[Snort-sigs] Sourcefire VRT Certified Rules Update

Sourcefire VRT research at ...435...
Tue Oct 25 17:58:05 EDT 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sourcefire VRT Certified Rules Update

Synopsis:
The Sourcefire Vulnerability Research Team (VRT) has learned of
multiple vulnerabilities affecting hosts using the Microsoft operating
system.


Details:
Microsoft Security Bulletin MS05-046:

A vulnerability in the implementation of the Client Service for Netware
exists due to a programming error which may present an attacker with
the opportunity to exploit the service and run code of their choosing
on an affected system.

Rules to detect exploits aimed at this vulnerability are included in
this rule pack and are identified as sids 4509 through 4636.

Microsoft Security Bulletin MS05-043:

A vulnerability in the implementation of the Print Spooler Service on
Microsoft Windows systems exists due to a programming error which may
present an attacker with the opportunity to exploit the service and run
code of their choosing on an affected system.

Rules to detect exploits against this vulnerability are included in
this rule pack and are identified as sids 4381 through 4508.
New rules:
4381 - NETBIOS SMB-DS spoolss WriteAndX alter context attempt
(netbios.rules)
4382 - NETBIOS SMB-DS spoolss WriteAndX andx alter context attempt
(netbios.rules)
4383 - NETBIOS SMB-DS spoolss WriteAndX andx bind attempt (netbios.rules)
4384 - NETBIOS SMB-DS spoolss WriteAndX bind attempt (netbios.rules)
4385 - NETBIOS SMB-DS spoolss WriteAndX little endian alter context
attempt (netbios.rules)
4386 - NETBIOS SMB-DS spoolss WriteAndX little endian andx alter
context attempt (netbios.rules)
4387 - NETBIOS SMB-DS spoolss WriteAndX little endian andx bind
attempt (netbios.rules)
4388 - NETBIOS SMB-DS spoolss WriteAndX little endian bind attempt
(netbios.rules)
4389 - NETBIOS SMB-DS spoolss WriteAndX unicode alter context attempt
(netbios.rules)
4390 - NETBIOS SMB-DS spoolss WriteAndX unicode andx alter context
attempt (netbios.rules)
4391 - NETBIOS SMB-DS spoolss WriteAndX unicode andx bind attempt
(netbios.rules)
4392 - NETBIOS SMB-DS spoolss WriteAndX unicode bind attempt
(netbios.rules)
4393 - NETBIOS SMB-DS spoolss WriteAndX unicode little endian alter
context attempt (netbios.rules)
4394 - NETBIOS SMB-DS spoolss WriteAndX unicode little endian andx
alter context attempt (netbios.rules)
4395 - NETBIOS SMB-DS spoolss WriteAndX unicode little endian andx
bind attempt (netbios.rules)
4396 - NETBIOS SMB-DS spoolss WriteAndX unicode little endian bind
attempt (netbios.rules)
4397 - NETBIOS SMB-DS spoolss alter context attempt (netbios.rules)
4398 - NETBIOS SMB-DS spoolss andx alter context attempt (netbios.rules)
4399 - NETBIOS SMB-DS spoolss andx bind attempt (netbios.rules)
4400 - NETBIOS SMB-DS spoolss bind attempt (netbios.rules)
4401 - NETBIOS SMB-DS spoolss little endian alter context attempt
(netbios.rules)
4402 - NETBIOS SMB-DS spoolss little endian andx alter context attempt
(netbios.rules)
4403 - NETBIOS SMB-DS spoolss little endian andx bind attempt
(netbios.rules)
4404 - NETBIOS SMB-DS spoolss little endian bind attempt (netbios.rules)
4405 - NETBIOS SMB-DS spoolss unicode alter context attempt
(netbios.rules)
4406 - NETBIOS SMB-DS spoolss unicode andx alter context attempt
(netbios.rules)
4407 - NETBIOS SMB-DS spoolss unicode andx bind attempt (netbios.rules)
4408 - NETBIOS SMB-DS spoolss unicode bind attempt (netbios.rules)
4409 - NETBIOS SMB-DS spoolss unicode little endian alter context
attempt (netbios.rules)
4410 - NETBIOS SMB-DS spoolss unicode little endian andx alter context
attempt (netbios.rules)
4411 - NETBIOS SMB-DS spoolss unicode little endian andx bind attempt
(netbios.rules)
4412 - NETBIOS SMB-DS spoolss unicode little endian bind attempt
(netbios.rules)
4413 - NETBIOS SMB-DS spoolss AddPrinterEx WriteAndX andx overflow
attempt (netbios.rules)
4414 - NETBIOS SMB-DS spoolss AddPrinterEx WriteAndX little endian
andx overflow attempt (netbios.rules)
4415 - NETBIOS SMB-DS spoolss AddPrinterEx WriteAndX little endian
overflow attempt (netbios.rules)
4416 - NETBIOS SMB-DS spoolss AddPrinterEx WriteAndX overflow attempt
(netbios.rules)
4417 - NETBIOS SMB-DS spoolss AddPrinterEx WriteAndX unicode andx
overflow attempt (netbios.rules)
4418 - NETBIOS SMB-DS spoolss AddPrinterEx WriteAndX unicode little
endian andx overflow attempt (netbios.rules)
4419 - NETBIOS SMB-DS spoolss AddPrinterEx WriteAndX unicode little
endian overflow attempt (netbios.rules)
4420 - NETBIOS SMB-DS spoolss AddPrinterEx WriteAndX unicode overflow
attempt (netbios.rules)
4421 - NETBIOS SMB-DS spoolss AddPrinterEx andx overflow attempt
(netbios.rules)
4422 - NETBIOS SMB-DS spoolss AddPrinterEx little endian andx overflow
attempt (netbios.rules)
4423 - NETBIOS SMB-DS spoolss AddPrinterEx little endian overflow
attempt (netbios.rules)
4424 - NETBIOS SMB-DS spoolss AddPrinterEx overflow attempt
(netbios.rules)
4425 - NETBIOS SMB-DS spoolss AddPrinterEx unicode andx overflow
attempt (netbios.rules)
4426 - NETBIOS SMB-DS spoolss AddPrinterEx unicode little endian andx
overflow attempt (netbios.rules)
4427 - NETBIOS SMB-DS spoolss AddPrinterEx unicode little endian
overflow attempt (netbios.rules)
4428 - NETBIOS SMB-DS spoolss AddPrinterEx unicode overflow attempt
(netbios.rules)
4429 - NETBIOS SMB-DS v4 spoolss AddPrinterEx WriteAndX andx overflow
attempt (netbios.rules)
4430 - NETBIOS SMB-DS v4 spoolss AddPrinterEx WriteAndX little endian
andx overflow attempt (netbios.rules)
4431 - NETBIOS SMB-DS v4 spoolss AddPrinterEx WriteAndX little endian
overflow attempt (netbios.rules)
4432 - NETBIOS SMB-DS v4 spoolss AddPrinterEx WriteAndX overflow
attempt (netbios.rules)
4433 - NETBIOS SMB-DS v4 spoolss AddPrinterEx WriteAndX unicode andx
overflow attempt (netbios.rules)
4434 - NETBIOS SMB-DS v4 spoolss AddPrinterEx WriteAndX unicode little
endian andx overflow attempt (netbios.rules)
4435 - NETBIOS SMB-DS v4 spoolss AddPrinterEx WriteAndX unicode little
endian overflow attempt (netbios.rules)
4436 - NETBIOS SMB-DS v4 spoolss AddPrinterEx WriteAndX unicode
overflow attempt (netbios.rules)
4437 - NETBIOS SMB-DS v4 spoolss AddPrinterEx andx overflow attempt
(netbios.rules)
4438 - NETBIOS SMB-DS v4 spoolss AddPrinterEx little endian andx
overflow attempt (netbios.rules)
4439 - NETBIOS SMB-DS v4 spoolss AddPrinterEx little endian overflow
attempt (netbios.rules)
4440 - NETBIOS SMB-DS v4 spoolss AddPrinterEx overflow attempt
(netbios.rules)
4441 - NETBIOS SMB-DS v4 spoolss AddPrinterEx unicode andx overflow
attempt (netbios.rules)
4442 - NETBIOS SMB-DS v4 spoolss AddPrinterEx unicode little endian
andx overflow attempt (netbios.rules)
4443 - NETBIOS SMB-DS v4 spoolss AddPrinterEx unicode little endian
overflow attempt (netbios.rules)
4444 - NETBIOS SMB-DS v4 spoolss AddPrinterEx unicode overflow attempt
(netbios.rules)
4445 - NETBIOS SMB spoolss WriteAndX alter context attempt (netbios.rules)
4446 - NETBIOS SMB spoolss WriteAndX andx alter context attempt
(netbios.rules)
4447 - NETBIOS SMB spoolss WriteAndX andx bind attempt (netbios.rules)
4448 - NETBIOS SMB spoolss WriteAndX bind attempt (netbios.rules)
4449 - NETBIOS SMB spoolss WriteAndX little endian alter context
attempt (netbios.rules)
4450 - NETBIOS SMB spoolss WriteAndX little endian andx alter context
attempt (netbios.rules)
4451 - NETBIOS SMB spoolss WriteAndX little endian andx bind attempt
(netbios.rules)
4452 - NETBIOS SMB spoolss WriteAndX little endian bind attempt
(netbios.rules)
4453 - NETBIOS SMB spoolss WriteAndX unicode alter context attempt
(netbios.rules)
4454 - NETBIOS SMB spoolss WriteAndX unicode andx alter context
attempt (netbios.rules)
4455 - NETBIOS SMB spoolss WriteAndX unicode andx bind attempt
(netbios.rules)
4456 - NETBIOS SMB spoolss WriteAndX unicode bind attempt (netbios.rules)
4457 - NETBIOS SMB spoolss WriteAndX unicode little endian alter
context attempt (netbios.rules)
4458 - NETBIOS SMB spoolss WriteAndX unicode little endian andx alter
context attempt (netbios.rules)
4459 - NETBIOS SMB spoolss WriteAndX unicode little endian andx bind
attempt (netbios.rules)
4460 - NETBIOS SMB spoolss WriteAndX unicode little endian bind
attempt (netbios.rules)
4461 - NETBIOS SMB spoolss alter context attempt (netbios.rules)
4462 - NETBIOS SMB spoolss andx alter context attempt (netbios.rules)
4463 - NETBIOS SMB spoolss andx bind attempt (netbios.rules)
4464 - NETBIOS SMB spoolss bind attempt (netbios.rules)
4465 - NETBIOS SMB spoolss little endian alter context attempt
(netbios.rules)
4466 - NETBIOS SMB spoolss little endian andx alter context attempt
(netbios.rules)
4467 - NETBIOS SMB spoolss little endian andx bind attempt (netbios.rules)
4468 - NETBIOS SMB spoolss little endian bind attempt (netbios.rules)
4469 - NETBIOS SMB spoolss unicode alter context attempt (netbios.rules)
4470 - NETBIOS SMB spoolss unicode andx alter context attempt
(netbios.rules)
4471 - NETBIOS SMB spoolss unicode andx bind attempt (netbios.rules)
4472 - NETBIOS SMB spoolss unicode bind attempt (netbios.rules)
4473 - NETBIOS SMB spoolss unicode little endian alter context attempt
(netbios.rules)
4474 - NETBIOS SMB spoolss unicode little endian andx alter context
attempt (netbios.rules)
4475 - NETBIOS SMB spoolss unicode little endian andx bind attempt
(netbios.rules)
4476 - NETBIOS SMB spoolss unicode little endian bind attempt
(netbios.rules)
4477 - NETBIOS SMB spoolss AddPrinterEx WriteAndX andx overflow
attempt (netbios.rules)
4478 - NETBIOS SMB spoolss AddPrinterEx WriteAndX little endian andx
overflow attempt (netbios.rules)
4479 - NETBIOS SMB spoolss AddPrinterEx WriteAndX little endian
overflow attempt (netbios.rules)
4480 - NETBIOS SMB spoolss AddPrinterEx WriteAndX overflow attempt
(netbios.rules)
4481 - NETBIOS SMB spoolss AddPrinterEx WriteAndX unicode andx
overflow attempt (netbios.rules)
4482 - NETBIOS SMB spoolss AddPrinterEx WriteAndX unicode little
endian andx overflow attempt (netbios.rules)
4483 - NETBIOS SMB spoolss AddPrinterEx WriteAndX unicode little
endian overflow attempt (netbios.rules)
4484 - NETBIOS SMB spoolss AddPrinterEx WriteAndX unicode overflow
attempt (netbios.rules)
4485 - NETBIOS SMB spoolss AddPrinterEx andx overflow attempt
(netbios.rules)
4486 - NETBIOS SMB spoolss AddPrinterEx little endian andx overflow
attempt (netbios.rules)
4487 - NETBIOS SMB spoolss AddPrinterEx little endian overflow attempt
(netbios.rules)
4488 - NETBIOS SMB spoolss AddPrinterEx overflow attempt (netbios.rules)
4489 - NETBIOS SMB spoolss AddPrinterEx unicode andx overflow attempt
(netbios.rules)
4490 - NETBIOS SMB spoolss AddPrinterEx unicode little endian andx
overflow attempt (netbios.rules)
4491 - NETBIOS SMB spoolss AddPrinterEx unicode little endian overflow
attempt (netbios.rules)
4492 - NETBIOS SMB spoolss AddPrinterEx unicode overflow attempt
(netbios.rules)
4493 - NETBIOS SMB v4 spoolss AddPrinterEx WriteAndX andx overflow
attempt (netbios.rules)
4494 - NETBIOS SMB v4 spoolss AddPrinterEx WriteAndX little endian
andx overflow attempt (netbios.rules)
4495 - NETBIOS SMB v4 spoolss AddPrinterEx WriteAndX little endian
overflow attempt (netbios.rules)
4496 - NETBIOS SMB v4 spoolss AddPrinterEx WriteAndX overflow attempt
(netbios.rules)
4497 - NETBIOS SMB v4 spoolss AddPrinterEx WriteAndX unicode andx
overflow attempt (netbios.rules)
4498 - NETBIOS SMB v4 spoolss AddPrinterEx WriteAndX unicode little
endian andx overflow attempt (netbios.rules)
4499 - NETBIOS SMB v4 spoolss AddPrinterEx WriteAndX unicode little
endian overflow attempt (netbios.rules)
4500 - NETBIOS SMB v4 spoolss AddPrinterEx WriteAndX unicode overflow
attempt (netbios.rules)
4501 - NETBIOS SMB v4 spoolss AddPrinterEx andx overflow attempt
(netbios.rules)
4502 - NETBIOS SMB v4 spoolss AddPrinterEx little endian andx overflow
attempt (netbios.rules)
4503 - NETBIOS SMB v4 spoolss AddPrinterEx little endian overflow
attempt (netbios.rules)
4504 - NETBIOS SMB v4 spoolss AddPrinterEx overflow attempt
(netbios.rules)
4505 - NETBIOS SMB v4 spoolss AddPrinterEx unicode andx overflow
attempt (netbios.rules)
4506 - NETBIOS SMB v4 spoolss AddPrinterEx unicode little endian andx
overflow attempt (netbios.rules)
4507 - NETBIOS SMB v4 spoolss AddPrinterEx unicode little endian
overflow attempt (netbios.rules)
4508 - NETBIOS SMB v4 spoolss AddPrinterEx unicode overflow attempt
(netbios.rules)
4509 - NETBIOS SMB netware_cs WriteAndX alter context attempt
(netbios.rules)
4510 - NETBIOS SMB netware_cs WriteAndX andx alter context attempt
(netbios.rules)
4511 - NETBIOS SMB netware_cs WriteAndX andx bind attempt (netbios.rules)
4512 - NETBIOS SMB netware_cs WriteAndX bind attempt (netbios.rules)
4513 - NETBIOS SMB netware_cs WriteAndX little endian alter context
attempt (netbios.rules)
4514 - NETBIOS SMB netware_cs WriteAndX little endian andx alter
context attempt (netbios.rules)
4515 - NETBIOS SMB netware_cs WriteAndX little endian andx bind
attempt (netbios.rules)
4516 - NETBIOS SMB netware_cs WriteAndX little endian bind attempt
(netbios.rules)
4517 - NETBIOS SMB netware_cs WriteAndX unicode alter context attempt
(netbios.rules)
4518 - NETBIOS SMB netware_cs WriteAndX unicode andx alter context
attempt (netbios.rules)
4519 - NETBIOS SMB netware_cs WriteAndX unicode andx bind attempt
(netbios.rules)
4520 - NETBIOS SMB netware_cs WriteAndX unicode bind attempt
(netbios.rules)
4521 - NETBIOS SMB netware_cs WriteAndX unicode little endian alter
context attempt (netbios.rules)
4522 - NETBIOS SMB netware_cs WriteAndX unicode little endian andx
alter context attempt (netbios.rules)
4523 - NETBIOS SMB netware_cs WriteAndX unicode little endian andx
bind attempt (netbios.rules)
4524 - NETBIOS SMB netware_cs WriteAndX unicode little endian bind
attempt (netbios.rules)
4525 - NETBIOS SMB netware_cs alter context attempt (netbios.rules)
4526 - NETBIOS SMB netware_cs andx alter context attempt (netbios.rules)
4527 - NETBIOS SMB netware_cs andx bind attempt (netbios.rules)
4528 - NETBIOS SMB netware_cs bind attempt (netbios.rules)
4529 - NETBIOS SMB netware_cs little endian alter context attempt
(netbios.rules)
4530 - NETBIOS SMB netware_cs little endian andx alter context attempt
(netbios.rules)
4531 - NETBIOS SMB netware_cs little endian andx bind attempt
(netbios.rules)
4532 - NETBIOS SMB netware_cs little endian bind attempt (netbios.rules)
4533 - NETBIOS SMB netware_cs unicode alter context attempt
(netbios.rules)
4534 - NETBIOS SMB netware_cs unicode andx alter context attempt
(netbios.rules)
4535 - NETBIOS SMB netware_cs unicode andx bind attempt (netbios.rules)
4536 - NETBIOS SMB netware_cs unicode bind attempt (netbios.rules)
4537 - NETBIOS SMB netware_cs unicode little endian alter context
attempt (netbios.rules)
4538 - NETBIOS SMB netware_cs unicode little endian andx alter context
attempt (netbios.rules)
4539 - NETBIOS SMB netware_cs unicode little endian andx bind attempt
(netbios.rules)
4540 - NETBIOS SMB netware_cs unicode little endian bind attempt
(netbios.rules)
4541 - NETBIOS SMB netware_cs function 43 WriteAndX andx overflow
attempt (netbios.rules)
4542 - NETBIOS SMB netware_cs function 43 WriteAndX little endian andx
overflow attempt (netbios.rules)
4543 - NETBIOS SMB netware_cs function 43 WriteAndX little endian
overflow attempt (netbios.rules)
4544 - NETBIOS SMB netware_cs function 43 WriteAndX overflow attempt
(netbios.rules)
4545 - NETBIOS SMB netware_cs function 43 WriteAndX unicode andx
overflow attempt (netbios.rules)
4546 - NETBIOS SMB netware_cs function 43 WriteAndX unicode little
endian andx overflow attempt (netbios.rules)
4547 - NETBIOS SMB netware_cs function 43 WriteAndX unicode little
endian overflow attempt (netbios.rules)
4548 - NETBIOS SMB netware_cs function 43 WriteAndX unicode overflow
attempt (netbios.rules)
4549 - NETBIOS SMB netware_cs function 43 andx overflow attempt
(netbios.rules)
4550 - NETBIOS SMB netware_cs function 43 little endian andx overflow
attempt (netbios.rules)
4551 - NETBIOS SMB netware_cs function 43 little endian overflow
attempt (netbios.rules)
4552 - NETBIOS SMB netware_cs function 43 overflow attempt (netbios.rules)
4553 - NETBIOS SMB netware_cs function 43 unicode andx overflow
attempt (netbios.rules)
4554 - NETBIOS SMB netware_cs function 43 unicode little endian andx
overflow attempt (netbios.rules)
4555 - NETBIOS SMB netware_cs function 43 unicode little endian
overflow attempt (netbios.rules)
4556 - NETBIOS SMB netware_cs function 43 unicode overflow attempt
(netbios.rules)
4557 - NETBIOS SMB v4 netware_cs function 43 WriteAndX andx overflow
attempt (netbios.rules)
4558 - NETBIOS SMB v4 netware_cs function 43 WriteAndX little endian
andx overflow attempt (netbios.rules)
4559 - NETBIOS SMB v4 netware_cs function 43 WriteAndX little endian
overflow attempt (netbios.rules)
4560 - NETBIOS SMB v4 netware_cs function 43 WriteAndX overflow
attempt (netbios.rules)
4561 - NETBIOS SMB v4 netware_cs function 43 WriteAndX unicode andx
overflow attempt (netbios.rules)
4562 - NETBIOS SMB v4 netware_cs function 43 WriteAndX unicode little
endian andx overflow attempt (netbios.rules)
4563 - NETBIOS SMB v4 netware_cs function 43 WriteAndX unicode little
endian overflow attempt (netbios.rules)
4564 - NETBIOS SMB v4 netware_cs function 43 WriteAndX unicode
overflow attempt (netbios.rules)
4565 - NETBIOS SMB v4 netware_cs function 43 andx overflow attempt
(netbios.rules)
4566 - NETBIOS SMB v4 netware_cs function 43 little endian andx
overflow attempt (netbios.rules)
4567 - NETBIOS SMB v4 netware_cs function 43 little endian overflow
attempt (netbios.rules)
4568 - NETBIOS SMB v4 netware_cs function 43 overflow attempt
(netbios.rules)
4569 - NETBIOS SMB v4 netware_cs function 43 unicode andx overflow
attempt (netbios.rules)
4570 - NETBIOS SMB v4 netware_cs function 43 unicode little endian
andx overflow attempt (netbios.rules)
4571 - NETBIOS SMB v4 netware_cs function 43 unicode little endian
overflow attempt (netbios.rules)
4572 - NETBIOS SMB v4 netware_cs function 43 unicode overflow attempt
(netbios.rules)
4573 - NETBIOS SMB-DS netware_cs WriteAndX alter context attempt
(netbios.rules)
4574 - NETBIOS SMB-DS netware_cs WriteAndX andx alter context attempt
(netbios.rules)
4575 - NETBIOS SMB-DS netware_cs WriteAndX andx bind attempt
(netbios.rules)
4576 - NETBIOS SMB-DS netware_cs WriteAndX bind attempt (netbios.rules)
4577 - NETBIOS SMB-DS netware_cs WriteAndX little endian alter context
attempt (netbios.rules)
4578 - NETBIOS SMB-DS netware_cs WriteAndX little endian andx alter
context attempt (netbios.rules)
4579 - NETBIOS SMB-DS netware_cs WriteAndX little endian andx bind
attempt (netbios.rules)
4580 - NETBIOS SMB-DS netware_cs WriteAndX little endian bind attempt
(netbios.rules)
4581 - NETBIOS SMB-DS netware_cs WriteAndX unicode alter context
attempt (netbios.rules)
4582 - NETBIOS SMB-DS netware_cs WriteAndX unicode andx alter context
attempt (netbios.rules)
4583 - NETBIOS SMB-DS netware_cs WriteAndX unicode andx bind attempt
(netbios.rules)
4584 - NETBIOS SMB-DS netware_cs WriteAndX unicode bind attempt
(netbios.rules)
4585 - NETBIOS SMB-DS netware_cs WriteAndX unicode little endian alter
context attempt (netbios.rules)
4586 - NETBIOS SMB-DS netware_cs WriteAndX unicode little endian andx
alter context attempt (netbios.rules)
4587 - NETBIOS SMB-DS netware_cs WriteAndX unicode little endian andx
bind attempt (netbios.rules)
4588 - NETBIOS SMB-DS netware_cs WriteAndX unicode little endian bind
attempt (netbios.rules)
4589 - NETBIOS SMB-DS netware_cs alter context attempt (netbios.rules)
4590 - NETBIOS SMB-DS netware_cs andx alter context attempt
(netbios.rules)
4591 - NETBIOS SMB-DS netware_cs andx bind attempt (netbios.rules)
4592 - NETBIOS SMB-DS netware_cs bind attempt (netbios.rules)
4593 - NETBIOS SMB-DS netware_cs little endian alter context attempt
(netbios.rules)
4594 - NETBIOS SMB-DS netware_cs little endian andx alter context
attempt (netbios.rules)
4595 - NETBIOS SMB-DS netware_cs little endian andx bind attempt
(netbios.rules)
4596 - NETBIOS SMB-DS netware_cs little endian bind attempt
(netbios.rules)
4597 - NETBIOS SMB-DS netware_cs unicode alter context attempt
(netbios.rules)
4598 - NETBIOS SMB-DS netware_cs unicode andx alter context attempt
(netbios.rules)
4599 - NETBIOS SMB-DS netware_cs unicode andx bind attempt (netbios.rules)
4600 - NETBIOS SMB-DS netware_cs unicode bind attempt (netbios.rules)
4601 - NETBIOS SMB-DS netware_cs unicode little endian alter context
attempt (netbios.rules)
4602 - NETBIOS SMB-DS netware_cs unicode little endian andx alter
context attempt (netbios.rules)
4603 - NETBIOS SMB-DS netware_cs unicode little endian andx bind
attempt (netbios.rules)
4604 - NETBIOS SMB-DS netware_cs unicode little endian bind attempt
(netbios.rules)
4605 - NETBIOS SMB-DS netware_cs function 43 WriteAndX andx overflow
attempt (netbios.rules)
4606 - NETBIOS SMB-DS netware_cs function 43 WriteAndX little endian
andx overflow attempt (netbios.rules)
4607 - NETBIOS SMB-DS netware_cs function 43 WriteAndX little endian
overflow attempt (netbios.rules)
4608 - NETBIOS SMB-DS netware_cs function 43 WriteAndX overflow
attempt (netbios.rules)
4609 - NETBIOS SMB-DS netware_cs function 43 WriteAndX unicode andx
overflow attempt (netbios.rules)
4610 - NETBIOS SMB-DS netware_cs function 43 WriteAndX unicode little
endian andx overflow attempt (netbios.rules)
4611 - NETBIOS SMB-DS netware_cs function 43 WriteAndX unicode little
endian overflow attempt (netbios.rules)
4612 - NETBIOS SMB-DS netware_cs function 43 WriteAndX unicode
overflow attempt (netbios.rules)
4613 - NETBIOS SMB-DS netware_cs function 43 andx overflow attempt
(netbios.rules)
4614 - NETBIOS SMB-DS netware_cs function 43 little endian andx
overflow attempt (netbios.rules)
4615 - NETBIOS SMB-DS netware_cs function 43 little endian overflow
attempt (netbios.rules)
4616 - NETBIOS SMB-DS netware_cs function 43 overflow attempt
(netbios.rules)
4617 - NETBIOS SMB-DS netware_cs function 43 unicode andx overflow
attempt (netbios.rules)
4618 - NETBIOS SMB-DS netware_cs function 43 unicode little endian
andx overflow attempt (netbios.rules)
4619 - NETBIOS SMB-DS netware_cs function 43 unicode little endian
overflow attempt (netbios.rules)
4620 - NETBIOS SMB-DS netware_cs function 43 unicode overflow attempt
(netbios.rules)
4621 - NETBIOS SMB-DS v4 netware_cs function 43 WriteAndX andx
overflow attempt (netbios.rules)
4622 - NETBIOS SMB-DS v4 netware_cs function 43 WriteAndX little
endian andx overflow attempt (netbios.rules)
4623 - NETBIOS SMB-DS v4 netware_cs function 43 WriteAndX little
endian overflow attempt (netbios.rules)
4624 - NETBIOS SMB-DS v4 netware_cs function 43 WriteAndX overflow
attempt (netbios.rules)
4625 - NETBIOS SMB-DS v4 netware_cs function 43 WriteAndX unicode andx
overflow attempt (netbios.rules)
4626 - NETBIOS SMB-DS v4 netware_cs function 43 WriteAndX unicode
little endian andx overflow attempt (netbios.rules)
4627 - NETBIOS SMB-DS v4 netware_cs function 43 WriteAndX unicode
little endian overflow attempt (netbios.rules)
4628 - NETBIOS SMB-DS v4 netware_cs function 43 WriteAndX unicode
overflow attempt (netbios.rules)
4629 - NETBIOS SMB-DS v4 netware_cs function 43 andx overflow attempt
(netbios.rules)
4630 - NETBIOS SMB-DS v4 netware_cs function 43 little endian andx
overflow attempt (netbios.rules)
4631 - NETBIOS SMB-DS v4 netware_cs function 43 little endian overflow
attempt (netbios.rules)
4632 - NETBIOS SMB-DS v4 netware_cs function 43 overflow attempt
(netbios.rules)
4633 - NETBIOS SMB-DS v4 netware_cs function 43 unicode andx overflow
attempt (netbios.rules)
4634 - NETBIOS SMB-DS v4 netware_cs function 43 unicode little endian
andx overflow attempt (netbios.rules)
4635 - NETBIOS SMB-DS v4 netware_cs function 43 unicode little endian
overflow attempt (netbios.rules)
4636 - NETBIOS SMB-DS v4 netware_cs function 43 unicode overflow
attempt (netbios.rules)
4637 - EXPLOIT MailEnable HTTPMail buffer overflow attempt (exploit.rules)
4638 - MISC RSVP Protocol zero length object DoS attempt (exploit.rules)
4639 - EXPLOIT Ethereal Distcc ARGV buffer overflow attempt
(exploit.rules)
4640 - EXPLOIT Ethereal Distcc SERR buffer overflow attempt
(exploit.rules)
4641 - EXPLOIT Ethereal Distcc SOUT buffer overflow attempt
(exploit.rules)

Updated rules:
~ 268 - DELETED DOS Jolt attack (deleted.rules)
~ 270 - DELETED DOS Teardrop attack (deleted.rules)
~ 499 - DELETED ICMP Large ICMP Packet (deleted.rules)
~ 522 - DELETED MISC Tiny Fragments (deleted.rules)
2341 - WEB-PHP DCP-Portal remote file include editor script attempt
(web-php.rules)
2342 - WEB-PHP DCP-Portal remote file include lib script attempt
(web-php.rules)
3148 - WEB-CLIENT winhelp clsid attempt (web-client.rules)
3550 - WEB-CLIENT HTML http scheme hostname overflow attempt
(web-client.rules)
4135 - WEB-CLIENT IE JPEG heap overflow single packet attempt
(web-client.rules)
4136 - WEB-CLIENT IE JPEG heap overflow multipacket attempt
(web-client.rules)
4149 - DELETED WEB-CLIENT HTML Help ActiveX Object Access (deleted.rules)



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (Darwin)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDXtPwMpm0ve0NhMcRAvdXAJwPkE/lztISYwLMaVc+AAzlquAK5ACdGJfe
tF0T6hHjAR5OLkgm0jJhEdI=
=Tchw
-----END PGP SIGNATURE-----





More information about the Snort-sigs mailing list