Talos has added and modified multiple rules in the file-other, protocol-dns, server-apache and server-webapp rule sets to provide coverage for emerging threats from these technologies.
For information about Snort Subscriber Rulesets available for purchase, please visit the Snort product page.
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091701.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:57579 <-> DISABLED <-> PROTOCOL-DNS ISC BIND OPT record text format handling denial of service attempt (protocol-dns.rules) * 1:57580 <-> DISABLED <-> SERVER-APACHE Apache HTTP Server auth_ldap format string exploit attempt (server-apache.rules) * 3:57581 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (server-webapp.rules) * 3:57582 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (server-webapp.rules) * 3:57583 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (server-webapp.rules) * 3:57584 <-> ENABLED <-> SERVER-WEBAPP Cisco Modeling Labs command injection attempt (server-webapp.rules) * 3:57585 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57586 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57587 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57588 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57589 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57590 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57591 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57592 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57593 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57594 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57595 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57596 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57597 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57598 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57599 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57600 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57601 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57602 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57603 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57604 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules)
* 1:13520 <-> DISABLED <-> SERVER-OTHER Nullsoft Winamp Ultravox buffer overflow attempt (server-other.rules) * 1:13521 <-> DISABLED <-> SERVER-OTHER Nullsoft Winamp Ultravox buffer overflow attempt (server-other.rules) * 1:25276 <-> DISABLED <-> SERVER-OTHER Digium Asterisk oversized Content-Length memory corruption attempt (server-other.rules) * 1:29592 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules) * 1:51924 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getImage.php command injection attempt (server-webapp.rules) * 1:51925 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getImageMP4.php command injection attempt (server-webapp.rules) * 1:51926 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getSpiritsFromVideo.php command injection attempt (server-webapp.rules) * 3:46897 <-> ENABLED <-> SERVER-WEBAPP Cisco Adaptive Security Appliance directory traversal attempt (server-webapp.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091700.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:57580 <-> DISABLED <-> SERVER-APACHE Apache HTTP Server auth_ldap format string exploit attempt (server-apache.rules) * 1:57579 <-> DISABLED <-> PROTOCOL-DNS ISC BIND OPT record text format handling denial of service attempt (protocol-dns.rules) * 3:57595 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57596 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57598 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57581 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (server-webapp.rules) * 3:57597 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57599 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57583 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (server-webapp.rules) * 3:57582 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (server-webapp.rules) * 3:57585 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57588 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57584 <-> ENABLED <-> SERVER-WEBAPP Cisco Modeling Labs command injection attempt (server-webapp.rules) * 3:57589 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57590 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57591 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57592 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57593 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57594 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57587 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57602 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57600 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57601 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57603 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57586 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57604 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules)
* 1:13520 <-> DISABLED <-> SERVER-OTHER Nullsoft Winamp Ultravox buffer overflow attempt (server-other.rules) * 1:13521 <-> DISABLED <-> SERVER-OTHER Nullsoft Winamp Ultravox buffer overflow attempt (server-other.rules) * 1:25276 <-> DISABLED <-> SERVER-OTHER Digium Asterisk oversized Content-Length memory corruption attempt (server-other.rules) * 1:29592 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules) * 1:51924 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getImage.php command injection attempt (server-webapp.rules) * 1:51925 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getImageMP4.php command injection attempt (server-webapp.rules) * 1:51926 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getSpiritsFromVideo.php command injection attempt (server-webapp.rules) * 3:46897 <-> ENABLED <-> SERVER-WEBAPP Cisco Adaptive Security Appliance directory traversal attempt (server-webapp.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091601.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:57580 <-> DISABLED <-> SERVER-APACHE Apache HTTP Server auth_ldap format string exploit attempt (server-apache.rules) * 1:57579 <-> DISABLED <-> PROTOCOL-DNS ISC BIND OPT record text format handling denial of service attempt (protocol-dns.rules) * 3:57592 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57593 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57584 <-> ENABLED <-> SERVER-WEBAPP Cisco Modeling Labs command injection attempt (server-webapp.rules) * 3:57595 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57596 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57594 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57604 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57597 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57600 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57599 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57598 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57602 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57601 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57583 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (server-webapp.rules) * 3:57582 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (server-webapp.rules) * 3:57591 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57603 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57585 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57590 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57581 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (server-webapp.rules) * 3:57586 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57587 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57588 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57589 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules)
* 1:13521 <-> DISABLED <-> SERVER-OTHER Nullsoft Winamp Ultravox buffer overflow attempt (server-other.rules) * 1:13520 <-> DISABLED <-> SERVER-OTHER Nullsoft Winamp Ultravox buffer overflow attempt (server-other.rules) * 1:25276 <-> DISABLED <-> SERVER-OTHER Digium Asterisk oversized Content-Length memory corruption attempt (server-other.rules) * 1:51924 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getImage.php command injection attempt (server-webapp.rules) * 1:51925 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getImageMP4.php command injection attempt (server-webapp.rules) * 1:29592 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules) * 1:51926 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getSpiritsFromVideo.php command injection attempt (server-webapp.rules) * 3:46897 <-> ENABLED <-> SERVER-WEBAPP Cisco Adaptive Security Appliance directory traversal attempt (server-webapp.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091600.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:57579 <-> DISABLED <-> PROTOCOL-DNS ISC BIND OPT record text format handling denial of service attempt (protocol-dns.rules) * 1:57580 <-> DISABLED <-> SERVER-APACHE Apache HTTP Server auth_ldap format string exploit attempt (server-apache.rules) * 3:57592 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57589 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57583 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (server-webapp.rules) * 3:57581 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (server-webapp.rules) * 3:57601 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57604 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57586 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57585 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57593 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57596 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57587 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57590 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57600 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57588 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57582 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (server-webapp.rules) * 3:57584 <-> ENABLED <-> SERVER-WEBAPP Cisco Modeling Labs command injection attempt (server-webapp.rules) * 3:57602 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57599 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57603 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57598 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57594 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57595 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57597 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57591 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules)
* 1:13520 <-> DISABLED <-> SERVER-OTHER Nullsoft Winamp Ultravox buffer overflow attempt (server-other.rules) * 1:29592 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules) * 1:13521 <-> DISABLED <-> SERVER-OTHER Nullsoft Winamp Ultravox buffer overflow attempt (server-other.rules) * 1:51924 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getImage.php command injection attempt (server-webapp.rules) * 1:25276 <-> DISABLED <-> SERVER-OTHER Digium Asterisk oversized Content-Length memory corruption attempt (server-other.rules) * 1:51925 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getImageMP4.php command injection attempt (server-webapp.rules) * 1:51926 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getSpiritsFromVideo.php command injection attempt (server-webapp.rules) * 3:46897 <-> ENABLED <-> SERVER-WEBAPP Cisco Adaptive Security Appliance directory traversal attempt (server-webapp.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091501.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:57580 <-> DISABLED <-> SERVER-APACHE Apache HTTP Server auth_ldap format string exploit attempt (server-apache.rules) * 1:57579 <-> DISABLED <-> PROTOCOL-DNS ISC BIND OPT record text format handling denial of service attempt (protocol-dns.rules) * 3:57599 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57593 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57592 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57591 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57595 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57594 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57604 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57587 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57603 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57581 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (server-webapp.rules) * 3:57590 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57588 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57589 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57586 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57601 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57598 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57602 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57585 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57596 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57584 <-> ENABLED <-> SERVER-WEBAPP Cisco Modeling Labs command injection attempt (server-webapp.rules) * 3:57583 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (server-webapp.rules) * 3:57597 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57582 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (server-webapp.rules) * 3:57600 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules)
* 1:29592 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules) * 1:13520 <-> DISABLED <-> SERVER-OTHER Nullsoft Winamp Ultravox buffer overflow attempt (server-other.rules) * 1:51925 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getImageMP4.php command injection attempt (server-webapp.rules) * 1:25276 <-> DISABLED <-> SERVER-OTHER Digium Asterisk oversized Content-Length memory corruption attempt (server-other.rules) * 1:13521 <-> DISABLED <-> SERVER-OTHER Nullsoft Winamp Ultravox buffer overflow attempt (server-other.rules) * 1:51924 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getImage.php command injection attempt (server-webapp.rules) * 1:51926 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getSpiritsFromVideo.php command injection attempt (server-webapp.rules) * 3:46897 <-> ENABLED <-> SERVER-WEBAPP Cisco Adaptive Security Appliance directory traversal attempt (server-webapp.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091500.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:57579 <-> DISABLED <-> PROTOCOL-DNS ISC BIND OPT record text format handling denial of service attempt (protocol-dns.rules) * 1:57580 <-> DISABLED <-> SERVER-APACHE Apache HTTP Server auth_ldap format string exploit attempt (server-apache.rules) * 3:57595 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57596 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57597 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57599 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57604 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57598 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57601 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57588 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57592 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57589 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57603 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57585 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57593 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57587 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57581 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (server-webapp.rules) * 3:57584 <-> ENABLED <-> SERVER-WEBAPP Cisco Modeling Labs command injection attempt (server-webapp.rules) * 3:57591 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57590 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57600 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57594 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57586 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57582 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (server-webapp.rules) * 3:57602 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57583 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (server-webapp.rules)
* 1:29592 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules) * 1:13521 <-> DISABLED <-> SERVER-OTHER Nullsoft Winamp Ultravox buffer overflow attempt (server-other.rules) * 1:51924 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getImage.php command injection attempt (server-webapp.rules) * 1:51926 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getSpiritsFromVideo.php command injection attempt (server-webapp.rules) * 1:25276 <-> DISABLED <-> SERVER-OTHER Digium Asterisk oversized Content-Length memory corruption attempt (server-other.rules) * 1:13520 <-> DISABLED <-> SERVER-OTHER Nullsoft Winamp Ultravox buffer overflow attempt (server-other.rules) * 1:51925 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getImageMP4.php command injection attempt (server-webapp.rules) * 3:46897 <-> ENABLED <-> SERVER-WEBAPP Cisco Adaptive Security Appliance directory traversal attempt (server-webapp.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091401.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:57579 <-> DISABLED <-> PROTOCOL-DNS ISC BIND OPT record text format handling denial of service attempt (protocol-dns.rules) * 1:57580 <-> DISABLED <-> SERVER-APACHE Apache HTTP Server auth_ldap format string exploit attempt (server-apache.rules) * 3:57594 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57587 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57581 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (server-webapp.rules) * 3:57585 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57586 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57603 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57601 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57602 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57604 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57596 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57599 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57584 <-> ENABLED <-> SERVER-WEBAPP Cisco Modeling Labs command injection attempt (server-webapp.rules) * 3:57582 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (server-webapp.rules) * 3:57591 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57588 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57590 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57593 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57592 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57589 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57600 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57595 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57597 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57583 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (server-webapp.rules) * 3:57598 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules)
* 1:29592 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules) * 1:51925 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getImageMP4.php command injection attempt (server-webapp.rules) * 1:51924 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getImage.php command injection attempt (server-webapp.rules) * 1:51926 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getSpiritsFromVideo.php command injection attempt (server-webapp.rules) * 1:13521 <-> DISABLED <-> SERVER-OTHER Nullsoft Winamp Ultravox buffer overflow attempt (server-other.rules) * 1:25276 <-> DISABLED <-> SERVER-OTHER Digium Asterisk oversized Content-Length memory corruption attempt (server-other.rules) * 1:13520 <-> DISABLED <-> SERVER-OTHER Nullsoft Winamp Ultravox buffer overflow attempt (server-other.rules) * 3:46897 <-> ENABLED <-> SERVER-WEBAPP Cisco Adaptive Security Appliance directory traversal attempt (server-webapp.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091300.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:57579 <-> DISABLED <-> PROTOCOL-DNS ISC BIND OPT record text format handling denial of service attempt (protocol-dns.rules) * 1:57580 <-> DISABLED <-> SERVER-APACHE Apache HTTP Server auth_ldap format string exploit attempt (server-apache.rules) * 3:57584 <-> ENABLED <-> SERVER-WEBAPP Cisco Modeling Labs command injection attempt (server-webapp.rules) * 3:57601 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57592 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57591 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57587 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57585 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57604 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57602 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57595 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57598 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57581 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (server-webapp.rules) * 3:57600 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57582 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (server-webapp.rules) * 3:57596 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57590 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57594 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57589 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57603 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57593 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57583 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (server-webapp.rules) * 3:57599 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57588 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57586 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57597 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules)
* 1:13520 <-> DISABLED <-> SERVER-OTHER Nullsoft Winamp Ultravox buffer overflow attempt (server-other.rules) * 1:13521 <-> DISABLED <-> SERVER-OTHER Nullsoft Winamp Ultravox buffer overflow attempt (server-other.rules) * 1:25276 <-> DISABLED <-> SERVER-OTHER Digium Asterisk oversized Content-Length memory corruption attempt (server-other.rules) * 1:29592 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules) * 1:51924 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getImage.php command injection attempt (server-webapp.rules) * 1:51925 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getImageMP4.php command injection attempt (server-webapp.rules) * 1:51926 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getSpiritsFromVideo.php command injection attempt (server-webapp.rules) * 3:46897 <-> ENABLED <-> SERVER-WEBAPP Cisco Adaptive Security Appliance directory traversal attempt (server-webapp.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091101.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:57579 <-> DISABLED <-> PROTOCOL-DNS ISC BIND OPT record text format handling denial of service attempt (protocol-dns.rules) * 1:57580 <-> DISABLED <-> SERVER-APACHE Apache HTTP Server auth_ldap format string exploit attempt (server-apache.rules) * 3:57600 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57595 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57596 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57587 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57582 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (server-webapp.rules) * 3:57604 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57592 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57593 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57581 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (server-webapp.rules) * 3:57601 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57584 <-> ENABLED <-> SERVER-WEBAPP Cisco Modeling Labs command injection attempt (server-webapp.rules) * 3:57586 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57597 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57603 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57589 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57585 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57602 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57588 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57591 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57583 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (server-webapp.rules) * 3:57598 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57599 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57590 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57594 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules)
* 1:13521 <-> DISABLED <-> SERVER-OTHER Nullsoft Winamp Ultravox buffer overflow attempt (server-other.rules) * 1:13520 <-> DISABLED <-> SERVER-OTHER Nullsoft Winamp Ultravox buffer overflow attempt (server-other.rules) * 1:51925 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getImageMP4.php command injection attempt (server-webapp.rules) * 1:51926 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getSpiritsFromVideo.php command injection attempt (server-webapp.rules) * 1:51924 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getImage.php command injection attempt (server-webapp.rules) * 1:29592 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules) * 1:25276 <-> DISABLED <-> SERVER-OTHER Digium Asterisk oversized Content-Length memory corruption attempt (server-other.rules) * 3:46897 <-> ENABLED <-> SERVER-WEBAPP Cisco Adaptive Security Appliance directory traversal attempt (server-webapp.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3000.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:57579 <-> DISABLED <-> PROTOCOL-DNS ISC BIND OPT record text format handling denial of service attempt (snort3-protocol-dns.rules) * 1:57580 <-> DISABLED <-> SERVER-APACHE Apache HTTP Server auth_ldap format string exploit attempt (snort3-server-apache.rules)
* 1:25276 <-> DISABLED <-> SERVER-OTHER Digium Asterisk oversized Content-Length memory corruption attempt (snort3-server-other.rules) * 1:29592 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (snort3-server-apache.rules) * 1:51926 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getSpiritsFromVideo.php command injection attempt (snort3-server-webapp.rules) * 1:51925 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getImageMP4.php command injection attempt (snort3-server-webapp.rules) * 1:13520 <-> DISABLED <-> SERVER-OTHER Nullsoft Winamp Ultravox buffer overflow attempt (snort3-server-other.rules) * 1:13521 <-> DISABLED <-> SERVER-OTHER Nullsoft Winamp Ultravox buffer overflow attempt (snort3-server-other.rules) * 1:51924 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getImage.php command injection attempt (snort3-server-webapp.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2983.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:57580 <-> DISABLED <-> SERVER-APACHE Apache HTTP Server auth_ldap format string exploit attempt (server-apache.rules) * 1:57579 <-> DISABLED <-> PROTOCOL-DNS ISC BIND OPT record text format handling denial of service attempt (protocol-dns.rules) * 3:57595 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57586 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57604 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57596 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57588 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57589 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57590 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57587 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57599 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57591 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57585 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57602 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57582 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (server-webapp.rules) * 3:57603 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57600 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57584 <-> ENABLED <-> SERVER-WEBAPP Cisco Modeling Labs command injection attempt (server-webapp.rules) * 3:57583 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (server-webapp.rules) * 3:57594 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57601 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57592 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57593 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57597 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57598 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (file-other.rules) * 3:57581 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (server-webapp.rules)
* 1:13520 <-> DISABLED <-> SERVER-OTHER Nullsoft Winamp Ultravox buffer overflow attempt (server-other.rules) * 1:13521 <-> DISABLED <-> SERVER-OTHER Nullsoft Winamp Ultravox buffer overflow attempt (server-other.rules) * 1:25276 <-> DISABLED <-> SERVER-OTHER Digium Asterisk oversized Content-Length memory corruption attempt (server-other.rules) * 1:29592 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules) * 1:51924 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getImage.php command injection attempt (server-webapp.rules) * 1:51925 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getImageMP4.php command injection attempt (server-webapp.rules) * 1:51926 <-> DISABLED <-> SERVER-WEBAPP YouPHPTube getSpiritsFromVideo.php command injection attempt (server-webapp.rules) * 3:46897 <-> ENABLED <-> SERVER-WEBAPP Cisco Adaptive Security Appliance directory traversal attempt (server-webapp.rules)
©2024 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
