray attempt || bugtraq,35660
|
16676
|
+
18169 || WEB-ACTIVEX WinZip FileView 6.1 ActiveX function call unicode access || bugtraq,21060 || bugtraq,21108 || cve,2006-3890 || cve,2006-5198 || url,www.winzip.com/wz7245.htm
|
16677
|
+
18170 || SPECIFIC-THREATS Mozilla Firefox and SeaMonkey onUnload event handler memory corruption attempt || bugtraq,22679 || cve,2007-1092
|
16678
|
+
18171 || EXPLOIT Multiple product mailto uri handling code execution attempt || bugtraq,25053 || bugtraq,25945 || cve,2007-3845 || cve,2007-3896 || cve,2007-4041 || url,www.microsoft.com/technet/security/advisory/943521.mspx || url,www.microsoft.com/technet/security/bulletin/ms07-057.mspx
|
16679
|
+
18172 || EXPLOIT Multiple product mailto uri handling code execution attempt || bugtraq,25053 || bugtraq,25945 || cve,2007-3845 || cve,2007-3896 || cve,2007-4041 || url,www.microsoft.com/technet/security/advisory/943521.mspx || url,www.microsoft.com/technet/security/bulletin/ms07-057.mspx
|
16680
|
+
18173 || EXPLOIT Multiple product mailto uri handling code execution attempt || bugtraq,25053 || bugtraq,25945 || cve,2007-3845 || cve,2007-3896 || cve,2007-4041 || url,www.microsoft.com/technet/security/advisory/943521.mspx || url,www.microsoft.com/technet/security/bulletin/ms07-057.mspx
|
16681
|
+
18174 || SPECIFIC-THREATS Microsoft Internet Explorer CSS memory corruption attempt || bugtraq,10816 || cve,2004-0842
|
16682
|
+
18175 || SPECIFIC-THREATS Microsoft Internet Explorer CSS memory corruption attempt || bugtraq,10816 || cve,2004-0842
|
16683
|
+
18176 || SPECIFIC-THREATS Mozilla browsers memory corruption simultaneous XPCOM events code execution attempt || bugtraq,19197 || cve,2006-3113
|
16684
|
+
18177 || SPECIFIC-THREATS Mozilla browsers memory corruption simultaneous XPCOM events code execution attempt || bugtraq,19197 || cve,2006-3113
|
16685
|
+
18178 || SPECIFIC-THREATS Mozilla browsers memory corruption simultaneous XPCOM events code execution attempt || bugtraq,19197 || cve,2006-3113
|
16686
|
+
18179 || SCAN Proxyfire.net anonymous proxy scan || url,www.proxyfire.net/index.php
|
16687
|
+
18181 || SPECIFIC-THREATS ProFTPd 1.3.3c backdoor activity || url,sourceforge.net/mailarchive/message.php?msg_name=alpine.DEB.2.00.1012011542220.12930%40familiar.castaglia.org || url,xorl.wordpress.com/2010/12/02/news-proftpd-owned-and-backdoored/
|
16688
|
+
18182 || SPECIFIC-THREATS ProFTPd 1.3.3c backdoor help access attempt || url,sourceforge.net/mailarchive/message.php?msg_name=alpine.DEB.2.00.1012011542220.12930%40familiar.castaglia.org || url,xorl.wordpress.com/2010/12/02/news-proftpd-owned-and-backdoored/
|
16689
|
+
18183 || BLACKLIST DNS request for known malware domain mailzou.com || cve,2010-3962
|
16690
|
+
18184 || BLACKLIST DNS request for known malware domain dnf.gametime.co.kr || cve,2010-3962
|
16691
|
+
18185 || BLACKLIST DNS request for known malware domain www.dd0415.net || cve,2010-3962
|
16692
|
+
18186 || SPECIFIC-THREATS Mozilla products -moz-grid and -moz-grid-group display styles code execution attempt || bugtraq,17516 || cve,2006-1738
|
16693
|
+
18187 || SPECIFIC-THREATS Mozilla Firefox InstallTrigger.install memory corruption attempt || bugtraq,17516 || cve,2006-1790
|
16694
|
+
18188 || SPECIFIC-THREATS Multiple browser marquee tag denial of service attempt || bugtraq,18165 || cve,2006-2723
|
16695
|
+
18189 || NETBIOS DCERPC NCACN-IP-TCP netdfs NetrDfsEnum attempt || bugtraq,24198 || cve,2007-2446
|
16696
|
+
18190 || NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum attempt || bugtraq,24198 || cve,2007-2446
|
16697
|
+
18191 || NETBIOS DCERPC NCACN-IP-TCP netdfs NetrDfsEnum attempt || bugtraq,24198 || cve,2007-2446
|
16698
|
+
18192 || NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum attempt || bugtraq,24198 || cve,2007-2446
|
16699
|
+
18193 || SPECIFIC-THREATS Microsoft Internet Explorer cross domain information disclosure attempt || bugtraq,18682 || cve,2006-3280
|
16700
|
+
18194 || SPECIFIC-THREATS Microsoft Internet Explorer cross domain information disclosure attempt || bugtraq,18682 || cve,2006-3280
|
16701
|
+
18195 || SPECIFIC-THREATS SMB Negotiate Protocol response DoS attempt || cve,2009-3676 || url,www.microsoft.com/technet/security/bulletin/MS10-020.mspx
|
16702
|
+
18196 || WEB-CLIENT Microsoft Internet Explorer CSS importer use-after-free attempt || url,seclists.org/fulldisclosure/2010/Dec/110 || url,www.vupen.com/english/advisories/2010/3156
|
16703
|
+
18228 || DELETED WEB-MISC Microsoft FlashPix file download
|
16704
|
+
18232 || DELETED WEB-MISC Microsoft OpenType Font file download
|
16705
|
+
18234 || WEB-MISC QuickDraw/PICT file download request
|
16706
|
+
18239 || WEB-CLIENT known malicious JavaScript decryption routine
|
16707
|
+
18240 || WEB-CLIENT Microsoft Internet Explorer CSS importer use-after-free attempt || url,seclists.org/fulldisclosure/2010/Dec/110 || url,www.vupen.com/english/advisories/2010/3156
|
16708
|
+
18241 || WEB-ACTIVEX Microsoft WMI Administrator Tools Object Viewer ActiveX clsid access || url,secunia.com/advisories/42693/
|
16709
|
+
18242 || WEB-ACTIVEX Microsoft WMI Administrator Tools Object Viewer ActiveX function call access || url,secunia.com/advisories/42693/
|
16710
|
+
18243 || SPECIFIC-THREATS Microsoft Windows 7 IIS7.5 FTPSVC buffer overflow attempt || bugtraq,45542
|