Talos has added and modified multiple rules in the file-multimedia, file-office, file-other, protocol-dns, protocol-imap, server-oracle and server-webapp rule sets to provide coverage for emerging threats from these technologies.
For information about Snort Subscriber Rulesets available for purchase, please visit the Snort product page.
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091900.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:59570 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager TVCSCommander SQL injection attempt (server-other.rules) * 1:59571 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager mdHandlerLicenseManager SQL injection attempt (server-other.rules) * 1:59572 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager cmdHandlerStatusMonitor SQL injection attempt (server-other.rules) * 1:59573 <-> DISABLED <-> PROTOCOL-IMAP Dovecot Pigeonhole string parsing remote code execution attempt (protocol-imap.rules) * 1:59574 <-> DISABLED <-> SERVER-ORACLE Oracle Warehouse Builder WB_RT_AUDIT_SHADOW_TABLE SQL injection attempt (server-oracle.rules) * 1:59575 <-> DISABLED <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt (file-multimedia.rules) * 1:59576 <-> DISABLED <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt (file-multimedia.rules) * 1:59577 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt (server-webapp.rules) * 1:59578 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt (server-webapp.rules) * 1:59579 <-> DISABLED <-> PROTOCOL-DNS Microsoft DNS server denial of service attempt (protocol-dns.rules) * 1:59580 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59581 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59582 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59583 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59584 <-> DISABLED <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (file-office.rules) * 1:59585 <-> DISABLED <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (file-office.rules) * 1:59586 <-> DISABLED <-> SERVER-OTHER TightVNC viewer rfbServerCutText handler integer overflow attempt (server-other.rules) * 1:59597 <-> DISABLED <-> SERVER-OTHER WolfSSL PSK extension buffer overflow attempt (server-other.rules) * 1:59600 <-> DISABLED <-> PROTOCOL-DNS Systemd resolved dns_packet_new buffer overflow attempt (protocol-dns.rules) * 1:59606 <-> DISABLED <-> SERVER-WEBAPP Smart Software Solutions CODESYS ControlService stack buffer overflow attempt (server-webapp.rules)
* 1:52450 <-> DISABLED <-> SERVER-OTHER Squid Reverse Proxy malformed Host header buffer overflow attempt (server-other.rules) * 1:59474 <-> DISABLED <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt (file-other.rules) * 1:58522 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt (server-webapp.rules) * 1:59475 <-> DISABLED <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt (file-other.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091801.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:59586 <-> DISABLED <-> SERVER-OTHER TightVNC viewer rfbServerCutText handler integer overflow attempt (server-other.rules) * 1:59597 <-> DISABLED <-> SERVER-OTHER WolfSSL PSK extension buffer overflow attempt (server-other.rules) * 1:59570 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager TVCSCommander SQL injection attempt (server-other.rules) * 1:59575 <-> DISABLED <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt (file-multimedia.rules) * 1:59574 <-> DISABLED <-> SERVER-ORACLE Oracle Warehouse Builder WB_RT_AUDIT_SHADOW_TABLE SQL injection attempt (server-oracle.rules) * 1:59576 <-> DISABLED <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt (file-multimedia.rules) * 1:59573 <-> DISABLED <-> PROTOCOL-IMAP Dovecot Pigeonhole string parsing remote code execution attempt (protocol-imap.rules) * 1:59580 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59581 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59582 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59583 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59584 <-> DISABLED <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (file-office.rules) * 1:59585 <-> DISABLED <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (file-office.rules) * 1:59600 <-> DISABLED <-> PROTOCOL-DNS Systemd resolved dns_packet_new buffer overflow attempt (protocol-dns.rules) * 1:59606 <-> DISABLED <-> SERVER-WEBAPP Smart Software Solutions CODESYS ControlService stack buffer overflow attempt (server-webapp.rules) * 1:59571 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager mdHandlerLicenseManager SQL injection attempt (server-other.rules) * 1:59572 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager cmdHandlerStatusMonitor SQL injection attempt (server-other.rules) * 1:59577 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt (server-webapp.rules) * 1:59579 <-> DISABLED <-> PROTOCOL-DNS Microsoft DNS server denial of service attempt (protocol-dns.rules) * 1:59578 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt (server-webapp.rules)
* 1:52450 <-> DISABLED <-> SERVER-OTHER Squid Reverse Proxy malformed Host header buffer overflow attempt (server-other.rules) * 1:59474 <-> DISABLED <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt (file-other.rules) * 1:58522 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt (server-webapp.rules) * 1:59475 <-> DISABLED <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt (file-other.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091701.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:59585 <-> DISABLED <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (file-office.rules) * 1:59574 <-> DISABLED <-> SERVER-ORACLE Oracle Warehouse Builder WB_RT_AUDIT_SHADOW_TABLE SQL injection attempt (server-oracle.rules) * 1:59600 <-> DISABLED <-> PROTOCOL-DNS Systemd resolved dns_packet_new buffer overflow attempt (protocol-dns.rules) * 1:59606 <-> DISABLED <-> SERVER-WEBAPP Smart Software Solutions CODESYS ControlService stack buffer overflow attempt (server-webapp.rules) * 1:59570 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager TVCSCommander SQL injection attempt (server-other.rules) * 1:59571 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager mdHandlerLicenseManager SQL injection attempt (server-other.rules) * 1:59573 <-> DISABLED <-> PROTOCOL-IMAP Dovecot Pigeonhole string parsing remote code execution attempt (protocol-imap.rules) * 1:59575 <-> DISABLED <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt (file-multimedia.rules) * 1:59576 <-> DISABLED <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt (file-multimedia.rules) * 1:59577 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt (server-webapp.rules) * 1:59578 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt (server-webapp.rules) * 1:59586 <-> DISABLED <-> SERVER-OTHER TightVNC viewer rfbServerCutText handler integer overflow attempt (server-other.rules) * 1:59597 <-> DISABLED <-> SERVER-OTHER WolfSSL PSK extension buffer overflow attempt (server-other.rules) * 1:59572 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager cmdHandlerStatusMonitor SQL injection attempt (server-other.rules) * 1:59579 <-> DISABLED <-> PROTOCOL-DNS Microsoft DNS server denial of service attempt (protocol-dns.rules) * 1:59581 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59580 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59583 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59582 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59584 <-> DISABLED <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (file-office.rules)
* 1:59474 <-> DISABLED <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt (file-other.rules) * 1:58522 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt (server-webapp.rules) * 1:52450 <-> DISABLED <-> SERVER-OTHER Squid Reverse Proxy malformed Host header buffer overflow attempt (server-other.rules) * 1:59475 <-> DISABLED <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt (file-other.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091700.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:59606 <-> DISABLED <-> SERVER-WEBAPP Smart Software Solutions CODESYS ControlService stack buffer overflow attempt (server-webapp.rules) * 1:59576 <-> DISABLED <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt (file-multimedia.rules) * 1:59582 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59577 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt (server-webapp.rules) * 1:59586 <-> DISABLED <-> SERVER-OTHER TightVNC viewer rfbServerCutText handler integer overflow attempt (server-other.rules) * 1:59572 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager cmdHandlerStatusMonitor SQL injection attempt (server-other.rules) * 1:59571 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager mdHandlerLicenseManager SQL injection attempt (server-other.rules) * 1:59583 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59585 <-> DISABLED <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (file-office.rules) * 1:59584 <-> DISABLED <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (file-office.rules) * 1:59578 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt (server-webapp.rules) * 1:59597 <-> DISABLED <-> SERVER-OTHER WolfSSL PSK extension buffer overflow attempt (server-other.rules) * 1:59575 <-> DISABLED <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt (file-multimedia.rules) * 1:59600 <-> DISABLED <-> PROTOCOL-DNS Systemd resolved dns_packet_new buffer overflow attempt (protocol-dns.rules) * 1:59573 <-> DISABLED <-> PROTOCOL-IMAP Dovecot Pigeonhole string parsing remote code execution attempt (protocol-imap.rules) * 1:59570 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager TVCSCommander SQL injection attempt (server-other.rules) * 1:59579 <-> DISABLED <-> PROTOCOL-DNS Microsoft DNS server denial of service attempt (protocol-dns.rules) * 1:59580 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59574 <-> DISABLED <-> SERVER-ORACLE Oracle Warehouse Builder WB_RT_AUDIT_SHADOW_TABLE SQL injection attempt (server-oracle.rules) * 1:59581 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules)
* 1:52450 <-> DISABLED <-> SERVER-OTHER Squid Reverse Proxy malformed Host header buffer overflow attempt (server-other.rules) * 1:59474 <-> DISABLED <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt (file-other.rules) * 1:59475 <-> DISABLED <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt (file-other.rules) * 1:58522 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt (server-webapp.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091601.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:59580 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59597 <-> DISABLED <-> SERVER-OTHER WolfSSL PSK extension buffer overflow attempt (server-other.rules) * 1:59575 <-> DISABLED <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt (file-multimedia.rules) * 1:59586 <-> DISABLED <-> SERVER-OTHER TightVNC viewer rfbServerCutText handler integer overflow attempt (server-other.rules) * 1:59572 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager cmdHandlerStatusMonitor SQL injection attempt (server-other.rules) * 1:59574 <-> DISABLED <-> SERVER-ORACLE Oracle Warehouse Builder WB_RT_AUDIT_SHADOW_TABLE SQL injection attempt (server-oracle.rules) * 1:59600 <-> DISABLED <-> PROTOCOL-DNS Systemd resolved dns_packet_new buffer overflow attempt (protocol-dns.rules) * 1:59584 <-> DISABLED <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (file-office.rules) * 1:59579 <-> DISABLED <-> PROTOCOL-DNS Microsoft DNS server denial of service attempt (protocol-dns.rules) * 1:59582 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59583 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59585 <-> DISABLED <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (file-office.rules) * 1:59570 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager TVCSCommander SQL injection attempt (server-other.rules) * 1:59571 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager mdHandlerLicenseManager SQL injection attempt (server-other.rules) * 1:59576 <-> DISABLED <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt (file-multimedia.rules) * 1:59578 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt (server-webapp.rules) * 1:59577 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt (server-webapp.rules) * 1:59581 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59573 <-> DISABLED <-> PROTOCOL-IMAP Dovecot Pigeonhole string parsing remote code execution attempt (protocol-imap.rules) * 1:59606 <-> DISABLED <-> SERVER-WEBAPP Smart Software Solutions CODESYS ControlService stack buffer overflow attempt (server-webapp.rules)
* 1:58522 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt (server-webapp.rules) * 1:59475 <-> DISABLED <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt (file-other.rules) * 1:52450 <-> DISABLED <-> SERVER-OTHER Squid Reverse Proxy malformed Host header buffer overflow attempt (server-other.rules) * 1:59474 <-> DISABLED <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt (file-other.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091600.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:59600 <-> DISABLED <-> PROTOCOL-DNS Systemd resolved dns_packet_new buffer overflow attempt (protocol-dns.rules) * 1:59585 <-> DISABLED <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (file-office.rules) * 1:59586 <-> DISABLED <-> SERVER-OTHER TightVNC viewer rfbServerCutText handler integer overflow attempt (server-other.rules) * 1:59582 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59579 <-> DISABLED <-> PROTOCOL-DNS Microsoft DNS server denial of service attempt (protocol-dns.rules) * 1:59606 <-> DISABLED <-> SERVER-WEBAPP Smart Software Solutions CODESYS ControlService stack buffer overflow attempt (server-webapp.rules) * 1:59575 <-> DISABLED <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt (file-multimedia.rules) * 1:59572 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager cmdHandlerStatusMonitor SQL injection attempt (server-other.rules) * 1:59570 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager TVCSCommander SQL injection attempt (server-other.rules) * 1:59577 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt (server-webapp.rules) * 1:59571 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager mdHandlerLicenseManager SQL injection attempt (server-other.rules) * 1:59580 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59573 <-> DISABLED <-> PROTOCOL-IMAP Dovecot Pigeonhole string parsing remote code execution attempt (protocol-imap.rules) * 1:59578 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt (server-webapp.rules) * 1:59576 <-> DISABLED <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt (file-multimedia.rules) * 1:59584 <-> DISABLED <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (file-office.rules) * 1:59581 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59597 <-> DISABLED <-> SERVER-OTHER WolfSSL PSK extension buffer overflow attempt (server-other.rules) * 1:59583 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59574 <-> DISABLED <-> SERVER-ORACLE Oracle Warehouse Builder WB_RT_AUDIT_SHADOW_TABLE SQL injection attempt (server-oracle.rules)
* 1:59474 <-> DISABLED <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt (file-other.rules) * 1:52450 <-> DISABLED <-> SERVER-OTHER Squid Reverse Proxy malformed Host header buffer overflow attempt (server-other.rules) * 1:58522 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt (server-webapp.rules) * 1:59475 <-> DISABLED <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt (file-other.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091501.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:59570 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager TVCSCommander SQL injection attempt (server-other.rules) * 1:59572 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager cmdHandlerStatusMonitor SQL injection attempt (server-other.rules) * 1:59600 <-> DISABLED <-> PROTOCOL-DNS Systemd resolved dns_packet_new buffer overflow attempt (protocol-dns.rules) * 1:59597 <-> DISABLED <-> SERVER-OTHER WolfSSL PSK extension buffer overflow attempt (server-other.rules) * 1:59571 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager mdHandlerLicenseManager SQL injection attempt (server-other.rules) * 1:59582 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59577 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt (server-webapp.rules) * 1:59606 <-> DISABLED <-> SERVER-WEBAPP Smart Software Solutions CODESYS ControlService stack buffer overflow attempt (server-webapp.rules) * 1:59583 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59575 <-> DISABLED <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt (file-multimedia.rules) * 1:59580 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59574 <-> DISABLED <-> SERVER-ORACLE Oracle Warehouse Builder WB_RT_AUDIT_SHADOW_TABLE SQL injection attempt (server-oracle.rules) * 1:59578 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt (server-webapp.rules) * 1:59585 <-> DISABLED <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (file-office.rules) * 1:59586 <-> DISABLED <-> SERVER-OTHER TightVNC viewer rfbServerCutText handler integer overflow attempt (server-other.rules) * 1:59579 <-> DISABLED <-> PROTOCOL-DNS Microsoft DNS server denial of service attempt (protocol-dns.rules) * 1:59576 <-> DISABLED <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt (file-multimedia.rules) * 1:59584 <-> DISABLED <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (file-office.rules) * 1:59581 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59573 <-> DISABLED <-> PROTOCOL-IMAP Dovecot Pigeonhole string parsing remote code execution attempt (protocol-imap.rules)
* 1:58522 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt (server-webapp.rules) * 1:52450 <-> DISABLED <-> SERVER-OTHER Squid Reverse Proxy malformed Host header buffer overflow attempt (server-other.rules) * 1:59474 <-> DISABLED <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt (file-other.rules) * 1:59475 <-> DISABLED <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt (file-other.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091401.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:59572 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager cmdHandlerStatusMonitor SQL injection attempt (server-other.rules) * 1:59586 <-> DISABLED <-> SERVER-OTHER TightVNC viewer rfbServerCutText handler integer overflow attempt (server-other.rules) * 1:59571 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager mdHandlerLicenseManager SQL injection attempt (server-other.rules) * 1:59582 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59578 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt (server-webapp.rules) * 1:59570 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager TVCSCommander SQL injection attempt (server-other.rules) * 1:59573 <-> DISABLED <-> PROTOCOL-IMAP Dovecot Pigeonhole string parsing remote code execution attempt (protocol-imap.rules) * 1:59575 <-> DISABLED <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt (file-multimedia.rules) * 1:59576 <-> DISABLED <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt (file-multimedia.rules) * 1:59597 <-> DISABLED <-> SERVER-OTHER WolfSSL PSK extension buffer overflow attempt (server-other.rules) * 1:59574 <-> DISABLED <-> SERVER-ORACLE Oracle Warehouse Builder WB_RT_AUDIT_SHADOW_TABLE SQL injection attempt (server-oracle.rules) * 1:59579 <-> DISABLED <-> PROTOCOL-DNS Microsoft DNS server denial of service attempt (protocol-dns.rules) * 1:59585 <-> DISABLED <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (file-office.rules) * 1:59606 <-> DISABLED <-> SERVER-WEBAPP Smart Software Solutions CODESYS ControlService stack buffer overflow attempt (server-webapp.rules) * 1:59583 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59577 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt (server-webapp.rules) * 1:59581 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59580 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59584 <-> DISABLED <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (file-office.rules) * 1:59600 <-> DISABLED <-> PROTOCOL-DNS Systemd resolved dns_packet_new buffer overflow attempt (protocol-dns.rules)
* 1:59475 <-> DISABLED <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt (file-other.rules) * 1:58522 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt (server-webapp.rules) * 1:59474 <-> DISABLED <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt (file-other.rules) * 1:52450 <-> DISABLED <-> SERVER-OTHER Squid Reverse Proxy malformed Host header buffer overflow attempt (server-other.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091300.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:59585 <-> DISABLED <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (file-office.rules) * 1:59570 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager TVCSCommander SQL injection attempt (server-other.rules) * 1:59578 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt (server-webapp.rules) * 1:59576 <-> DISABLED <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt (file-multimedia.rules) * 1:59579 <-> DISABLED <-> PROTOCOL-DNS Microsoft DNS server denial of service attempt (protocol-dns.rules) * 1:59573 <-> DISABLED <-> PROTOCOL-IMAP Dovecot Pigeonhole string parsing remote code execution attempt (protocol-imap.rules) * 1:59600 <-> DISABLED <-> PROTOCOL-DNS Systemd resolved dns_packet_new buffer overflow attempt (protocol-dns.rules) * 1:59572 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager cmdHandlerStatusMonitor SQL injection attempt (server-other.rules) * 1:59606 <-> DISABLED <-> SERVER-WEBAPP Smart Software Solutions CODESYS ControlService stack buffer overflow attempt (server-webapp.rules) * 1:59584 <-> DISABLED <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (file-office.rules) * 1:59577 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt (server-webapp.rules) * 1:59580 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59575 <-> DISABLED <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt (file-multimedia.rules) * 1:59581 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59582 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59597 <-> DISABLED <-> SERVER-OTHER WolfSSL PSK extension buffer overflow attempt (server-other.rules) * 1:59571 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager mdHandlerLicenseManager SQL injection attempt (server-other.rules) * 1:59586 <-> DISABLED <-> SERVER-OTHER TightVNC viewer rfbServerCutText handler integer overflow attempt (server-other.rules) * 1:59574 <-> DISABLED <-> SERVER-ORACLE Oracle Warehouse Builder WB_RT_AUDIT_SHADOW_TABLE SQL injection attempt (server-oracle.rules) * 1:59583 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules)
* 1:58522 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt (server-webapp.rules) * 1:52450 <-> DISABLED <-> SERVER-OTHER Squid Reverse Proxy malformed Host header buffer overflow attempt (server-other.rules) * 1:59475 <-> DISABLED <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt (file-other.rules) * 1:59474 <-> DISABLED <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt (file-other.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091101.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:59606 <-> DISABLED <-> SERVER-WEBAPP Smart Software Solutions CODESYS ControlService stack buffer overflow attempt (server-webapp.rules) * 1:59600 <-> DISABLED <-> PROTOCOL-DNS Systemd resolved dns_packet_new buffer overflow attempt (protocol-dns.rules) * 1:59574 <-> DISABLED <-> SERVER-ORACLE Oracle Warehouse Builder WB_RT_AUDIT_SHADOW_TABLE SQL injection attempt (server-oracle.rules) * 1:59572 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager cmdHandlerStatusMonitor SQL injection attempt (server-other.rules) * 1:59597 <-> DISABLED <-> SERVER-OTHER WolfSSL PSK extension buffer overflow attempt (server-other.rules) * 1:59573 <-> DISABLED <-> PROTOCOL-IMAP Dovecot Pigeonhole string parsing remote code execution attempt (protocol-imap.rules) * 1:59577 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt (server-webapp.rules) * 1:59575 <-> DISABLED <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt (file-multimedia.rules) * 1:59582 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59571 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager mdHandlerLicenseManager SQL injection attempt (server-other.rules) * 1:59585 <-> DISABLED <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (file-office.rules) * 1:59583 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59576 <-> DISABLED <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt (file-multimedia.rules) * 1:59578 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt (server-webapp.rules) * 1:59579 <-> DISABLED <-> PROTOCOL-DNS Microsoft DNS server denial of service attempt (protocol-dns.rules) * 1:59580 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59570 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager TVCSCommander SQL injection attempt (server-other.rules) * 1:59581 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59584 <-> DISABLED <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (file-office.rules) * 1:59586 <-> DISABLED <-> SERVER-OTHER TightVNC viewer rfbServerCutText handler integer overflow attempt (server-other.rules)
* 1:58522 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt (server-webapp.rules) * 1:59475 <-> DISABLED <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt (file-other.rules) * 1:59474 <-> DISABLED <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt (file-other.rules) * 1:52450 <-> DISABLED <-> SERVER-OTHER Squid Reverse Proxy malformed Host header buffer overflow attempt (server-other.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3000.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:59586 <-> DISABLED <-> SERVER-OTHER TightVNC viewer rfbServerCutText handler integer overflow attempt (snort3-server-other.rules) * 1:59583 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (snort3-file-other.rules) * 1:59600 <-> DISABLED <-> PROTOCOL-DNS Systemd resolved dns_packet_new buffer overflow attempt (snort3-protocol-dns.rules) * 1:59575 <-> DISABLED <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt (snort3-file-multimedia.rules) * 1:59574 <-> DISABLED <-> SERVER-ORACLE Oracle Warehouse Builder WB_RT_AUDIT_SHADOW_TABLE SQL injection attempt (snort3-server-oracle.rules) * 1:59584 <-> DISABLED <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (snort3-file-office.rules) * 1:59571 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager mdHandlerLicenseManager SQL injection attempt (snort3-server-other.rules) * 1:59606 <-> DISABLED <-> SERVER-WEBAPP Smart Software Solutions CODESYS ControlService stack buffer overflow attempt (snort3-server-webapp.rules) * 1:59570 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager TVCSCommander SQL injection attempt (snort3-server-other.rules) * 1:59579 <-> DISABLED <-> PROTOCOL-DNS Microsoft DNS server denial of service attempt (snort3-protocol-dns.rules) * 1:59572 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager cmdHandlerStatusMonitor SQL injection attempt (snort3-server-other.rules) * 1:59578 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt (snort3-server-webapp.rules) * 1:59576 <-> DISABLED <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt (snort3-file-multimedia.rules) * 1:59582 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (snort3-file-other.rules) * 1:59585 <-> DISABLED <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (snort3-file-office.rules) * 1:59577 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt (snort3-server-webapp.rules) * 1:59581 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (snort3-file-other.rules) * 1:59573 <-> DISABLED <-> PROTOCOL-IMAP Dovecot Pigeonhole string parsing remote code execution attempt (snort3-protocol-imap.rules) * 1:59580 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (snort3-file-other.rules) * 1:59597 <-> DISABLED <-> SERVER-OTHER WolfSSL PSK extension buffer overflow attempt (snort3-server-other.rules)
* 1:59474 <-> DISABLED <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt (snort3-file-other.rules) * 1:52450 <-> DISABLED <-> SERVER-OTHER Squid Reverse Proxy malformed Host header buffer overflow attempt (snort3-server-other.rules) * 1:58522 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt (snort3-server-webapp.rules) * 1:59475 <-> DISABLED <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt (snort3-file-other.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2983.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:59577 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt (server-webapp.rules) * 1:59579 <-> DISABLED <-> PROTOCOL-DNS Microsoft DNS server denial of service attempt (protocol-dns.rules) * 1:59576 <-> DISABLED <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt (file-multimedia.rules) * 1:59575 <-> DISABLED <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt (file-multimedia.rules) * 1:59597 <-> DISABLED <-> SERVER-OTHER WolfSSL PSK extension buffer overflow attempt (server-other.rules) * 1:59572 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager cmdHandlerStatusMonitor SQL injection attempt (server-other.rules) * 1:59585 <-> DISABLED <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (file-office.rules) * 1:59600 <-> DISABLED <-> PROTOCOL-DNS Systemd resolved dns_packet_new buffer overflow attempt (protocol-dns.rules) * 1:59570 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager TVCSCommander SQL injection attempt (server-other.rules) * 1:59578 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt (server-webapp.rules) * 1:59580 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59606 <-> DISABLED <-> SERVER-WEBAPP Smart Software Solutions CODESYS ControlService stack buffer overflow attempt (server-webapp.rules) * 1:59574 <-> DISABLED <-> SERVER-ORACLE Oracle Warehouse Builder WB_RT_AUDIT_SHADOW_TABLE SQL injection attempt (server-oracle.rules) * 1:59581 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59584 <-> DISABLED <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (file-office.rules) * 1:59583 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59586 <-> DISABLED <-> SERVER-OTHER TightVNC viewer rfbServerCutText handler integer overflow attempt (server-other.rules) * 1:59573 <-> DISABLED <-> PROTOCOL-IMAP Dovecot Pigeonhole string parsing remote code execution attempt (protocol-imap.rules) * 1:59582 <-> DISABLED <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (file-other.rules) * 1:59571 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager mdHandlerLicenseManager SQL injection attempt (server-other.rules)
* 1:59475 <-> DISABLED <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt (file-other.rules) * 1:59474 <-> DISABLED <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt (file-other.rules) * 1:58522 <-> DISABLED <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt (server-webapp.rules) * 1:52450 <-> DISABLED <-> SERVER-OTHER Squid Reverse Proxy malformed Host header buffer overflow attempt (server-other.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3.0.3.1.
The format of the file is:
gid:sid <-> Message
* 1:59570 <-> SERVER-OTHER Trend Micro Control Manager TVCSCommander SQL injection attempt * 1:59571 <-> SERVER-OTHER Trend Micro Control Manager mdHandlerLicenseManager SQL injection attempt * 1:59572 <-> SERVER-OTHER Trend Micro Control Manager cmdHandlerStatusMonitor SQL injection attempt * 1:59573 <-> PROTOCOL-IMAP Dovecot Pigeonhole string parsing remote code execution attempt * 1:59574 <-> SERVER-ORACLE Oracle Warehouse Builder WB_RT_AUDIT_SHADOW_TABLE SQL injection attempt * 1:59575 <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt * 1:59576 <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt * 1:59577 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt * 1:59578 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt * 1:59579 <-> PROTOCOL-DNS Microsoft DNS server denial of service attempt * 1:59580 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59581 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59582 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59583 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59584 <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt * 1:59585 <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt * 1:59586 <-> SERVER-OTHER TightVNC viewer rfbServerCutText handler integer overflow attempt * 1:59597 <-> SERVER-OTHER WolfSSL PSK extension buffer overflow attempt * 1:59600 <-> PROTOCOL-DNS Systemd resolved dns_packet_new buffer overflow attempt * 1:59606 <-> SERVER-WEBAPP Smart Software Solutions CODESYS ControlService stack buffer overflow attempt
* 1:52450 <-> SERVER-OTHER Squid Reverse Proxy malformed Host header buffer overflow attempt * 1:58522 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt * 1:59474 <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt * 1:59475 <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3.0.3.4.
The format of the file is:
gid:sid <-> Message
* 1:59570 <-> SERVER-OTHER Trend Micro Control Manager TVCSCommander SQL injection attempt * 1:59571 <-> SERVER-OTHER Trend Micro Control Manager mdHandlerLicenseManager SQL injection attempt * 1:59572 <-> SERVER-OTHER Trend Micro Control Manager cmdHandlerStatusMonitor SQL injection attempt * 1:59573 <-> PROTOCOL-IMAP Dovecot Pigeonhole string parsing remote code execution attempt * 1:59574 <-> SERVER-ORACLE Oracle Warehouse Builder WB_RT_AUDIT_SHADOW_TABLE SQL injection attempt * 1:59575 <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt * 1:59576 <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt * 1:59577 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt * 1:59578 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt * 1:59579 <-> PROTOCOL-DNS Microsoft DNS server denial of service attempt * 1:59580 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59581 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59582 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59583 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59584 <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt * 1:59585 <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt * 1:59586 <-> SERVER-OTHER TightVNC viewer rfbServerCutText handler integer overflow attempt * 1:59597 <-> SERVER-OTHER WolfSSL PSK extension buffer overflow attempt * 1:59600 <-> PROTOCOL-DNS Systemd resolved dns_packet_new buffer overflow attempt * 1:59606 <-> SERVER-WEBAPP Smart Software Solutions CODESYS ControlService stack buffer overflow attempt
* 1:52450 <-> SERVER-OTHER Squid Reverse Proxy malformed Host header buffer overflow attempt * 1:58522 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt * 1:59474 <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt * 1:59475 <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3.1.0.0.
The format of the file is:
gid:sid <-> Message
* 1:59570 <-> SERVER-OTHER Trend Micro Control Manager TVCSCommander SQL injection attempt * 1:59571 <-> SERVER-OTHER Trend Micro Control Manager mdHandlerLicenseManager SQL injection attempt * 1:59572 <-> SERVER-OTHER Trend Micro Control Manager cmdHandlerStatusMonitor SQL injection attempt * 1:59573 <-> PROTOCOL-IMAP Dovecot Pigeonhole string parsing remote code execution attempt * 1:59574 <-> SERVER-ORACLE Oracle Warehouse Builder WB_RT_AUDIT_SHADOW_TABLE SQL injection attempt * 1:59575 <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt * 1:59576 <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt * 1:59577 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt * 1:59578 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt * 1:59579 <-> PROTOCOL-DNS Microsoft DNS server denial of service attempt * 1:59580 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59581 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59582 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59583 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59584 <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt * 1:59585 <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt * 1:59586 <-> SERVER-OTHER TightVNC viewer rfbServerCutText handler integer overflow attempt * 1:59597 <-> SERVER-OTHER WolfSSL PSK extension buffer overflow attempt * 1:59600 <-> PROTOCOL-DNS Systemd resolved dns_packet_new buffer overflow attempt * 1:59606 <-> SERVER-WEBAPP Smart Software Solutions CODESYS ControlService stack buffer overflow attempt
* 1:52450 <-> SERVER-OTHER Squid Reverse Proxy malformed Host header buffer overflow attempt * 1:58522 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt * 1:59474 <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt * 1:59475 <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3.1.0.1.
The format of the file is:
gid:sid <-> Message
* 1:59570 <-> SERVER-OTHER Trend Micro Control Manager TVCSCommander SQL injection attempt * 1:59571 <-> SERVER-OTHER Trend Micro Control Manager mdHandlerLicenseManager SQL injection attempt * 1:59572 <-> SERVER-OTHER Trend Micro Control Manager cmdHandlerStatusMonitor SQL injection attempt * 1:59573 <-> PROTOCOL-IMAP Dovecot Pigeonhole string parsing remote code execution attempt * 1:59574 <-> SERVER-ORACLE Oracle Warehouse Builder WB_RT_AUDIT_SHADOW_TABLE SQL injection attempt * 1:59575 <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt * 1:59576 <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt * 1:59577 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt * 1:59578 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt * 1:59579 <-> PROTOCOL-DNS Microsoft DNS server denial of service attempt * 1:59580 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59581 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59582 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59583 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59584 <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt * 1:59585 <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt * 1:59586 <-> SERVER-OTHER TightVNC viewer rfbServerCutText handler integer overflow attempt * 1:59597 <-> SERVER-OTHER WolfSSL PSK extension buffer overflow attempt * 1:59600 <-> PROTOCOL-DNS Systemd resolved dns_packet_new buffer overflow attempt * 1:59606 <-> SERVER-WEBAPP Smart Software Solutions CODESYS ControlService stack buffer overflow attempt
* 1:52450 <-> SERVER-OTHER Squid Reverse Proxy malformed Host header buffer overflow attempt * 1:58522 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt * 1:59474 <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt * 1:59475 <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3.1.1.0.
The format of the file is:
gid:sid <-> Message
* 1:59570 <-> SERVER-OTHER Trend Micro Control Manager TVCSCommander SQL injection attempt * 1:59571 <-> SERVER-OTHER Trend Micro Control Manager mdHandlerLicenseManager SQL injection attempt * 1:59572 <-> SERVER-OTHER Trend Micro Control Manager cmdHandlerStatusMonitor SQL injection attempt * 1:59573 <-> PROTOCOL-IMAP Dovecot Pigeonhole string parsing remote code execution attempt * 1:59574 <-> SERVER-ORACLE Oracle Warehouse Builder WB_RT_AUDIT_SHADOW_TABLE SQL injection attempt * 1:59575 <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt * 1:59576 <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt * 1:59577 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt * 1:59578 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt * 1:59579 <-> PROTOCOL-DNS Microsoft DNS server denial of service attempt * 1:59580 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59581 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59582 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59583 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59584 <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt * 1:59585 <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt * 1:59586 <-> SERVER-OTHER TightVNC viewer rfbServerCutText handler integer overflow attempt * 1:59597 <-> SERVER-OTHER WolfSSL PSK extension buffer overflow attempt * 1:59600 <-> PROTOCOL-DNS Systemd resolved dns_packet_new buffer overflow attempt * 1:59606 <-> SERVER-WEBAPP Smart Software Solutions CODESYS ControlService stack buffer overflow attempt
* 1:52450 <-> SERVER-OTHER Squid Reverse Proxy malformed Host header buffer overflow attempt * 1:58522 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt * 1:59474 <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt * 1:59475 <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3.1.3.0.
The format of the file is:
gid:sid <-> Message
* 1:59570 <-> SERVER-OTHER Trend Micro Control Manager TVCSCommander SQL injection attempt * 1:59571 <-> SERVER-OTHER Trend Micro Control Manager mdHandlerLicenseManager SQL injection attempt * 1:59572 <-> SERVER-OTHER Trend Micro Control Manager cmdHandlerStatusMonitor SQL injection attempt * 1:59573 <-> PROTOCOL-IMAP Dovecot Pigeonhole string parsing remote code execution attempt * 1:59574 <-> SERVER-ORACLE Oracle Warehouse Builder WB_RT_AUDIT_SHADOW_TABLE SQL injection attempt * 1:59575 <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt * 1:59576 <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt * 1:59577 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt * 1:59578 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt * 1:59579 <-> PROTOCOL-DNS Microsoft DNS server denial of service attempt * 1:59580 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59581 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59582 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59583 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59584 <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt * 1:59585 <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt * 1:59586 <-> SERVER-OTHER TightVNC viewer rfbServerCutText handler integer overflow attempt * 1:59597 <-> SERVER-OTHER WolfSSL PSK extension buffer overflow attempt * 1:59600 <-> PROTOCOL-DNS Systemd resolved dns_packet_new buffer overflow attempt * 1:59606 <-> SERVER-WEBAPP Smart Software Solutions CODESYS ControlService stack buffer overflow attempt
* 1:52450 <-> SERVER-OTHER Squid Reverse Proxy malformed Host header buffer overflow attempt * 1:58522 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt * 1:59474 <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt * 1:59475 <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3.1.4.0.
The format of the file is:
gid:sid <-> Message
* 1:59570 <-> SERVER-OTHER Trend Micro Control Manager TVCSCommander SQL injection attempt * 1:59571 <-> SERVER-OTHER Trend Micro Control Manager mdHandlerLicenseManager SQL injection attempt * 1:59572 <-> SERVER-OTHER Trend Micro Control Manager cmdHandlerStatusMonitor SQL injection attempt * 1:59573 <-> PROTOCOL-IMAP Dovecot Pigeonhole string parsing remote code execution attempt * 1:59574 <-> SERVER-ORACLE Oracle Warehouse Builder WB_RT_AUDIT_SHADOW_TABLE SQL injection attempt * 1:59575 <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt * 1:59576 <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt * 1:59577 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt * 1:59578 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt * 1:59579 <-> PROTOCOL-DNS Microsoft DNS server denial of service attempt * 1:59580 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59581 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59582 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59583 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59584 <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt * 1:59585 <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt * 1:59586 <-> SERVER-OTHER TightVNC viewer rfbServerCutText handler integer overflow attempt * 1:59597 <-> SERVER-OTHER WolfSSL PSK extension buffer overflow attempt * 1:59600 <-> PROTOCOL-DNS Systemd resolved dns_packet_new buffer overflow attempt * 1:59606 <-> SERVER-WEBAPP Smart Software Solutions CODESYS ControlService stack buffer overflow attempt
* 1:52450 <-> SERVER-OTHER Squid Reverse Proxy malformed Host header buffer overflow attempt * 1:58522 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt * 1:59474 <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt * 1:59475 <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3.1.5.0.
The format of the file is:
gid:sid <-> Message
* 1:59570 <-> SERVER-OTHER Trend Micro Control Manager TVCSCommander SQL injection attempt * 1:59571 <-> SERVER-OTHER Trend Micro Control Manager mdHandlerLicenseManager SQL injection attempt * 1:59572 <-> SERVER-OTHER Trend Micro Control Manager cmdHandlerStatusMonitor SQL injection attempt * 1:59573 <-> PROTOCOL-IMAP Dovecot Pigeonhole string parsing remote code execution attempt * 1:59574 <-> SERVER-ORACLE Oracle Warehouse Builder WB_RT_AUDIT_SHADOW_TABLE SQL injection attempt * 1:59575 <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt * 1:59576 <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt * 1:59577 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt * 1:59578 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt * 1:59579 <-> PROTOCOL-DNS Microsoft DNS server denial of service attempt * 1:59580 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59581 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59582 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59583 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59584 <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt * 1:59585 <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt * 1:59586 <-> SERVER-OTHER TightVNC viewer rfbServerCutText handler integer overflow attempt * 1:59597 <-> SERVER-OTHER WolfSSL PSK extension buffer overflow attempt * 1:59600 <-> PROTOCOL-DNS Systemd resolved dns_packet_new buffer overflow attempt * 1:59606 <-> SERVER-WEBAPP Smart Software Solutions CODESYS ControlService stack buffer overflow attempt
* 1:52450 <-> SERVER-OTHER Squid Reverse Proxy malformed Host header buffer overflow attempt * 1:58522 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt * 1:59474 <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt * 1:59475 <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3.1.7.0.
The format of the file is:
gid:sid <-> Message
* 1:59570 <-> SERVER-OTHER Trend Micro Control Manager TVCSCommander SQL injection attempt * 1:59571 <-> SERVER-OTHER Trend Micro Control Manager mdHandlerLicenseManager SQL injection attempt * 1:59572 <-> SERVER-OTHER Trend Micro Control Manager cmdHandlerStatusMonitor SQL injection attempt * 1:59573 <-> PROTOCOL-IMAP Dovecot Pigeonhole string parsing remote code execution attempt * 1:59574 <-> SERVER-ORACLE Oracle Warehouse Builder WB_RT_AUDIT_SHADOW_TABLE SQL injection attempt * 1:59575 <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt * 1:59576 <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt * 1:59577 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt * 1:59578 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt * 1:59579 <-> PROTOCOL-DNS Microsoft DNS server denial of service attempt * 1:59580 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59581 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59582 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59583 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59584 <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt * 1:59585 <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt * 1:59586 <-> SERVER-OTHER TightVNC viewer rfbServerCutText handler integer overflow attempt * 1:59597 <-> SERVER-OTHER WolfSSL PSK extension buffer overflow attempt * 1:59600 <-> PROTOCOL-DNS Systemd resolved dns_packet_new buffer overflow attempt * 1:59606 <-> SERVER-WEBAPP Smart Software Solutions CODESYS ControlService stack buffer overflow attempt
* 1:52450 <-> SERVER-OTHER Squid Reverse Proxy malformed Host header buffer overflow attempt * 1:58522 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt * 1:59474 <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt * 1:59475 <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3.1.9.0.
The format of the file is:
gid:sid <-> Message
* 1:59570 <-> SERVER-OTHER Trend Micro Control Manager TVCSCommander SQL injection attempt * 1:59571 <-> SERVER-OTHER Trend Micro Control Manager mdHandlerLicenseManager SQL injection attempt * 1:59572 <-> SERVER-OTHER Trend Micro Control Manager cmdHandlerStatusMonitor SQL injection attempt * 1:59573 <-> PROTOCOL-IMAP Dovecot Pigeonhole string parsing remote code execution attempt * 1:59574 <-> SERVER-ORACLE Oracle Warehouse Builder WB_RT_AUDIT_SHADOW_TABLE SQL injection attempt * 1:59575 <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt * 1:59576 <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt * 1:59577 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt * 1:59578 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt * 1:59579 <-> PROTOCOL-DNS Microsoft DNS server denial of service attempt * 1:59580 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59581 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59582 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59583 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59584 <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt * 1:59585 <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt * 1:59586 <-> SERVER-OTHER TightVNC viewer rfbServerCutText handler integer overflow attempt * 1:59597 <-> SERVER-OTHER WolfSSL PSK extension buffer overflow attempt * 1:59600 <-> PROTOCOL-DNS Systemd resolved dns_packet_new buffer overflow attempt * 1:59606 <-> SERVER-WEBAPP Smart Software Solutions CODESYS ControlService stack buffer overflow attempt
* 1:52450 <-> SERVER-OTHER Squid Reverse Proxy malformed Host header buffer overflow attempt * 1:58522 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt * 1:59474 <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt * 1:59475 <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3.1.11.0.
The format of the file is:
gid:sid <-> Message
* 1:59570 <-> SERVER-OTHER Trend Micro Control Manager TVCSCommander SQL injection attempt * 1:59571 <-> SERVER-OTHER Trend Micro Control Manager mdHandlerLicenseManager SQL injection attempt * 1:59572 <-> SERVER-OTHER Trend Micro Control Manager cmdHandlerStatusMonitor SQL injection attempt * 1:59573 <-> PROTOCOL-IMAP Dovecot Pigeonhole string parsing remote code execution attempt * 1:59574 <-> SERVER-ORACLE Oracle Warehouse Builder WB_RT_AUDIT_SHADOW_TABLE SQL injection attempt * 1:59575 <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt * 1:59576 <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt * 1:59577 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt * 1:59578 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt * 1:59579 <-> PROTOCOL-DNS Microsoft DNS server denial of service attempt * 1:59580 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59581 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59582 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59583 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59584 <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt * 1:59585 <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt * 1:59586 <-> SERVER-OTHER TightVNC viewer rfbServerCutText handler integer overflow attempt * 1:59597 <-> SERVER-OTHER WolfSSL PSK extension buffer overflow attempt * 1:59600 <-> PROTOCOL-DNS Systemd resolved dns_packet_new buffer overflow attempt * 1:59606 <-> SERVER-WEBAPP Smart Software Solutions CODESYS ControlService stack buffer overflow attempt
* 1:52450 <-> SERVER-OTHER Squid Reverse Proxy malformed Host header buffer overflow attempt * 1:58522 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt * 1:59474 <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt * 1:59475 <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3.1.15.0.
The format of the file is:
gid:sid <-> Message
* 1:59570 <-> SERVER-OTHER Trend Micro Control Manager TVCSCommander SQL injection attempt * 1:59571 <-> SERVER-OTHER Trend Micro Control Manager mdHandlerLicenseManager SQL injection attempt * 1:59572 <-> SERVER-OTHER Trend Micro Control Manager cmdHandlerStatusMonitor SQL injection attempt * 1:59573 <-> PROTOCOL-IMAP Dovecot Pigeonhole string parsing remote code execution attempt * 1:59574 <-> SERVER-ORACLE Oracle Warehouse Builder WB_RT_AUDIT_SHADOW_TABLE SQL injection attempt * 1:59575 <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt * 1:59576 <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt * 1:59577 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt * 1:59578 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt * 1:59579 <-> PROTOCOL-DNS Microsoft DNS server denial of service attempt * 1:59580 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59581 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59582 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59583 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59584 <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt * 1:59585 <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt * 1:59586 <-> SERVER-OTHER TightVNC viewer rfbServerCutText handler integer overflow attempt * 1:59597 <-> SERVER-OTHER WolfSSL PSK extension buffer overflow attempt * 1:59600 <-> PROTOCOL-DNS Systemd resolved dns_packet_new buffer overflow attempt * 1:59606 <-> SERVER-WEBAPP Smart Software Solutions CODESYS ControlService stack buffer overflow attempt
* 1:52450 <-> SERVER-OTHER Squid Reverse Proxy malformed Host header buffer overflow attempt * 1:58522 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt * 1:59474 <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt * 1:59475 <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3.1.18.0.
The format of the file is:
gid:sid <-> Message
* 1:59570 <-> SERVER-OTHER Trend Micro Control Manager TVCSCommander SQL injection attempt * 1:59571 <-> SERVER-OTHER Trend Micro Control Manager mdHandlerLicenseManager SQL injection attempt * 1:59572 <-> SERVER-OTHER Trend Micro Control Manager cmdHandlerStatusMonitor SQL injection attempt * 1:59573 <-> PROTOCOL-IMAP Dovecot Pigeonhole string parsing remote code execution attempt * 1:59574 <-> SERVER-ORACLE Oracle Warehouse Builder WB_RT_AUDIT_SHADOW_TABLE SQL injection attempt * 1:59575 <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt * 1:59576 <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt * 1:59577 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt * 1:59578 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt * 1:59579 <-> PROTOCOL-DNS Microsoft DNS server denial of service attempt * 1:59580 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59581 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59582 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59583 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59584 <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt * 1:59585 <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt * 1:59586 <-> SERVER-OTHER TightVNC viewer rfbServerCutText handler integer overflow attempt * 1:59597 <-> SERVER-OTHER WolfSSL PSK extension buffer overflow attempt * 1:59600 <-> PROTOCOL-DNS Systemd resolved dns_packet_new buffer overflow attempt * 1:59606 <-> SERVER-WEBAPP Smart Software Solutions CODESYS ControlService stack buffer overflow attempt
* 1:52450 <-> SERVER-OTHER Squid Reverse Proxy malformed Host header buffer overflow attempt * 1:58522 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt * 1:59474 <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt * 1:59475 <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3.1.20.0.
The format of the file is:
gid:sid <-> Message
* 1:59570 <-> SERVER-OTHER Trend Micro Control Manager TVCSCommander SQL injection attempt * 1:59571 <-> SERVER-OTHER Trend Micro Control Manager mdHandlerLicenseManager SQL injection attempt * 1:59572 <-> SERVER-OTHER Trend Micro Control Manager cmdHandlerStatusMonitor SQL injection attempt * 1:59573 <-> PROTOCOL-IMAP Dovecot Pigeonhole string parsing remote code execution attempt * 1:59574 <-> SERVER-ORACLE Oracle Warehouse Builder WB_RT_AUDIT_SHADOW_TABLE SQL injection attempt * 1:59575 <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt * 1:59576 <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt * 1:59577 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt * 1:59578 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt * 1:59579 <-> PROTOCOL-DNS Microsoft DNS server denial of service attempt * 1:59580 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59581 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59582 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59583 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59584 <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt * 1:59585 <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt * 1:59586 <-> SERVER-OTHER TightVNC viewer rfbServerCutText handler integer overflow attempt * 1:59597 <-> SERVER-OTHER WolfSSL PSK extension buffer overflow attempt * 1:59600 <-> PROTOCOL-DNS Systemd resolved dns_packet_new buffer overflow attempt * 1:59606 <-> SERVER-WEBAPP Smart Software Solutions CODESYS ControlService stack buffer overflow attempt
* 1:52450 <-> SERVER-OTHER Squid Reverse Proxy malformed Host header buffer overflow attempt * 1:58522 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt * 1:59474 <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt * 1:59475 <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3.1.21.0.
The format of the file is:
gid:sid <-> Message
* 1:59570 <-> SERVER-OTHER Trend Micro Control Manager TVCSCommander SQL injection attempt * 1:59571 <-> SERVER-OTHER Trend Micro Control Manager mdHandlerLicenseManager SQL injection attempt * 1:59572 <-> SERVER-OTHER Trend Micro Control Manager cmdHandlerStatusMonitor SQL injection attempt * 1:59573 <-> PROTOCOL-IMAP Dovecot Pigeonhole string parsing remote code execution attempt * 1:59574 <-> SERVER-ORACLE Oracle Warehouse Builder WB_RT_AUDIT_SHADOW_TABLE SQL injection attempt * 1:59575 <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt * 1:59576 <-> FILE-MULTIMEDIA libsndfile PAF file integer overflow attempt * 1:59577 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt * 1:59578 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt * 1:59579 <-> PROTOCOL-DNS Microsoft DNS server denial of service attempt * 1:59580 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59581 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59582 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59583 <-> FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt * 1:59584 <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt * 1:59585 <-> FILE-OFFICE Microsoft Office XML nested num tag double-free attempt * 1:59586 <-> SERVER-OTHER TightVNC viewer rfbServerCutText handler integer overflow attempt * 1:59597 <-> SERVER-OTHER WolfSSL PSK extension buffer overflow attempt * 1:59600 <-> PROTOCOL-DNS Systemd resolved dns_packet_new buffer overflow attempt * 1:59606 <-> SERVER-WEBAPP Smart Software Solutions CODESYS ControlService stack buffer overflow attempt
* 1:52450 <-> SERVER-OTHER Squid Reverse Proxy malformed Host header buffer overflow attempt * 1:58522 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt * 1:59474 <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt * 1:59475 <-> FILE-OTHER FreeBSD bspatch utility remote code execution attempt
©2024 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
