[Snort-sigs] Sourcefire VRT Certified Rules Update

Sourcefire VRT research at ...435...
Fri Aug 12 12:59:22 EDT 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sourcefire VRT Certified Rules Update

Synopsis:
The Sourcefire Vulnerability Research Team (VRT) has learned of a
serious vulnerability affecting Microsoft Windows systems, additionally
exploit code that targets the vulnerability is in distribution.

Details:
A programming error in the Plug and Play (PnP) service used by
Microsoft Windows machines can present a remote attacker with the
opportunity to overflow a fixed length buffer, execute code on the
vulnerable system and escalate privileges on the host to the extent
that they could take complete control of the affected machine.

Rules to detect attacks against this vulnerability are included in this
rule pack and are identified as sids 3828 through 4125.

New rules:
3828 - NETBIOS DCERPC DIRECT umpnpmgr alter context attempt
(netbios.rules)
3829 - NETBIOS DCERPC DIRECT umpnpmgr bind attempt (netbios.rules)
3830 - NETBIOS DCERPC DIRECT umpnpmgr little endian alter context
attempt (netbios.rules)
3831 - NETBIOS DCERPC DIRECT umpnpmgr little endian bind attempt
(netbios.rules)
3832 - NETBIOS DCERPC NCACN-IP-TCP umpnpmgr alter context attempt
(netbios.rules)
3833 - NETBIOS DCERPC NCACN-IP-TCP umpnpmgr bind attempt (netbios.rules)
3834 - NETBIOS DCERPC NCACN-IP-TCP umpnpmgr little endian alter
context attempt (netbios.rules)
3835 - NETBIOS DCERPC NCACN-IP-TCP umpnpmgr little endian bind attempt
(netbios.rules)
3836 - NETBIOS SMB umpnpmgr WriteAndX alter context attempt
(netbios.rules)
3837 - NETBIOS SMB umpnpmgr WriteAndX andx alter context attempt
(netbios.rules)
3838 - NETBIOS SMB umpnpmgr WriteAndX andx bind attempt (netbios.rules)
3839 - NETBIOS SMB umpnpmgr WriteAndX bind attempt (netbios.rules)
3840 - NETBIOS SMB umpnpmgr WriteAndX little endian alter context
attempt (netbios.rules)
3841 - NETBIOS SMB umpnpmgr WriteAndX little endian andx alter context
attempt (netbios.rules)
3842 - NETBIOS SMB umpnpmgr WriteAndX little endian andx bind attempt
(netbios.rules)
3843 - NETBIOS SMB umpnpmgr WriteAndX little endian bind attempt
(netbios.rules)
3844 - NETBIOS SMB umpnpmgr WriteAndX unicode alter context attempt
(netbios.rules)
3845 - NETBIOS SMB umpnpmgr WriteAndX unicode andx alter context
attempt (netbios.rules)
3846 - NETBIOS SMB umpnpmgr WriteAndX unicode andx bind attempt
(netbios.rules)
3847 - NETBIOS SMB umpnpmgr WriteAndX unicode bind attempt (netbios.rules)
3848 - NETBIOS SMB umpnpmgr WriteAndX unicode little endian alter
context attempt (netbios.rules)
3849 - NETBIOS SMB umpnpmgr WriteAndX unicode little endian andx alter
context attempt (netbios.rules)
3850 - NETBIOS SMB umpnpmgr WriteAndX unicode little endian andx bind
attempt (netbios.rules)
3851 - NETBIOS SMB umpnpmgr WriteAndX unicode little endian bind
attempt (netbios.rules)
3852 - NETBIOS SMB umpnpmgr alter context attempt (netbios.rules)
3853 - NETBIOS SMB umpnpmgr andx alter context attempt (netbios.rules)
3854 - NETBIOS SMB umpnpmgr andx bind attempt (netbios.rules)
3855 - NETBIOS SMB umpnpmgr bind attempt (netbios.rules)
3856 - NETBIOS SMB umpnpmgr little endian alter context attempt
(netbios.rules)
3857 - NETBIOS SMB umpnpmgr little endian andx alter context attempt
(netbios.rules)
3858 - NETBIOS SMB umpnpmgr little endian andx bind attempt
(netbios.rules)
3859 - NETBIOS SMB umpnpmgr little endian bind attempt (netbios.rules)
3860 - NETBIOS SMB umpnpmgr unicode alter context attempt (netbios.rules)
3861 - NETBIOS SMB umpnpmgr unicode andx alter context attempt
(netbios.rules)
3862 - NETBIOS SMB umpnpmgr unicode andx bind attempt (netbios.rules)
3863 - NETBIOS SMB umpnpmgr unicode bind attempt (netbios.rules)
3864 - NETBIOS SMB umpnpmgr unicode little endian alter context
attempt (netbios.rules)
3865 - NETBIOS SMB umpnpmgr unicode little endian andx alter context
attempt (netbios.rules)
3866 - NETBIOS SMB umpnpmgr unicode little endian andx bind attempt
(netbios.rules)
3867 - NETBIOS SMB umpnpmgr unicode little endian bind attempt
(netbios.rules)
3868 - NETBIOS SMB-DS umpnpmgr WriteAndX alter context attempt
(netbios.rules)
3869 - NETBIOS SMB-DS umpnpmgr WriteAndX andx alter context attempt
(netbios.rules)
3870 - NETBIOS SMB-DS umpnpmgr WriteAndX andx bind attempt (netbios.rules)
3871 - NETBIOS SMB-DS umpnpmgr WriteAndX bind attempt (netbios.rules)
3872 - NETBIOS SMB-DS umpnpmgr WriteAndX little endian alter context
attempt (netbios.rules)
3873 - NETBIOS SMB-DS umpnpmgr WriteAndX little endian andx alter
context attempt (netbios.rules)
3874 - NETBIOS SMB-DS umpnpmgr WriteAndX little endian andx bind
attempt (netbios.rules)
3875 - NETBIOS SMB-DS umpnpmgr WriteAndX little endian bind attempt
(netbios.rules)
3876 - NETBIOS SMB-DS umpnpmgr WriteAndX unicode alter context attempt
(netbios.rules)
3877 - NETBIOS SMB-DS umpnpmgr WriteAndX unicode andx alter context
attempt (netbios.rules)
3878 - NETBIOS SMB-DS umpnpmgr WriteAndX unicode andx bind attempt
(netbios.rules)
3879 - NETBIOS SMB-DS umpnpmgr WriteAndX unicode bind attempt
(netbios.rules)
3880 - NETBIOS SMB-DS umpnpmgr WriteAndX unicode little endian alter
context attempt (netbios.rules)
3881 - NETBIOS SMB-DS umpnpmgr WriteAndX unicode little endian andx
alter context attempt (netbios.rules)
3882 - NETBIOS SMB-DS umpnpmgr WriteAndX unicode little endian andx
bind attempt (netbios.rules)
3883 - NETBIOS SMB-DS umpnpmgr WriteAndX unicode little endian bind
attempt (netbios.rules)
3884 - NETBIOS SMB-DS umpnpmgr alter context attempt (netbios.rules)
3885 - NETBIOS SMB-DS umpnpmgr andx alter context attempt (netbios.rules)
3886 - NETBIOS SMB-DS umpnpmgr andx bind attempt (netbios.rules)
3887 - NETBIOS SMB-DS umpnpmgr bind attempt (netbios.rules)
3888 - NETBIOS SMB-DS umpnpmgr little endian alter context attempt
(netbios.rules)
3889 - NETBIOS SMB-DS umpnpmgr little endian andx alter context
attempt (netbios.rules)
3890 - NETBIOS SMB-DS umpnpmgr little endian andx bind attempt
(netbios.rules)
3891 - NETBIOS SMB-DS umpnpmgr little endian bind attempt (netbios.rules)
3892 - NETBIOS SMB-DS umpnpmgr unicode alter context attempt
(netbios.rules)
3893 - NETBIOS SMB-DS umpnpmgr unicode andx alter context attempt
(netbios.rules)
3894 - NETBIOS SMB-DS umpnpmgr unicode andx bind attempt (netbios.rules)
3895 - NETBIOS SMB-DS umpnpmgr unicode bind attempt (netbios.rules)
3896 - NETBIOS SMB-DS umpnpmgr unicode little endian alter context
attempt (netbios.rules)
3897 - NETBIOS SMB-DS umpnpmgr unicode little endian andx alter
context attempt (netbios.rules)
3898 - NETBIOS SMB-DS umpnpmgr unicode little endian andx bind attempt
(netbios.rules)
3899 - NETBIOS SMB-DS umpnpmgr unicode little endian bind attempt
(netbios.rules)
3900 - NETBIOS DCERPC NCACN-HTTP umpnpmgr alter context attempt
(netbios.rules)
3901 - NETBIOS DCERPC NCACN-HTTP umpnpmgr bind attempt (netbios.rules)
3902 - NETBIOS DCERPC NCACN-HTTP umpnpmgr little endian alter context
attempt (netbios.rules)
3903 - NETBIOS DCERPC NCACN-HTTP umpnpmgr little endian bind attempt
(netbios.rules)
3904 - NETBIOS DCERPC DIRECT-UDP umpnpmgr alter context attempt
(netbios.rules)
3905 - NETBIOS DCERPC DIRECT-UDP umpnpmgr bind attempt (netbios.rules)
3906 - NETBIOS DCERPC DIRECT-UDP umpnpmgr little endian alter context
attempt (netbios.rules)
3907 - NETBIOS DCERPC DIRECT-UDP umpnpmgr little endian bind attempt
(netbios.rules)
3908 - NETBIOS DCERPC NCADG-IP-UDP umpnpmgr alter context attempt
(netbios.rules)
3909 - NETBIOS DCERPC NCADG-IP-UDP umpnpmgr bind attempt (netbios.rules)
3910 - NETBIOS DCERPC NCADG-IP-UDP umpnpmgr little endian alter
context attempt (netbios.rules)
3911 - NETBIOS DCERPC NCADG-IP-UDP umpnpmgr little endian bind attempt
(netbios.rules)
3912 - NETBIOS-DG SMB umpnpmgr WriteAndX alter context attempt
(netbios.rules)
3913 - NETBIOS-DG SMB umpnpmgr WriteAndX andx alter context attempt
(netbios.rules)
3914 - NETBIOS-DG SMB umpnpmgr WriteAndX andx bind attempt (netbios.rules)
3915 - NETBIOS-DG SMB umpnpmgr WriteAndX bind attempt (netbios.rules)
3916 - NETBIOS-DG SMB umpnpmgr WriteAndX little endian alter context
attempt (netbios.rules)
3917 - NETBIOS-DG SMB umpnpmgr WriteAndX little endian andx alter
context attempt (netbios.rules)
3918 - NETBIOS-DG SMB umpnpmgr WriteAndX little endian andx bind
attempt (netbios.rules)
3919 - NETBIOS-DG SMB umpnpmgr WriteAndX little endian bind attempt
(netbios.rules)
3920 - NETBIOS-DG SMB umpnpmgr WriteAndX unicode alter context attempt
(netbios.rules)
3921 - NETBIOS-DG SMB umpnpmgr WriteAndX unicode andx alter context
attempt (netbios.rules)
3922 - NETBIOS-DG SMB umpnpmgr WriteAndX unicode andx bind attempt
(netbios.rules)
3923 - NETBIOS-DG SMB umpnpmgr WriteAndX unicode bind attempt
(netbios.rules)
3924 - NETBIOS-DG SMB umpnpmgr WriteAndX unicode little endian alter
context attempt (netbios.rules)
3925 - NETBIOS-DG SMB umpnpmgr WriteAndX unicode little endian andx
alter context attempt (netbios.rules)
3926 - NETBIOS-DG SMB umpnpmgr WriteAndX unicode little endian andx
bind attempt (netbios.rules)
3927 - NETBIOS-DG SMB umpnpmgr WriteAndX unicode little endian bind
attempt (netbios.rules)
3928 - NETBIOS-DG SMB umpnpmgr alter context attempt (netbios.rules)
3929 - NETBIOS-DG SMB umpnpmgr andx alter context attempt (netbios.rules)
3930 - NETBIOS-DG SMB umpnpmgr andx bind attempt (netbios.rules)
3931 - NETBIOS-DG SMB umpnpmgr bind attempt (netbios.rules)
3932 - NETBIOS-DG SMB umpnpmgr little endian alter context attempt
(netbios.rules)
3933 - NETBIOS-DG SMB umpnpmgr little endian andx alter context
attempt (netbios.rules)
3934 - NETBIOS-DG SMB umpnpmgr little endian andx bind attempt
(netbios.rules)
3935 - NETBIOS-DG SMB umpnpmgr little endian bind attempt (netbios.rules)
3936 - NETBIOS-DG SMB umpnpmgr unicode alter context attempt
(netbios.rules)
3937 - NETBIOS-DG SMB umpnpmgr unicode andx alter context attempt
(netbios.rules)
3938 - NETBIOS-DG SMB umpnpmgr unicode andx bind attempt (netbios.rules)
3939 - NETBIOS-DG SMB umpnpmgr unicode bind attempt (netbios.rules)
3940 - NETBIOS-DG SMB umpnpmgr unicode little endian alter context
attempt (netbios.rules)
3941 - NETBIOS-DG SMB umpnpmgr unicode little endian andx alter
context attempt (netbios.rules)
3942 - NETBIOS-DG SMB umpnpmgr unicode little endian andx bind attempt
(netbios.rules)
3943 - NETBIOS-DG SMB umpnpmgr unicode little endian bind attempt
(netbios.rules)
3944 - NETBIOS DCERPC DIRECT umpnpmgr PNP_QueryResConfList attempt
(netbios.rules)
3945 - NETBIOS DCERPC DIRECT umpnpmgr PNP_QueryResConfList little
endian attempt (netbios.rules)
3946 - NETBIOS DCERPC DIRECT v4 umpnpmgr PNP_QueryResConfList attempt
(netbios.rules)
3947 - NETBIOS DCERPC DIRECT v4 umpnpmgr PNP_QueryResConfList little
endian attempt (netbios.rules)
3948 - NETBIOS DCERPC NCACN-IP-TCP umpnpmgr PNP_QueryResConfList
attempt (netbios.rules)
3949 - NETBIOS DCERPC NCACN-IP-TCP umpnpmgr PNP_QueryResConfList
little endian attempt (netbios.rules)
3950 - NETBIOS DCERPC NCACN-IP-TCP v4 umpnpmgr PNP_QueryResConfList
attempt (netbios.rules)
3951 - NETBIOS DCERPC NCACN-IP-TCP v4 umpnpmgr PNP_QueryResConfList
little endian attempt (netbios.rules)
3952 - NETBIOS SMB umpnpmgr PNP_QueryResConfList WriteAndX andx
attempt (netbios.rules)
3953 - NETBIOS SMB umpnpmgr PNP_QueryResConfList WriteAndX attempt
(netbios.rules)
3954 - NETBIOS SMB umpnpmgr PNP_QueryResConfList WriteAndX little
endian andx attempt (netbios.rules)
3955 - NETBIOS SMB umpnpmgr PNP_QueryResConfList WriteAndX little
endian attempt (netbios.rules)
3956 - NETBIOS SMB umpnpmgr PNP_QueryResConfList WriteAndX unicode
andx attempt (netbios.rules)
3957 - NETBIOS SMB umpnpmgr PNP_QueryResConfList WriteAndX unicode
attempt (netbios.rules)
3958 - NETBIOS SMB umpnpmgr PNP_QueryResConfList WriteAndX unicode
little endian andx attempt (netbios.rules)
3959 - NETBIOS SMB umpnpmgr PNP_QueryResConfList WriteAndX unicode
little endian attempt (netbios.rules)
3960 - NETBIOS SMB umpnpmgr PNP_QueryResConfList andx attempt
(netbios.rules)
3961 - NETBIOS SMB umpnpmgr PNP_QueryResConfList attempt (netbios.rules)
3962 - NETBIOS SMB umpnpmgr PNP_QueryResConfList little endian andx
attempt (netbios.rules)
3963 - NETBIOS SMB umpnpmgr PNP_QueryResConfList little endian attempt
(netbios.rules)
3964 - NETBIOS SMB umpnpmgr PNP_QueryResConfList unicode andx attempt
(netbios.rules)
3965 - NETBIOS SMB umpnpmgr PNP_QueryResConfList unicode attempt
(netbios.rules)
3966 - NETBIOS SMB umpnpmgr PNP_QueryResConfList unicode little endian
andx attempt (netbios.rules)
3967 - NETBIOS SMB umpnpmgr PNP_QueryResConfList unicode little endian
attempt (netbios.rules)
3968 - NETBIOS SMB v4 umpnpmgr PNP_QueryResConfList WriteAndX andx
attempt (netbios.rules)
3969 - NETBIOS SMB v4 umpnpmgr PNP_QueryResConfList WriteAndX attempt
(netbios.rules)
3970 - NETBIOS SMB v4 umpnpmgr PNP_QueryResConfList WriteAndX little
endian andx attempt (netbios.rules)
3971 - NETBIOS SMB v4 umpnpmgr PNP_QueryResConfList WriteAndX little
endian attempt (netbios.rules)
3972 - NETBIOS SMB v4 umpnpmgr PNP_QueryResConfList WriteAndX unicode
andx attempt (netbios.rules)
3973 - NETBIOS SMB v4 umpnpmgr PNP_QueryResConfList WriteAndX unicode
attempt (netbios.rules)
3974 - NETBIOS SMB v4 umpnpmgr PNP_QueryResConfList WriteAndX unicode
little endian andx attempt (netbios.rules)
3975 - NETBIOS SMB v4 umpnpmgr PNP_QueryResConfList WriteAndX unicode
little endian attempt (netbios.rules)
3976 - NETBIOS SMB v4 umpnpmgr PNP_QueryResConfList andx attempt
(netbios.rules)
3977 - NETBIOS SMB v4 umpnpmgr PNP_QueryResConfList attempt
(netbios.rules)
3978 - NETBIOS SMB v4 umpnpmgr PNP_QueryResConfList little endian andx
attempt (netbios.rules)
3979 - NETBIOS SMB v4 umpnpmgr PNP_QueryResConfList little endian
attempt (netbios.rules)
3980 - NETBIOS SMB v4 umpnpmgr PNP_QueryResConfList unicode andx
attempt (netbios.rules)
3981 - NETBIOS SMB v4 umpnpmgr PNP_QueryResConfList unicode attempt
(netbios.rules)
3982 - NETBIOS SMB v4 umpnpmgr PNP_QueryResConfList unicode little
endian andx attempt
(netbios.rules)
3983 - NETBIOS SMB v4 umpnpmgr PNP_QueryResConfList unicode little
endian attempt (netbios.rules)
3984 - NETBIOS SMB-DS umpnpmgr PNP_QueryResConfList WriteAndX andx
attempt (netbios.rules)
3985 - NETBIOS SMB-DS umpnpmgr PNP_QueryResConfList WriteAndX attempt
(netbios.rules)
3986 - NETBIOS SMB-DS umpnpmgr PNP_QueryResConfList WriteAndX little
endian andx attempt (netbios.rules)
3987 - NETBIOS SMB-DS umpnpmgr PNP_QueryResConfList WriteAndX little
endian attempt (netbios.rules)
3988 - NETBIOS SMB-DS umpnpmgr PNP_QueryResConfList WriteAndX unicode
andx attempt (netbios.rules)
3989 - NETBIOS SMB-DS umpnpmgr PNP_QueryResConfList WriteAndX unicode
attempt (netbios.rules)
3990 - NETBIOS SMB-DS umpnpmgr PNP_QueryResConfList WriteAndX unicode
little endian andx attempt (netbios.rules)
3991 - NETBIOS SMB-DS umpnpmgr PNP_QueryResConfList WriteAndX unicode
little endian attempt (netbios.rules)
3992 - NETBIOS SMB-DS umpnpmgr PNP_QueryResConfList andx attempt
(netbios.rules)
3993 - NETBIOS SMB-DS umpnpmgr PNP_QueryResConfList attempt
(netbios.rules)
3994 - NETBIOS SMB-DS umpnpmgr PNP_QueryResConfList little endian andx
attempt (netbios.rules)
3995 - NETBIOS SMB-DS umpnpmgr PNP_QueryResConfList little endian
attempt (netbios.rules)
3996 - NETBIOS SMB-DS umpnpmgr PNP_QueryResConfList unicode andx
attempt (netbios.rules)
3997 - NETBIOS SMB-DS umpnpmgr PNP_QueryResConfList unicode attempt
(netbios.rules)
3998 - NETBIOS SMB-DS umpnpmgr PNP_QueryResConfList unicode little
endian andx attempt (netbios.rules)
3999 - NETBIOS SMB-DS umpnpmgr PNP_QueryResConfList unicode little
endian attempt (netbios.rules)
4000 - NETBIOS SMB-DS v4 umpnpmgr PNP_QueryResConfList WriteAndX andx
attempt (netbios.rules)
4001 - NETBIOS SMB-DS v4 umpnpmgr PNP_QueryResConfList WriteAndX
attempt (netbios.rules)
4002 - NETBIOS SMB-DS v4 umpnpmgr PNP_QueryResConfList WriteAndX
little endian andx attempt (netbios.rules)
4003 - NETBIOS SMB-DS v4 umpnpmgr PNP_QueryResConfList WriteAndX
little endian attempt (netbios.rules)
4004 - NETBIOS SMB-DS v4 umpnpmgr PNP_QueryResConfList WriteAndX
unicode andx attempt (netbios.rules)
4005 - NETBIOS SMB-DS v4 umpnpmgr PNP_QueryResConfList WriteAndX
unicode attempt (netbios.rules)
4006 - NETBIOS SMB-DS v4 umpnpmgr PNP_QueryResConfList WriteAndX
unicode little endian andx attempt (netbios.rules)
4007 - NETBIOS SMB-DS v4 umpnpmgr PNP_QueryResConfList WriteAndX
unicode little endian attempt (netbios.rules)
4008 - NETBIOS SMB-DS v4 umpnpmgr PNP_QueryResConfList andx attempt
(netbios.rules)
4009 - NETBIOS SMB-DS v4 umpnpmgr PNP_QueryResConfList attempt
(netbios.rules)
4010 - NETBIOS SMB-DS v4 umpnpmgr PNP_QueryResConfList little endian
andx attempt (netbios.rules)
4011 - NETBIOS SMB-DS v4 umpnpmgr PNP_QueryResConfList little endian
attempt (netbios.rules)
4012 - NETBIOS SMB-DS v4 umpnpmgr PNP_QueryResConfList unicode andx
attempt (netbios.rules)
4013 - NETBIOS SMB-DS v4 umpnpmgr PNP_QueryResConfList unicode attempt
(netbios.rules)
4014 - NETBIOS SMB-DS v4 umpnpmgr PNP_QueryResConfList unicode little
endian andx attempt (netbios.rules)
4015 - NETBIOS SMB-DS v4 umpnpmgr PNP_QueryResConfList unicode little
endian attempt (netbios.rules)
4016 - NETBIOS DCERPC NCACN-HTTP umpnpmgr PNP_QueryResConfList attempt
(netbios.rules)
4017 - NETBIOS DCERPC NCACN-HTTP umpnpmgr PNP_QueryResConfList little
endian attempt (netbios.rules)
4018 - NETBIOS DCERPC NCACN-HTTP v4 umpnpmgr PNP_QueryResConfList
attempt (netbios.rules)
4019 - NETBIOS DCERPC NCACN-HTTP v4 umpnpmgr PNP_QueryResConfList
little endian attempt (netbios.rules)
4020 - NETBIOS DCERPC DIRECT-UDP umpnpmgr PNP_QueryResConfList attempt
(netbios.rules)
4021 - NETBIOS DCERPC DIRECT-UDP umpnpmgr PNP_QueryResConfList little
endian attempt (netbios.rules)
4022 - NETBIOS DCERPC DIRECT-UDP v4 umpnpmgr PNP_QueryResConfList
attempt (netbios.rules)
4023 - NETBIOS DCERPC DIRECT-UDP v4 umpnpmgr PNP_QueryResConfList
little endian attempt (netbios.rules)
4024 - NETBIOS DCERPC NCADG-IP-UDP umpnpmgr PNP_QueryResConfList
attempt (netbios.rules)
4025 - NETBIOS DCERPC NCADG-IP-UDP umpnpmgr PNP_QueryResConfList
little endian attempt (netbios.rules)
4026 - NETBIOS DCERPC NCADG-IP-UDP v4 umpnpmgr PNP_QueryResConfList
attempt (netbios.rules)
4027 - NETBIOS DCERPC NCADG-IP-UDP v4 umpnpmgr PNP_QueryResConfList
little endian attempt (netbios.rules)
4028 - NETBIOS-DG SMB umpnpmgr PNP_QueryResConfList WriteAndX andx
attempt (netbios.rules)
4029 - NETBIOS-DG SMB umpnpmgr PNP_QueryResConfList WriteAndX attempt
(netbios.rules)
4030 - NETBIOS-DG SMB umpnpmgr PNP_QueryResConfList WriteAndX little
endian andx attempt (netbios.rules)
4031 - NETBIOS-DG SMB umpnpmgr PNP_QueryResConfList WriteAndX little
endian attempt (netbios.rules)
4032 - NETBIOS-DG SMB umpnpmgr PNP_QueryResConfList WriteAndX unicode
andx attempt (netbios.rules)
4033 - NETBIOS-DG SMB umpnpmgr PNP_QueryResConfList WriteAndX unicode
attempt (netbios.rules)
4034 - NETBIOS-DG SMB umpnpmgr PNP_QueryResConfList WriteAndX unicode
little endian andx attempt (netbios.rules)
4035 - NETBIOS-DG SMB umpnpmgr PNP_QueryResConfList WriteAndX unicode
little endian attempt (netbios.rules)
4036 - NETBIOS-DG SMB umpnpmgr PNP_QueryResConfList andx attempt
(netbios.rules)
4037 - NETBIOS-DG SMB umpnpmgr PNP_QueryResConfList attempt
(netbios.rules)
4038 - NETBIOS-DG SMB umpnpmgr PNP_QueryResConfList little endian andx
attempt (netbios.rules)
4039 - NETBIOS-DG SMB umpnpmgr PNP_QueryResConfList little endian
attempt (netbios.rules)
4040 - NETBIOS-DG SMB umpnpmgr PNP_QueryResConfList unicode andx
attempt (netbios.rules)
4041 - NETBIOS-DG SMB umpnpmgr PNP_QueryResConfList unicode attempt
(netbios.rules)
4042 - NETBIOS-DG SMB umpnpmgr PNP_QueryResConfList unicode little
endian andx attempt
(netbios.rules)
4043 - NETBIOS-DG SMB umpnpmgr PNP_QueryResConfList unicode little
endian attempt (netbios.rules)
4044 - NETBIOS-DG SMB v4 umpnpmgr PNP_QueryResConfList WriteAndX andx
attempt (netbios.rules)
4045 - NETBIOS-DG SMB v4 umpnpmgr PNP_QueryResConfList WriteAndX
attempt (netbios.rules)
4046 - NETBIOS-DG SMB v4 umpnpmgr PNP_QueryResConfList WriteAndX
little endian andx attempt (netbios.rules)
4047 - NETBIOS-DG SMB v4 umpnpmgr PNP_QueryResConfList WriteAndX
little endian attempt (netbios.rules)
4048 - NETBIOS-DG SMB v4 umpnpmgr PNP_QueryResConfList WriteAndX
unicode andx attempt (netbios.rules)
4049 - NETBIOS-DG SMB v4 umpnpmgr PNP_QueryResConfList WriteAndX
unicode attempt (netbios.rules)
4050 - NETBIOS-DG SMB v4 umpnpmgr PNP_QueryResConfList WriteAndX
unicode little endian andx attempt (netbios.rules)
4051 - NETBIOS-DG SMB v4 umpnpmgr PNP_QueryResConfList WriteAndX
unicode little endian attempt (netbios.rules)
4052 - NETBIOS-DG SMB v4 umpnpmgr PNP_QueryResConfList andx attempt
(netbios.rules)
4053 - NETBIOS-DG SMB v4 umpnpmgr PNP_QueryResConfList attempt
(netbios.rules)
4054 - NETBIOS-DG SMB v4 umpnpmgr PNP_QueryResConfList little endian
andx attempt (netbios.rules)
4055 - NETBIOS-DG SMB v4 umpnpmgr PNP_QueryResConfList little endian
attempt (netbios.rules)
4056 - NETBIOS-DG SMB v4 umpnpmgr PNP_QueryResConfList unicode andx
attempt (netbios.rules)
4057 - NETBIOS-DG SMB v4 umpnpmgr PNP_QueryResConfList unicode attempt
(netbios.rules)
4058 - NETBIOS-DG SMB v4 umpnpmgr PNP_QueryResConfList unicode little
endian andx attempt (netbios.rules)
4059 - NETBIOS-DG SMB v4 umpnpmgr PNP_QueryResConfList unicode little
endian attempt (netbios.rules)
4060 - NEW POLICY RDP attempted Administrator connection request
(policy.rules)
4061 - NETBIOS SMB umpnpmgr PNP_DetectResourceConflict WriteAndX andx
attempt (netbios.rules)
4062 - NETBIOS SMB umpnpmgr PNP_DetectResourceConflict WriteAndX
attempt (netbios.rules)
4063 - NETBIOS SMB umpnpmgr PNP_DetectResourceConflict WriteAndX
little endian andx attempt (netbios.rules)
4064 - NETBIOS SMB umpnpmgr PNP_DetectResourceConflict WriteAndX
little endian attempt (netbios.rules)
4065 - NETBIOS SMB umpnpmgr PNP_DetectResourceConflict WriteAndX
unicode andx attempt (netbios.rules)
4066 - NETBIOS SMB umpnpmgr PNP_DetectResourceConflict WriteAndX
unicode attempt (netbios.rules)
4067 - NETBIOS SMB umpnpmgr PNP_DetectResourceConflict WriteAndX
unicode little endian andx attempt (netbios.rules)
4068 - NETBIOS SMB umpnpmgr PNP_DetectResourceConflict WriteAndX
unicode little endian attempt (netbios.rules)
4069 - NETBIOS SMB umpnpmgr PNP_DetectResourceConflict andx attempt
(netbios.rules)
4070 - NETBIOS SMB umpnpmgr PNP_DetectResourceConflict attempt
(netbios.rules)
4071 - NETBIOS SMB umpnpmgr PNP_DetectResourceConflict little endian
andx attempt (netbios.rules)
4072 - NETBIOS SMB umpnpmgr PNP_DetectResourceConflict little endian
attempt (netbios.rules)
4073 - NETBIOS SMB umpnpmgr PNP_DetectResourceConflict unicode andx
attempt (netbios.rules)
4074 - NETBIOS SMB umpnpmgr PNP_DetectResourceConflict unicode attempt
(netbios.rules)
4075 - NETBIOS SMB umpnpmgr PNP_DetectResourceConflict unicode little
endian andx attempt (netbios.rules)
4076 - NETBIOS SMB umpnpmgr PNP_DetectResourceConflict unicode little
endian attempt (netbios.rules)
4077 - NETBIOS SMB v4 umpnpmgr PNP_DetectResourceConflict WriteAndX
andx attempt (netbios.rules)
4078 - NETBIOS SMB v4 umpnpmgr PNP_DetectResourceConflict WriteAndX
attempt (netbios.rules)
4079 - NETBIOS SMB v4 umpnpmgr PNP_DetectResourceConflict WriteAndX
little endian andx attempt (netbios.rules)
4080 - NETBIOS SMB v4 umpnpmgr PNP_DetectResourceConflict WriteAndX
little endian attempt (netbios.rules)
4081 - NETBIOS SMB v4 umpnpmgr PNP_DetectResourceConflict WriteAndX
unicode andx attempt (netbios.rules)
4082 - NETBIOS SMB v4 umpnpmgr PNP_DetectResourceConflict WriteAndX
unicode attempt (netbios.rules)
4083 - NETBIOS SMB v4 umpnpmgr PNP_DetectResourceConflict WriteAndX
unicode little endian andx attempt (netbios.rules)
4084 - NETBIOS SMB v4 umpnpmgr PNP_DetectResourceConflict WriteAndX
unicode little endian attempt (netbios.rules)
4085 - NETBIOS SMB v4 umpnpmgr PNP_DetectResourceConflict andx attempt
(netbios.rules)
4086 - NETBIOS SMB v4 umpnpmgr PNP_DetectResourceConflict attempt
(netbios.rules)
4087 - NETBIOS SMB v4 umpnpmgr PNP_DetectResourceConflict little
endian andx attempt (netbios.rules)
4088 - NETBIOS SMB v4 umpnpmgr PNP_DetectResourceConflict little
endian attempt (netbios.rules)
4089 - NETBIOS SMB v4 umpnpmgr PNP_DetectResourceConflict unicode andx
attempt (netbios.rules)
4090 - NETBIOS SMB v4 umpnpmgr PNP_DetectResourceConflict unicode
attempt (netbios.rules)
4091 - NETBIOS SMB v4 umpnpmgr PNP_DetectResourceConflict unicode
little endian andx attempt (netbios.rules)
4092 - NETBIOS SMB v4 umpnpmgr PNP_DetectResourceConflict unicode
little endian attempt (netbios.rules)
4093 - NETBIOS SMB-DS umpnpmgr PNP_DetectResourceConflict WriteAndX
andx attempt (netbios.rules)
4094 - NETBIOS SMB-DS umpnpmgr PNP_DetectResourceConflict WriteAndX
attempt (netbios.rules)
4095 - NETBIOS SMB-DS umpnpmgr PNP_DetectResourceConflict WriteAndX
little endian andx attempt (netbios.rules)
4096 - NETBIOS SMB-DS umpnpmgr PNP_DetectResourceConflict WriteAndX
little endian attempt (netbios.rules)
4097 - NETBIOS SMB-DS umpnpmgr PNP_DetectResourceConflict WriteAndX
unicode andx attempt (netbios.rules)
4098 - NETBIOS SMB-DS umpnpmgr PNP_DetectResourceConflict WriteAndX
unicode attempt (netbios.rules)
4099 - NETBIOS SMB-DS umpnpmgr PNP_DetectResourceConflict WriteAndX
unicode little endian andx attempt (netbios.rules)
4100 - NETBIOS SMB-DS umpnpmgr PNP_DetectResourceConflict WriteAndX
unicode little endian attempt (netbios.rules)
4101 - NETBIOS SMB-DS umpnpmgr PNP_DetectResourceConflict andx attempt
(netbios.rules)
4102 - NETBIOS SMB-DS umpnpmgr PNP_DetectResourceConflict attempt
(netbios.rules)
4103 - NETBIOS SMB-DS umpnpmgr PNP_DetectResourceConflict little
endian andx attempt (netbios.rules)
4104 - NETBIOS SMB-DS umpnpmgr PNP_DetectResourceConflict little
endian attempt (netbios.rules)
4105 - NETBIOS SMB-DS umpnpmgr PNP_DetectResourceConflict unicode andx
attempt (netbios.rules)
4106 - NETBIOS SMB-DS umpnpmgr PNP_DetectResourceConflict unicode
attempt (netbios.rules)
4107 - NETBIOS SMB-DS umpnpmgr PNP_DetectResourceConflict unicode
little endian andx attempt (netbios.rules)
4108 - NETBIOS SMB-DS umpnpmgr PNP_DetectResourceConflict unicode
little endian attempt (netbios.rules)
4109 - NETBIOS SMB-DS v4 umpnpmgr PNP_DetectResourceConflict WriteAndX
andx attempt (netbios.rules)
4110 - NETBIOS SMB-DS v4 umpnpmgr PNP_DetectResourceConflict WriteAndX
attempt (netbios.rules)
4111 - NETBIOS SMB-DS v4 umpnpmgr PNP_DetectResourceConflict WriteAndX
little endian andx attempt (netbios.rules)
4112 - NETBIOS SMB-DS v4 umpnpmgr PNP_DetectResourceConflict WriteAndX
little endian attempt (netbios.rules)
4113 - NETBIOS SMB-DS v4 umpnpmgr PNP_DetectResourceConflict WriteAndX
unicode andx attempt (netbios.rules)
4114 - NETBIOS SMB-DS v4 umpnpmgr PNP_DetectResourceConflict WriteAndX
unicode attempt (netbios.rules)
4115 - NETBIOS SMB-DS v4 umpnpmgr PNP_DetectResourceConflict WriteAndX
unicode little endian andx attempt (netbios.rules)
4116 - NETBIOS SMB-DS v4 umpnpmgr PNP_DetectResourceConflict WriteAndX
unicode little endian attempt (netbios.rules)
4117 - NETBIOS SMB-DS v4 umpnpmgr PNP_DetectResourceConflict andx
attempt (netbios.rules)
4118 - NETBIOS SMB-DS v4 umpnpmgr PNP_DetectResourceConflict attempt
(netbios.rules)
4119 - NETBIOS SMB-DS v4 umpnpmgr PNP_DetectResourceConflict little
endian andx attempt (netbios.rules)
4120 - NETBIOS SMB-DS v4 umpnpmgr PNP_DetectResourceConflict little
endian attempt (netbios.rules)
4121 - NETBIOS SMB-DS v4 umpnpmgr PNP_DetectResourceConflict unicode
andx attempt (netbios.rules)
4122 - NETBIOS SMB-DS v4 umpnpmgr PNP_DetectResourceConflict unicode
attempt (netbios.rules)
4123 - NETBIOS SMB-DS v4 umpnpmgr PNP_DetectResourceConflict unicode
little endian andx attempt (netbios.rules)
4124 - NETBIOS SMB-DS v4 umpnpmgr PNP_DetectResourceConflict unicode
little endian attempt (netbios.rules)
4125 - NETBIOS-DG SMB v4 umpnpmgr PNP_DetectResourceConflict unicode
little endian andx attempt (netbios.rules)

~ Updated rules:
686 - MS-SQL xp_reg* - registry access (sql.rules)
2048 - MISC rsyncd overflow attempt (misc.rules)
3072 - IMAP status overflow attempt (imap.rules)
3192 - WEB-CLIENT Windows Media Player directory traversal via
Content-Disposition attempt (web-client.rules)
3456 - MYSQL 4.0 root login attempt (mysql.rules)
3472 - EXPLOIT ARCserve discovery service overflow (exploit.rules)
3544 - WEB-MISC TrackerCam ComGetLogFile.php3 directory traversal
attempt (web-misc.rules)
3545 - WEB-MISC TrackerCam ComGetLogFile.php3 log information
disclosure (web-misc.rules)
3666 - MYSQL server greeting finished (mysql.rules)
3668 - MYSQL client authentication bypass attempt (mysql.rules)
3677 - EXPLOIT Ethereal SIP UDP CSeq overflow attempt (exploit.rules)
3678 - EXPLOIT Ethereal SIP UDP CSeq overflow attempt (exploit.rules)

Cheers
Matthew Watchinski
Director, Vulnerability Research
Sourcefire, Inc.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (Darwin)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFC/PPHMnMRC51b9Y4RAs7dAJ9JLG4DFW5AQyXFdHyoJfu+S7VUJACfalGU
tGuHYlUfzyXA4a63oHT7Ljw=
=ADyX
-----END PGP SIGNATURE-----





More information about the Snort-sigs mailing list