Talos has added and modified multiple rules in the blacklist, browser-plugins, file-flash, malware-cnc, malware-other, protocol-scada, pua-adware, server-apache and server-webapp rule sets to provide coverage for emerging threats from these technologies.
For information about Snort Subscriber Rulesets available for purchase, please visit the Snort product page.
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2976.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:41691 <-> DISABLED <-> SERVER-WEBAPP Siemens WinCC DoS attempt (server-webapp.rules) * 1:41687 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Malear variant outbound connection (malware-cnc.rules) * 1:41686 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Malear variant outbound connection (malware-cnc.rules) * 1:41680 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (file-flash.rules) * 1:41682 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Malear variant outbound connection (malware-cnc.rules) * 1:41679 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (file-flash.rules) * 1:41677 <-> DISABLED <-> SERVER-WEBAPP Trend Micro InterScan Web Security Appliance insecure configuration export attempt (server-webapp.rules) * 1:41681 <-> ENABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux remote code execution attempt (server-webapp.rules) * 1:41676 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Dridex self-signed certificate exchange (malware-cnc.rules) * 1:41678 <-> DISABLED <-> SERVER-WEBAPP Trend Micro InterScan Web Security Appliance insecure configuration import attempt (server-webapp.rules) * 1:41674 <-> ENABLED <-> FILE-FLASH Adobe Flash Player TextField object event handler use after free attempt (file-flash.rules) * 1:41672 <-> DISABLED <-> SERVER-WEBAPP Netgear ReadyNAS np_handler command injection attempt (server-webapp.rules) * 1:41673 <-> ENABLED <-> FILE-FLASH Adobe Flash Player TextField object event handler use after free attempt (file-flash.rules) * 1:41670 <-> DISABLED <-> SERVER-WEBAPP Netgear ReadyNAS np_handler command injection attempt (server-webapp.rules) * 1:41675 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Dridex self-signed certificate exchange (malware-cnc.rules) * 1:41668 <-> DISABLED <-> BROWSER-PLUGINS KingScada kxClientDownload ActiveX clsid access attempt (browser-plugins.rules) * 1:41669 <-> DISABLED <-> BROWSER-PLUGINS KingScada kxClientDownload ActiveX clsid access attempt (browser-plugins.rules) * 1:41666 <-> DISABLED <-> BROWSER-PLUGINS KingScada kxClientDownload ActiveX clsid access attempt (browser-plugins.rules) * 1:41671 <-> DISABLED <-> SERVER-WEBAPP Netgear ReadyNAS np_handler command injection attempt (server-webapp.rules) * 1:41664 <-> DISABLED <-> PUA-ADWARE Win.Adware.Xiazai variant outbound connection (pua-adware.rules) * 1:41665 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Mirai variant outbound connection (malware-cnc.rules) * 1:41662 <-> ENABLED <-> MALWARE-CNC Osx.Downloader.MacDownloader variant outbound connection (malware-cnc.rules) * 1:41667 <-> DISABLED <-> BROWSER-PLUGINS KingScada kxClientDownload ActiveX clsid access attempt (browser-plugins.rules) * 1:41660 <-> DISABLED <-> MALWARE-OTHER VBScript potential executable write attempt (malware-other.rules) * 1:41661 <-> ENABLED <-> MALWARE-CNC Osx.Downloader.MacDownloader variant outbound connection (malware-cnc.rules) * 1:41663 <-> ENABLED <-> MALWARE-CNC Osx.Downloader.MacDownloader variant outbound connection (malware-cnc.rules) * 1:41688 <-> DISABLED <-> SERVER-APACHE Apache HTTP Server mod_http2 denial of service attempt (server-apache.rules) * 1:41683 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Malear variant outbound connection (malware-cnc.rules) * 1:41685 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Malear variant outbound connection (malware-cnc.rules) * 1:41692 <-> DISABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux remote use of authentication token attempt (server-webapp.rules) * 1:41689 <-> DISABLED <-> SERVER-OTHER PHP Exception Handling remote denial of service attempt (server-other.rules) * 1:41690 <-> DISABLED <-> SERVER-OTHER PHP Exception Handling remote denial of service attempt (server-other.rules) * 1:41684 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Malear variant outbound connection (malware-cnc.rules)
* 1:36084 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36085 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36079 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36088 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:40869 <-> ENABLED <-> BLACKLIST User-Agent known malicious user-agent string - Virut (blacklist.rules) * 1:36086 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36095 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36083 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36076 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36077 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36073 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36090 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:41383 <-> DISABLED <-> SERVER-WEBAPP PHP ZipArchive getFromIndex and getFromName integer overflow attempt (server-webapp.rules) * 1:41384 <-> DISABLED <-> SERVER-WEBAPP PHP ZipArchive getFromIndex and getFromName integer overflow attempt (server-webapp.rules) * 1:36087 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36091 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36092 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:29204 <-> DISABLED <-> PROTOCOL-SCADA Modbus read holding register response - invalid byte count (protocol-scada.rules) * 1:36075 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:16195 <-> DISABLED <-> SERVER-WEBAPP HTTP request content-length heap buffer overflow attempt (server-webapp.rules) * 1:36074 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:28054 <-> ENABLED <-> MALWARE-OTHER VBScript potential executable write attempt (malware-other.rules) * 1:36078 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36080 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36081 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36072 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36082 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36093 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36094 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36089 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2983.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:41690 <-> DISABLED <-> SERVER-OTHER PHP Exception Handling remote denial of service attempt (server-other.rules) * 1:41691 <-> DISABLED <-> SERVER-WEBAPP Siemens WinCC DoS attempt (server-webapp.rules) * 1:41688 <-> DISABLED <-> SERVER-APACHE Apache HTTP Server mod_http2 denial of service attempt (server-apache.rules) * 1:41689 <-> DISABLED <-> SERVER-OTHER PHP Exception Handling remote denial of service attempt (server-other.rules) * 1:41682 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Malear variant outbound connection (malware-cnc.rules) * 1:41683 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Malear variant outbound connection (malware-cnc.rules) * 1:41686 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Malear variant outbound connection (malware-cnc.rules) * 1:41685 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Malear variant outbound connection (malware-cnc.rules) * 1:41687 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Malear variant outbound connection (malware-cnc.rules) * 1:41692 <-> DISABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux remote use of authentication token attempt (server-webapp.rules) * 1:41660 <-> DISABLED <-> MALWARE-OTHER VBScript potential executable write attempt (malware-other.rules) * 1:41661 <-> ENABLED <-> MALWARE-CNC Osx.Downloader.MacDownloader variant outbound connection (malware-cnc.rules) * 1:41662 <-> ENABLED <-> MALWARE-CNC Osx.Downloader.MacDownloader variant outbound connection (malware-cnc.rules) * 1:41663 <-> ENABLED <-> MALWARE-CNC Osx.Downloader.MacDownloader variant outbound connection (malware-cnc.rules) * 1:41664 <-> DISABLED <-> PUA-ADWARE Win.Adware.Xiazai variant outbound connection (pua-adware.rules) * 1:41665 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Mirai variant outbound connection (malware-cnc.rules) * 1:41666 <-> DISABLED <-> BROWSER-PLUGINS KingScada kxClientDownload ActiveX clsid access attempt (browser-plugins.rules) * 1:41667 <-> DISABLED <-> BROWSER-PLUGINS KingScada kxClientDownload ActiveX clsid access attempt (browser-plugins.rules) * 1:41668 <-> DISABLED <-> BROWSER-PLUGINS KingScada kxClientDownload ActiveX clsid access attempt (browser-plugins.rules) * 1:41669 <-> DISABLED <-> BROWSER-PLUGINS KingScada kxClientDownload ActiveX clsid access attempt (browser-plugins.rules) * 1:41670 <-> DISABLED <-> SERVER-WEBAPP Netgear ReadyNAS np_handler command injection attempt (server-webapp.rules) * 1:41671 <-> DISABLED <-> SERVER-WEBAPP Netgear ReadyNAS np_handler command injection attempt (server-webapp.rules) * 1:41672 <-> DISABLED <-> SERVER-WEBAPP Netgear ReadyNAS np_handler command injection attempt (server-webapp.rules) * 1:41673 <-> ENABLED <-> FILE-FLASH Adobe Flash Player TextField object event handler use after free attempt (file-flash.rules) * 1:41674 <-> ENABLED <-> FILE-FLASH Adobe Flash Player TextField object event handler use after free attempt (file-flash.rules) * 1:41675 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Dridex self-signed certificate exchange (malware-cnc.rules) * 1:41676 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Dridex self-signed certificate exchange (malware-cnc.rules) * 1:41684 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Malear variant outbound connection (malware-cnc.rules) * 1:41677 <-> DISABLED <-> SERVER-WEBAPP Trend Micro InterScan Web Security Appliance insecure configuration export attempt (server-webapp.rules) * 1:41678 <-> DISABLED <-> SERVER-WEBAPP Trend Micro InterScan Web Security Appliance insecure configuration import attempt (server-webapp.rules) * 1:41679 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (file-flash.rules) * 1:41680 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (file-flash.rules) * 1:41681 <-> ENABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux remote code execution attempt (server-webapp.rules)
* 1:36087 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36083 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36084 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36078 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36074 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36072 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36095 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36090 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36091 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36089 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36085 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36081 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36082 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36077 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36080 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36079 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36076 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:29204 <-> DISABLED <-> PROTOCOL-SCADA Modbus read holding register response - invalid byte count (protocol-scada.rules) * 1:41383 <-> DISABLED <-> SERVER-WEBAPP PHP ZipArchive getFromIndex and getFromName integer overflow attempt (server-webapp.rules) * 1:36088 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:16195 <-> DISABLED <-> SERVER-WEBAPP HTTP request content-length heap buffer overflow attempt (server-webapp.rules) * 1:40869 <-> ENABLED <-> BLACKLIST User-Agent known malicious user-agent string - Virut (blacklist.rules) * 1:41384 <-> DISABLED <-> SERVER-WEBAPP PHP ZipArchive getFromIndex and getFromName integer overflow attempt (server-webapp.rules) * 1:28054 <-> ENABLED <-> MALWARE-OTHER VBScript potential executable write attempt (malware-other.rules) * 1:36073 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36075 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36086 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36092 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36093 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36094 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2990.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:41692 <-> DISABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux remote use of authentication token attempt (server-webapp.rules) * 1:41691 <-> DISABLED <-> SERVER-WEBAPP Siemens WinCC DoS attempt (server-webapp.rules) * 1:41690 <-> DISABLED <-> SERVER-OTHER PHP Exception Handling remote denial of service attempt (server-other.rules) * 1:41689 <-> DISABLED <-> SERVER-OTHER PHP Exception Handling remote denial of service attempt (server-other.rules) * 1:41688 <-> DISABLED <-> SERVER-APACHE Apache HTTP Server mod_http2 denial of service attempt (server-apache.rules) * 1:41687 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Malear variant outbound connection (malware-cnc.rules) * 1:41686 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Malear variant outbound connection (malware-cnc.rules) * 1:41685 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Malear variant outbound connection (malware-cnc.rules) * 1:41684 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Malear variant outbound connection (malware-cnc.rules) * 1:41683 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Malear variant outbound connection (malware-cnc.rules) * 1:41682 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Malear variant outbound connection (malware-cnc.rules) * 1:41681 <-> ENABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux remote code execution attempt (server-webapp.rules) * 1:41680 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (file-flash.rules) * 1:41679 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (file-flash.rules) * 1:41678 <-> DISABLED <-> SERVER-WEBAPP Trend Micro InterScan Web Security Appliance insecure configuration import attempt (server-webapp.rules) * 1:41677 <-> DISABLED <-> SERVER-WEBAPP Trend Micro InterScan Web Security Appliance insecure configuration export attempt (server-webapp.rules) * 1:41676 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Dridex self-signed certificate exchange (malware-cnc.rules) * 1:41675 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Dridex self-signed certificate exchange (malware-cnc.rules) * 1:41674 <-> ENABLED <-> FILE-FLASH Adobe Flash Player TextField object event handler use after free attempt (file-flash.rules) * 1:41673 <-> ENABLED <-> FILE-FLASH Adobe Flash Player TextField object event handler use after free attempt (file-flash.rules) * 1:41672 <-> DISABLED <-> SERVER-WEBAPP Netgear ReadyNAS np_handler command injection attempt (server-webapp.rules) * 1:41671 <-> DISABLED <-> SERVER-WEBAPP Netgear ReadyNAS np_handler command injection attempt (server-webapp.rules) * 1:41670 <-> DISABLED <-> SERVER-WEBAPP Netgear ReadyNAS np_handler command injection attempt (server-webapp.rules) * 1:41669 <-> DISABLED <-> BROWSER-PLUGINS KingScada kxClientDownload ActiveX clsid access attempt (browser-plugins.rules) * 1:41668 <-> DISABLED <-> BROWSER-PLUGINS KingScada kxClientDownload ActiveX clsid access attempt (browser-plugins.rules) * 1:41667 <-> DISABLED <-> BROWSER-PLUGINS KingScada kxClientDownload ActiveX clsid access attempt (browser-plugins.rules) * 1:41666 <-> DISABLED <-> BROWSER-PLUGINS KingScada kxClientDownload ActiveX clsid access attempt (browser-plugins.rules) * 1:41665 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Mirai variant outbound connection (malware-cnc.rules) * 1:41664 <-> DISABLED <-> PUA-ADWARE Win.Adware.Xiazai variant outbound connection (pua-adware.rules) * 1:41663 <-> ENABLED <-> MALWARE-CNC Osx.Downloader.MacDownloader variant outbound connection (malware-cnc.rules) * 1:41662 <-> ENABLED <-> MALWARE-CNC Osx.Downloader.MacDownloader variant outbound connection (malware-cnc.rules) * 1:41661 <-> ENABLED <-> MALWARE-CNC Osx.Downloader.MacDownloader variant outbound connection (malware-cnc.rules) * 1:41660 <-> DISABLED <-> MALWARE-OTHER VBScript potential executable write attempt (malware-other.rules)
* 1:16195 <-> DISABLED <-> SERVER-WEBAPP HTTP request content-length heap buffer overflow attempt (server-webapp.rules) * 1:28054 <-> ENABLED <-> MALWARE-OTHER VBScript potential executable write attempt (malware-other.rules) * 1:29204 <-> DISABLED <-> PROTOCOL-SCADA Modbus read holding register response - invalid byte count (protocol-scada.rules) * 1:36072 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36073 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36074 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36075 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36076 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36077 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36078 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36079 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36080 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36081 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36082 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36083 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36084 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36085 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36086 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36087 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36088 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36089 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36090 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36091 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36092 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:41384 <-> DISABLED <-> SERVER-WEBAPP PHP ZipArchive getFromIndex and getFromName integer overflow attempt (server-webapp.rules) * 1:36095 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:40869 <-> ENABLED <-> BLACKLIST User-Agent known malicious user-agent string - Virut (blacklist.rules) * 1:41383 <-> DISABLED <-> SERVER-WEBAPP PHP ZipArchive getFromIndex and getFromName integer overflow attempt (server-webapp.rules) * 1:36094 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules) * 1:36093 <-> DISABLED <-> SERVER-OTHER Dell Netvault Backup remote denial of service attempt (server-other.rules)
©2024 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
