# $Id: sid-msg.map 91 2004-07-15 08:13:57Z rwinslow $
# Format: SID || MSG || Optional References || Optional References ...
# SID -> MSG map

103 || BACKDOOR subseven 22 || url,www.hackfix.org/subseven/ || arachnids,485
104 || BACKDOOR - Dagger_1.4.0_client_connect || url,www.tlsecurity.net/backdoor/Dagger.1.4.html || arachnids,483
105 || BACKDOOR - Dagger_1.4.0 || url,www.tlsecurity.net/backdoor/Dagger.1.4.html || arachnids,484
106 || BACKDOOR ACKcmdC trojan scan || arachnids,445
107 || BACKDOOR subseven DEFCON8 2.1 access
108 || BACKDOOR QAZ Worm Client Login access || MCAFEE,98775
109 || BACKDOOR netbus active || arachnids,401
110 || BACKDOOR netbus getinfo || arachnids,403
111 || BACKDOOR netbus getinfo || arachnids,403
112 || BACKDOOR BackOrifice access || arachnids,400
113 || BACKDOOR DeepThroat access || arachnids,405
114 || BACKDOOR netbus active || arachnids,401
115 || BACKDOOR netbus active || arachnids,401
116 || BACKDOOR BackOrifice access || arachnids,399
117 || BACKDOOR Infector.1.x || arachnids,315
118 || BACKDOOR SatansBackdoor.2.0.Beta || arachnids,316
119 || BACKDOOR Doly 2.0 access || arachnids,312
120 || BACKDOOR Infector 1.6 Server to Client
121 || BACKDOOR Infector 1.6 Client to Server Connection Request
122 || BACKDOOR DeepThroat 3.1 System Info Client Request || arachnids,106
124 || BACKDOOR DeepThroat 3.1 FTP Status Client Request || arachnids,106
125 || BACKDOOR DeepThroat 3.1 E-Mail Info From Server || arachnids,106
126 || BACKDOOR DeepThroat 3.1 E-Mail Info Client Request || arachnids,106
127 || BACKDOOR DeepThroat 3.1 Server Status From Server || arachnids,106
128 || BACKDOOR DeepThroat 3.1 Server Status Client Request || arachnids,106
129 || BACKDOOR DeepThroat 3.1 Drive Info From Server || arachnids,106
130 || BACKDOOR DeepThroat 3.1 System Info From Server || arachnids,106
131 || BACKDOOR DeepThroat 3.1 Drive Info Client Request || arachnids,106
132 || BACKDOOR DeepThroat 3.1 Server FTP Port Change From Server || arachnids,106
133 || BACKDOOR DeepThroat 3.1 Cached Passwords Client Request || arachnids,106
134 || BACKDOOR DeepThroat 3.1 RAS Passwords Client Request || arachnids,106
135 || BACKDOOR DeepThroat 3.1 Server Password Change Client Request || arachnids,106
136 || BACKDOOR DeepThroat 3.1 Server Password Remove Client Request || arachnids,106
137 || BACKDOOR DeepThroat 3.1 Rehash Client Request || arachnids,106
138 || BACKDOOR DeepThroat 3.1 Server Rehash Client Request || arachnids,106
140 || BACKDOOR DeepThroat 3.1 ICQ Alert OFF Client Request || arachnids,106
141 || BACKDOOR HackAttack 1.20 Connect
142 || BACKDOOR DeepThroat 3.1 ICQ Alert ON Client Request || arachnids,106
143 || BACKDOOR DeepThroat 3.1 Change Wallpaper Client Request || arachnids,106
144 || FTP ADMw0rm ftp login attempt || arachnids,01
145 || BACKDOOR GirlFriendaccess || arachnids,98
146 || BACKDOOR NetSphere access || arachnids,76
147 || BACKDOOR GateCrasher || arachnids,99
148 || BACKDOOR DeepThroat 3.1 Keylogger Active on Network || arachnids,106
149 || BACKDOOR DeepThroat 3.1 Client Sending Data to Server on Network || arachnids,106
150 || BACKDOOR DeepThroat 3.1 Server Active on Network || arachnids,106
151 || BACKDOOR DeepThroat 3.1 Client Sending Data to Server on Network || arachnids,106
152 || BACKDOOR BackConstruction 2.1 Connection
153 || BACKDOOR DonaldDick 1.53 Traffic
154 || BACKDOOR DeepThroat 3.1 Wrong Password || arachnids,106
155 || BACKDOOR NetSphere 1.31.337 access || arachnids,76
156 || BACKDOOR DeepThroat 3.1 Visible Window List Client Request || arachnids,106
157 || BACKDOOR BackConstruction 2.1 Client FTP Open Request
158 || BACKDOOR BackConstruction 2.1 Server FTP Open Reply
159 || BACKDOOR NetMetro File List || arachnids,79
160 || BACKDOOR NetMetro Incoming Traffic || arachnids,79
161 || BACKDOOR Matrix 2.0 Client connect || arachnids,83
162 || BACKDOOR Matrix 2.0 Server access || arachnids,83
163 || BACKDOOR WinCrash 1.0 Server Active || arachnids,36
164 || BACKDOOR DeepThroat 3.1 Server Active on Network || arachnids,106
165 || BACKDOOR DeepThroat 3.1 Keylogger on Server ON || arachnids,106
166 || BACKDOOR DeepThroat 3.1 Show Picture Client Request || arachnids,106
167 || BACKDOOR DeepThroat 3.1 Hide/Show Clock Client Request || arachnids,106
168 || BACKDOOR DeepThroat 3.1 Hide/Show Desktop Client Request || arachnids,106
169 || BACKDOOR DeepThroat 3.1 Swap Mouse Buttons Client Request || arachnids,106
170 || BACKDOOR DeepThroat 3.1 Enable/Disable CTRL-ALT-DEL Client Request || arachnids,106
171 || BACKDOOR DeepThroat 3.1 Freeze Mouse Client Request || arachnids,106
172 || BACKDOOR DeepThroat 3.1 Show Dialog Box Client Request || arachnids,106
173 || BACKDOOR DeepThroat 3.1 Show Replyable Dialog Box Client Request || arachnids,106
174 || BACKDOOR DeepThroat 3.1 Hide/Show Start Button Client Request || arachnids,106
175 || BACKDOOR DeepThroat 3.1 Resolution Change Client Request || arachnids,106
176 || BACKDOOR DeepThroat 3.1 Hide/Show Start Button Client Request || arachnids,106
177 || BACKDOOR DeepThroat 3.1 Keylogger on Server OFF || arachnids,106
179 || BACKDOOR DeepThroat 3.1 FTP Server Port Client Request || arachnids,106
180 || BACKDOOR DeepThroat 3.1 Process List Client request || arachnids,106
181 || BACKDOOR DeepThroat 3.1 Close Port Scan Client Request || arachnids,106
182 || BACKDOOR DeepThroat 3.1 Registry Add Client Request || arachnids,106
183 || BACKDOOR SIGNATURE - Q ICMP || arachnids,202
184 || BACKDOOR Q access || arachnids,203
185 || BACKDOOR CDK || arachnids,263
186 || BACKDOOR DeepThroat 3.1 Monitor on/off Client Request || arachnids,106
187 || BACKDOOR DeepThroat 3.1 Delete File Client Request || arachnids,106
188 || BACKDOOR DeepThroat 3.1 Kill Window Client Request || arachnids,106
189 || BACKDOOR DeepThroat 3.1 Disable Window Client Request || arachnids,106
190 || BACKDOOR DeepThroat 3.1 Enable Window Client Request || arachnids,106
191 || BACKDOOR DeepThroat 3.1 Change Window Title Client Request || arachnids,106
192 || BACKDOOR DeepThroat 3.1 Hide Window Client Request || arachnids,106
193 || BACKDOOR DeepThroat 3.1 Show Window Client Request || arachnids,106
194 || BACKDOOR DeepThroat 3.1 Send Text to Window Client Request || arachnids,106
195 || BACKDOOR DeepThroat 3.1 Server Response || arachnids,106
196 || BACKDOOR DeepThroat 3.1 Hide/Show Systray Client Request || arachnids,106
197 || BACKDOOR DeepThroat 3.1 Create Directory Client Request || arachnids,106
198 || BACKDOOR DeepThroat 3.1 All Window List Client Request || arachnids,106
199 || BACKDOOR DeepThroat 3.1 Play Sound Client Request || arachnids,106
200 || BACKDOOR DeepThroat 3.1 Run Program Normal Client Request || arachnids,106
201 || BACKDOOR DeepThroat 3.1 Run Program Hidden Client Request || arachnids,106
202 || BACKDOOR DeepThroat 3.1 Get NET File Client Request || arachnids,106
203 || BACKDOOR DeepThroat 3.1 Find File Client Request || arachnids,106
204 || BACKDOOR DeepThroat 3.1 Find File Client Request || arachnids,106
205 || BACKDOOR DeepThroat 3.1 HUP Modem Client Request || arachnids,106
206 || BACKDOOR DeepThroat 3.1 CD ROM Open Client Request || arachnids,106
207 || BACKDOOR DeepThroat 3.1 CD ROM Close Client Request || arachnids,106
208 || BACKDOOR PhaseZero Server Active on Network
209 || BACKDOOR w00w00 attempt || arachnids,510
210 || BACKDOOR attempt
211 || BACKDOOR MISC r00t attempt
212 || BACKDOOR MISC rewt attempt
213 || BACKDOOR MISC Linux rootkit attempt
214 || BACKDOOR MISC Linux rootkit attempt lrkr0x
215 || BACKDOOR MISC Linux rootkit attempt
216 || BACKDOOR MISC Linux rootkit satori attempt || arachnids,516
217 || BACKDOOR MISC sm4ck attempt
218 || BACKDOOR MISC Solaris 2.5 attempt
219 || BACKDOOR HidePak backdoor attempt
220 || BACKDOOR HideSource backdoor attempt
221 || DDOS TFN Probe || arachnids,443
222 || DDOS tfn2k icmp possible communication || arachnids,425
223 || DDOS Trin00 Daemon to Master PONG message detected || arachnids,187
224 || DDOS Stacheldraht server spoof || arachnids,193
225 || DDOS Stacheldraht gag server response || arachnids,195
226 || DDOS Stacheldraht server response || arachnids,191
227 || DDOS Stacheldraht client spoofworks || arachnids,192
228 || DDOS TFN client command BE || arachnids,184
229 || DDOS Stacheldraht client check skillz || arachnids,190
230 || DDOS shaft client login to handler || url,security.royans.net/info/posts/bugtraq_ddos3.shtml || arachnids,254
231 || DDOS Trin00 Daemon to Master message detected || arachnids,186
232 || DDOS Trin00 Daemon to Master *HELLO* message detected || url,www.sans.org/newlook/resources/IDFAQ/trinoo.htm || arachnids,185
233 || DDOS Trin00 Attacker to Master default startup password || arachnids,197
234 || DDOS Trin00 Attacker to Master default password
235 || DDOS Trin00 Attacker to Master default mdie password
236 || DDOS Stacheldraht client check gag || arachnids,194
237 || DDOS Trin00 Master to Daemon default password attempt || arachnids,197
238 || DDOS TFN server response || arachnids,182
239 || DDOS shaft handler to agent || arachnids,255
240 || DDOS shaft agent to handler || arachnids,256
241 || DDOS shaft synflood || arachnids,253
243 || DDOS mstream agent to handler
244 || DDOS mstream handler to agent || cve,2000-0138
245 || DDOS mstream handler ping to agent || cve,2000-0138
246 || DDOS mstream agent pong to handler
247 || DDOS mstream client to handler || cve,2000-0138
248 || DDOS mstream handler to client || cve,2000-0138
249 || DDOS mstream client to handler || cve,2000-0138 || arachnids,111
250 || DDOS mstream handler to client || cve,2000-0138
251 || DDOS - TFN client command LE || arachnids,183
252 || DNS named iquery attempt || url,www.rfc-editor.org/rfc/rfc1035.txt || cve,1999-0009 || bugtraq,134 || arachnids,277
253 || DNS SPOOF query response PTR with TTL of 1 min. and no authority
254 || DNS SPOOF query response with TTL of 1 min. and no authority
255 || DNS zone transfer TCP || cve,1999-0532 || arachnids,212
256 || DNS named authors attempt || nessus,10728 || arachnids,480
257 || DNS named version attempt || nessus,10028 || arachnids,278
258 || DNS EXPLOIT named 8.2->8.2.1 || cve,1999-0833 || bugtraq,788
259 || DNS EXPLOIT named overflow ADM || cve,1999-0833 || bugtraq,788
260 || DNS EXPLOIT named overflow ADMROCKS || url,www.cert.org/advisories/CA-1999-14.html || cve,1999-0833 || bugtraq,788
261 || DNS EXPLOIT named overflow attempt || url,www.cert.org/advisories/CA-1998-05.html
262 || DNS EXPLOIT x86 Linux overflow attempt
264 || DNS EXPLOIT x86 Linux overflow attempt
265 || DNS EXPLOIT x86 Linux overflow attempt ADMv2
266 || DNS EXPLOIT x86 FreeBSD overflow attempt
267 || DNS EXPLOIT sparc overflow attempt
268 || DOS Jolt attack || cve,1999-0345
269 || DOS Land attack || cve,1999-0016 || bugtraq,2666
270 || DOS Teardrop attack || url,www.cert.org/advisories/CA-1997-28.html || nessus,10279 || cve,1999-0015 || bugtraq,124
271 || DOS UDP echo+chargen bomb || cve,1999-0635 || cve,1999-0103
272 || DOS IGMP dos attack || cve,1999-0918 || bugtraq,514
273 || DOS IGMP dos attack || cve,1999-0918 || bugtraq,514
274 || DOS ath || cve,1999-1228 || arachnids,264
275 || DOS NAPTHA || url,www.microsoft.com/technet/security/bulletin/MS00-091.mspx || url,www.cert.org/advisories/CA-2000-21.html || url,razor.bindview.com/publish/advisories/adv_NAPTHA.html || cve,2000-1039 || bugtraq,2022
276 || DOS Real Audio Server || cve,2000-0474 || bugtraq,1288 || arachnids,411
277 || DOS Real Server template.html || cve,2000-0474 || bugtraq,1288
278 || DOS Real Server template.html || cve,2000-0474 || bugtraq,1288
279 || DOS Bay/Nortel Nautica Marlin || cve,2000-0221 || bugtraq,1009
281 || DOS Ascend Route || cve,1999-0060 || bugtraq,714 || arachnids,262
282 || DOS arkiea backup || cve,1999-0788 || bugtraq,662 || arachnids,261
283 || EXPLOIT Netscape 4.7 client overflow || cve,2000-1187 || cve,1999-1189 || bugtraq,822 || arachnids,215
284 || POP2 x86 Linux overflow
285 || POP2 x86 Linux overflow
286 || POP3 EXPLOIT x86 BSD overflow || cve,1999-0006 || bugtraq,133
287 || POP3 EXPLOIT x86 BSD overflow
288 || POP3 EXPLOIT x86 Linux overflow
289 || POP3 EXPLOIT x86 SCO overflow
290 || POP3 EXPLOIT qpopper overflow || cve,1999-0822 || bugtraq,830
291 || NNTP Cassandra Overflow || cve,2000-0341 || bugtraq,1156 || arachnids,274
292 || EXPLOIT x86 Linux samba overflow || cve,1999-0811 || cve,1999-0182 || bugtraq,536 || bugtraq,1816
293 || IMAP EXPLOIT overflow
295 || IMAP EXPLOIT x86 linux overflow || cve,1999-0005 || bugtraq,130
296 || IMAP EXPLOIT x86 linux overflow || cve,1999-0005 || bugtraq,130
297 || IMAP EXPLOIT x86 linux overflow || cve,1999-0005 || bugtraq,130
298 || IMAP EXPLOIT x86 linux overflow || cve,1999-0005 || bugtraq,130
299 || IMAP EXPLOIT x86 linux overflow || cve, CVE-1999-0005 || bugtraq,130
300 || EXPLOIT nlps x86 Solaris overflow || bugtraq,2319
301 || EXPLOIT LPRng overflow || cve,2000-0917 || bugtraq,1712
302 || EXPLOIT Redhat 7.0 lprd overflow
303 || DNS EXPLOIT named tsig overflow attempt || cve,2001-0010 || bugtraq,2302 || arachnids,482
304 || EXPLOIT SCO calserver overflow || cve,2000-0306 || bugtraq,2353
305 || EXPLOIT delegate proxy overflow || cve,2000-0165 || bugtraq,808 || arachnids,267
306 || EXPLOIT VQServer admin || url,www.vqsoft.com/vq/server/docs/other/control.html || cve,2000-0766 || bugtraq,1610
307 || EXPLOIT CHAT IRC topic overflow || cve,1999-0672 || bugtraq,573
308 || EXPLOIT NextFTP client overflow || cve,1999-0671 || bugtraq,572
309 || EXPLOIT sniffit overflow || cve,2000-0343 || bugtraq,1158 || arachnids,273
310 || EXPLOIT x86 windows MailMax overflow || cve,1999-0404 || bugtraq,2312
311 || EXPLOIT Netscape 4.7 unsucessful overflow || cve,2000-1187 || cve,1999-1189 || bugtraq,822 || arachnids,214
312 || EXPLOIT ntpdx overflow attempt || cve,2001-0414 || bugtraq,2540 || arachnids,492
313 || EXPLOIT ntalkd x86 Linux overflow || bugtraq,210
314 || DNS EXPLOIT named tsig overflow attempt || cve,2001-0010 || bugtraq,2303
315 || EXPLOIT x86 Linux mountd overflow || cve,1999-0002 || bugtraq,121
316 || EXPLOIT x86 Linux mountd overflow || cve,1999-0002 || bugtraq,121
317 || EXPLOIT x86 Linux mountd overflow || cve,1999-0002 || bugtraq,121
318 || EXPLOIT bootp x86 bsd overfow || cve,1999-0914 || bugtraq,324
319 || EXPLOIT bootp x86 linux overflow || cve,1999-0799 || cve,1999-0798 || cve,1999-0389
320 || FINGER cmd_rootsh backdoor attempt || url,www.sans.org/y2k/fingerd.htm || url,www.sans.org/y2k/TFN_toolkit.htm || nessus,10070 || cve,1999-0660
321 || FINGER account enumeration attempt || nessus,10788
322 || FINGER search query || cve,1999-0259 || arachnids,375
323 || FINGER root query || arachnids,376
324 || FINGER null request || arachnids,377
325 || FINGER probe 0 attempt || arachnids,378
326 || FINGER remote command execution attempt || cve,1999-0150 || bugtraq,974 || arachnids,379
327 || FINGER remote command pipe execution attempt || cve,1999-0152 || bugtraq,2220 || arachnids,380
328 || FINGER bomb attempt || cve,1999-0106 || arachnids,381
329 || FINGER cybercop redirection || arachnids,11
330 || FINGER redirection attempt || nessus,10073 || cve,1999-0105 || arachnids,251
331 || FINGER cybercop query || cve,1999-0612 || arachnids,132
332 || FINGER 0 query || nessus,10069 || cve,1999-0197 || arachnids,378 || arachnids,131
333 || FINGER . query || nessus,10072 || cve,1999-0198 || arachnids,130
334 || FTP .forward || arachnids,319
335 || FTP .rhosts || arachnids,328
336 || FTP CWD ~root attempt || cve,1999-0082 || arachnids,318
337 || FTP CEL overflow attempt || cve,1999-0789 || bugtraq,679 || arachnids,257
338 || FTP EXPLOIT format string || cve,2000-0573 || bugtraq,1387 || arachnids,453
339 || FTP EXPLOIT OpenBSD x86 ftpd || cve,2001-0053 || bugtraq,2124 || arachnids,446
340 || FTP EXPLOIT overflow
341 || FTP EXPLOIT overflow
342 || FTP EXPLOIT wu-ftpd 2.6.0 site exec format string overflow Solaris 2.8 || cve,2000-0573 || bugtraq,1387 || arachnids,451
343 || FTP EXPLOIT wu-ftpd 2.6.0 site exec format string overflow FreeBSD || cve,2000-0573 || bugtraq,1387 || arachnids,228
344 || FTP EXPLOIT wu-ftpd 2.6.0 site exec format string overflow Linux || cve,2000-0573 || bugtraq,1387 || arachnids,287
345 || FTP EXPLOIT wu-ftpd 2.6.0 site exec format string overflow generic || nessus,10452 || cve,2000-0573 || bugtraq,1387 || arachnids,285
346 || FTP EXPLOIT wu-ftpd 2.6.0 site exec format string check || cve,2000-0573 || bugtraq,1387 || arachnids,286
348 || FTP EXPLOIT wu-ftpd 2.6.0 || bugtraq,1387 || arachnids,440
349 || FTP EXPLOIT MKD overflow || cve,1999-0368 || bugtraq,2242 || bugtraq,113
350 || FTP EXPLOIT x86 linux overflow || cve,1999-0368 || bugtraq,2242 || bugtraq,113
351 || FTP EXPLOIT x86 linux overflow || cve,1999-0368 || bugtraq,2242 || bugtraq,113
352 || FTP EXPLOIT x86 linux overflow || cve, CVE-1999-0368 || bugtraq, 113
353 || FTP adm scan || arachnids,332
354 || FTP iss scan || arachnids,331
355 || FTP pass wh00t || arachnids,324
356 || FTP passwd retrieval attempt || arachnids,213
357 || FTP piss scan
358 || FTP saint scan || arachnids,330
359 || FTP satan scan || arachnids,329
360 || FTP serv-u directory transversal || cve,2001-0054 || bugtraq,2052
361 || FTP SITE EXEC attempt || cve,1999-0080 || bugtraq,2241 || arachnids,317
362 || FTP tar parameters || cve,1999-0997 || cve,1999-0202 || bugtraq,2240 || arachnids,134
363 || ICMP IRDP router advertisement || cve,1999-0875 || bugtraq,578 || arachnids,173
364 || ICMP IRDP router selection || cve,1999-0875 || bugtraq,578 || arachnids,174
365 || ICMP PING undefined code
366 || ICMP PING *NIX
368 || ICMP PING BSDtype || arachnids,152
369 || ICMP PING BayRS Router || arachnids,444 || arachnids,438
370 || ICMP PING BeOS4.x || arachnids,151
371 || ICMP PING Cisco Type.x || arachnids,153
372 || ICMP PING Delphi-Piette Windows || arachnids,155
373 || ICMP PING Flowpoint2200 or Network Management Software || arachnids,156
374 || ICMP PING IP NetMonitor Macintosh || arachnids,157
375 || ICMP PING LINUX/*BSD || arachnids,447
376 || ICMP PING Microsoft Windows || arachnids,159
377 || ICMP PING Network Toolbox 3 Windows || arachnids,161
378 || ICMP PING Ping-O-MeterWindows || arachnids,164
379 || ICMP PING Pinger Windows || arachnids,163
380 || ICMP PING Seer Windows || arachnids,166
381 || ICMP PING Sun Solaris || arachnids,448
382 || ICMP PING Windows || arachnids,169
384 || ICMP PING
385 || ICMP traceroute || arachnids,118
386 || ICMP Address Mask Reply
387 || ICMP Address Mask Reply undefined code
388 || ICMP Address Mask Request
389 || ICMP Address Mask Request undefined code
390 || ICMP Alternate Host Address
391 || ICMP Alternate Host Address undefined code
392 || ICMP Datagram Conversion Error
393 || ICMP Datagram Conversion Error undefined code
394 || ICMP Destination Unreachable Destination Host Unknown
395 || ICMP Destination Unreachable Destination Network Unknown
396 || ICMP Destination Unreachable Fragmentation Needed and DF bit was set
397 || ICMP Destination Unreachable Host Precedence Violation
398 || ICMP Destination Unreachable Host Unreachable for Type of Service
399 || ICMP Destination Unreachable Host Unreachable
400 || ICMP Destination Unreachable Network Unreachable for Type of Service
401 || ICMP Destination Unreachable Network Unreachable
402 || ICMP Destination Unreachable Port Unreachable
403 || ICMP Destination Unreachable Precedence Cutoff in effect
404 || ICMP Destination Unreachable Protocol Unreachable
405 || ICMP Destination Unreachable Source Host Isolated
406 || ICMP Destination Unreachable Source Route Failed
407 || ICMP Destination Unreachable cndefined code
408 || ICMP Echo Reply
409 || ICMP Echo Reply undefined code
410 || ICMP Fragment Reassembly Time Exceeded
411 || ICMP IPV6 I-Am-Here
412 || ICMP IPV6 I-Am-Here undefined code
413 || ICMP IPV6 Where-Are-You
414 || ICMP IPV6 Where-Are-You undefined code
415 || ICMP Information Reply
416 || ICMP Information Reply undefined code
417 || ICMP Information Request
418 || ICMP Information Request undefined code
419 || ICMP Mobile Host Redirect
420 || ICMP Mobile Host Redirect undefined code
421 || ICMP Mobile Registration Reply
422 || ICMP Mobile Registration Reply undefined code
423 || ICMP Mobile Registration Request
424 || ICMP Mobile Registration Request undefined code
425 || ICMP Parameter Problem Bad Length
426 || ICMP Parameter Problem Missing a Required Option
427 || ICMP Parameter Problem Unspecified Error
428 || ICMP Parameter Problem undefined Code
429 || ICMP Photuris Reserved
430 || ICMP Photuris Unknown Security Parameters Index
431 || ICMP Photuris Valid Security Parameters, But Authentication Failed
432 || ICMP Photuris Valid Security Parameters, But Decryption Failed
433 || ICMP Photuris undefined code!
436 || ICMP Redirect for TOS and Host
437 || ICMP Redirect for TOS and Network
438 || ICMP Redirect undefined code
439 || ICMP Reserved for Security Type 19
440 || ICMP Reserved for Security Type 19 undefined code
441 || ICMP Router Advertisement || arachnids,173
443 || ICMP Router Selection || arachnids,174
445 || ICMP SKIP
446 || ICMP SKIP undefined code
448 || ICMP Source Quench undefined code
449 || ICMP Time-To-Live Exceeded in Transit
450 || ICMP Time-To-Live Exceeded in Transit undefined code
451 || ICMP Timestamp Reply
452 || ICMP Timestamp Reply undefined code
453 || ICMP Timestamp Request
454 || ICMP Timestamp Request undefined code
455 || ICMP Traceroute ipopts || arachnids,238
456 || ICMP Traceroute
457 || ICMP Traceroute undefined code
458 || ICMP unassigned type 1
459 || ICMP unassigned type 1 undefined code
460 || ICMP unassigned type 2
461 || ICMP unassigned type 2 undefined code
462 || ICMP unassigned type 7
463 || ICMP unassigned type 7 undefined code
465 || ICMP ISS Pinger || arachnids,158
466 || ICMP L3retriever Ping || arachnids,311
467 || ICMP Nemesis v1.1 Echo || arachnids,449
469 || ICMP PING NMAP || arachnids,162
471 || ICMP icmpenum v1.1.1 || arachnids,450
472 || ICMP redirect host || cve,1999-0265 || arachnids,135
473 || ICMP redirect net || cve,1999-0265 || arachnids,199
474 || ICMP superscan echo
475 || ICMP traceroute ipopts || arachnids,238
476 || ICMP webtrends scanner || arachnids,307
477 || ICMP Source Quench
478 || ICMP Broadscan Smurf Scanner
480 || ICMP PING speedera
481 || ICMP TJPingPro1.1Build 2 Windows || arachnids,167
482 || ICMP PING WhatsupGold Windows || arachnids,168
483 || ICMP PING CyberKit 2.2 Windows || arachnids,154
484 || ICMP PING Sniffer Pro/NetXRay network scan
485 || ICMP Destination Unreachable Communication Administratively Prohibited
486 || ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited
487 || ICMP Destination Unreachable Communication with Destination Network is Administratively Prohibited
488 || INFO Connection Closed MSG from Port 80
489 || INFO FTP no password || arachnids,322
490 || INFO battle-mail traffic
491 || INFO FTP Bad login
492 || INFO TELNET Bad Login
493 || INFO psyBNC access
494 || ATTACK-RESPONSES command completed
495 || ATTACK-RESPONSES command error
496 || ATTACK RESPONSES directory listing
497 || ATTACK-RESPONSES file copied ok
498 || ATTACK-RESPONSES id check returned root
499 || ICMP Large ICMP Packet || arachnids,246
500 || MISC source route lssr || cve,1999-0909 || bugtraq,646 || arachnids,418
501 || MISC source route lssre || cve,1999-0909 || bugtraq,646 || arachnids,420
502 || MISC source route ssrr || arachnids,422
503 || MISC Source Port 20 to <1024 || arachnids,06
504 || MISC source port 53 to <1024 || arachnids,07
505 || MISC Insecure TIMBUKTU Password || arachnids,229
506 || MISC ramen worm incoming || arachnids,460
507 || MISC PCAnywhere Attempted Administrator Login
508 || MISC gopher proxy || arachnids,409
509 || WEB-MISC PCCS mysql database admin tool access || arachnids,300
510 || POLICY HP JetDirect LCD modification attempt || bugtraq,2245 || arachnids,302
511 || MISC Invalid PCAnywhere Login
512 || MISC PCAnywhere Failed Login || arachnids,240
513 || MISC Cisco Catalyst Remote Access || cve,1999-0430 || bugtraq,705 || arachnids,129
514 || MISC ramen worm || arachnids,461
516 || MISC SNMP NT UserList
517 || MISC xdmcp query || arachnids,476
518 || TFTP Put || cve,1999-0183 || arachnids,148
519 || TFTP parent directory || cve,2002-1209 || cve,1999-0183 || arachnids,137
520 || TFTP root directory || cve,1999-0183 || arachnids,138
521 || MISC Large UDP Packet || arachnids,247
522 || MISC Tiny Fragments
523 || BAD-TRAFFIC ip reserved bit set
524 || BAD-TRAFFIC tcp port 0 traffic
525 || BAD-TRAFFIC udp port 0 traffic || nessus,10074 || cve,1999-0675 || bugtraq,576
526 || BAD-TRAFFIC data in TCP SYN packet || url,www.cert.org/incident_notes/IN-99-07.html
527 || BAD-TRAFFIC same SRC/DST || url,www.cert.org/advisories/CA-1997-28.html || cve,1999-0016 || bugtraq,2666
528 || BAD-TRAFFIC loopback traffic || url,rr.sans.org/firewall/egress.php
529 || NETBIOS DOS RFPoison || arachnids,454
530 || NETBIOS NT NULL session || cve,2000-0347 || bugtraq,1163 || arachnids,204
532 || NETBIOS SMB ADMIN$ share access
533 || NETBIOS SMB C$ share access
534 || NETBIOS SMB CD.. || arachnids,338
535 || NETBIOS SMB CD... || arachnids,337
536 || NETBIOS SMB D$ share access
537 || NETBIOS SMB IPC$ share access
538 || NETBIOS SMB IPC$ share unicode access
539 || NETBIOS Samba clientaccess || arachnids,341
540 || CHAT MSN message
541 || CHAT ICQ access
542 || CHAT IRC nick change
543 || POLICY FTP 'STOR 1MB' possible warez site
544 || POLICY FTP 'RETR 1MB' possible warez site
545 || POLICY FTP 'CWD / ' possible warez site
546 || POLICY FTP 'CWD  ' possible warez site
547 || POLICY FTP 'MKD  ' possible warez site
548 || POLICY FTP 'MKD .' possible warez site
549 || P2P napster login
550 || P2P napster new user login
551 || P2P napster download attempt
552 || P2P napster upload request
553 || POLICY FTP anonymous login attempt
554 || POLICY FTP 'MKD / ' possible warez site
555 || POLICY WinGate telnet server response || cve,1999-0657 || arachnids,366
556 || P2P Outbound GNUTella client request
557 || P2P GNUTella client request
558 || INFO Outbound GNUTella client request
559 || P2P Inbound GNUTella client request
560 || POLICY VNC server response
561 || P2P Napster Client Data
562 || P2P Napster Client Data
563 || P2P Napster Client Data
564 || P2P Napster Client Data
565 || P2P Napster Server Login
566 || POLICY PCAnywhere server response || arachnids,239
567 || POLICY SMTP relaying denied || url,mail-abuse.org/tsi/ar-fix.html || arachnids,249
568 || POLICY HP JetDirect LCD modification attempt || bugtraq,2245 || arachnids,302
569 || RPC snmpXdmi overflow attempt TCP || url,www.cert.org/advisories/CA-2001-05.html || cve,2001-0236 || bugtraq,2417
570 || RPC EXPLOIT ttdbserv solaris overflow || url,www.cert.org/advisories/CA-2001-27.html || cve,1999-0003 || bugtraq,122 || arachnids,242
571 || RPC EXPLOIT ttdbserv Solaris overflow || url,www.cert.org/advisories/CA-2001-27.html || cve,1999-0003 || bugtraq,122 || arachnids,242
572 || RPC DOS ttdbserv Solaris || cve,1999-0003 || bugtraq,122 || arachnids,241
573 || RPC AMD Overflow || cve,1999-0704 || arachnids,217
574 || RPC mountd TCP export request || arachnids,26
575 || RPC portmap admind request UDP || arachnids,18
576 || RPC portmap amountd request UDP || arachnids,19
577 || RPC portmap bootparam request UDP || cve,1999-0647 || arachnids,16
578 || RPC portmap cmsd request UDP || arachnids,17
579 || RPC portmap mountd request UDP || arachnids,13
580 || RPC portmap nisd request UDP || arachnids,21
581 || RPC portmap pcnfsd request UDP || arachnids,22
582 || RPC portmap rexd request UDP || arachnids,23
583 || RPC portmap rstatd request UDP || arachnids,10
584 || RPC portmap rusers request UDP || cve,1999-0626 || arachnids,133
585 || RPC portmap sadmind request UDP || arachnids,20
586 || RPC portmap selection_svc request UDP || arachnids,25
587 || RPC portmap status request UDP || arachnids,15
588 || RPC portmap ttdbserv request UDP || url,www.cert.org/advisories/CA-2001-05.html || cve,2001-0717 || cve,1999-1075 || cve,1999-0687 || cve,1999-0003 || bugtraq,3382 || bugtraq,122 || arachnids,24
589 || RPC portmap yppasswd request UDP || arachnids,14
590 || RPC portmap ypserv request UDP || cve,2002-1232 || cve,2000-1043 || cve,2000-1042 || bugtraq,6016 || bugtraq,5914 || arachnids,12
591 || RPC portmap ypupdated request TCP || arachnids,125
592 || RPC rstatd query || arachnids,9
593 || RPC portmap snmpXdmi request TCP || url,www.cert.org/advisories/CA-2001-05.html || cve,2001-0236 || bugtraq,2417
595 || RPC portmap espd request TCP || cve,2001-0331 || bugtraq,2714
596 || RPC portmap listing || arachnids,429
597 || RPC portmap listing || arachnids,429
598 || RPC portmap listing TCP 111 || arachnids,428
599 || RPC portmap listing TCP 32771 || arachnids,429
600 || RPC EXPLOIT statdx || arachnids,442
601 || RSERVICES rlogin LinuxNIS
602 || RSERVICES rlogin bin || arachnids,384
603 || RSERVICES rlogin echo++ || arachnids,385
604 || RSERVICES rsh froot || arachnids,387
605 || RSERVICES rlogin login failure || arachnids,393
606 || RSERVICES rlogin root || arachnids,389
607 || RSERVICES rsh bin || arachnids,390
608 || RSERVICES rsh echo + + || arachnids,388
609 || RSERVICES rsh froot || arachnids,387
610 || RSERVICES rsh root || arachnids,391
611 || RSERVICES rlogin login failure || arachnids,392
612 || RPC rusers query UDP || cve,1999-0626
613 || SCAN myscan || arachnids,439
614 || BACKDOOR hack-a-tack attempt || arachnids,314
615 || SCAN SOCKS Proxy attempt || url,help.undernet.org/proxyscan/
616 || SCAN ident version request || arachnids,303
617 || SCAN ssh-research-scanner
618 || SCAN Squid Proxy attempt
619 || SCAN cybercop os probe || arachnids,146
620 || SCAN Proxy Port 8080 attempt
621 || SCAN FIN || arachnids,27
622 || SCAN ipEye SYN scan || arachnids,236
623 || SCAN NULL || arachnids,4
624 || SCAN SYN FIN || arachnids,198
625 || SCAN XMAS || arachnids,144
626 || SCAN cybercop os PA12 attempt || arachnids,149
627 || SCAN cybercop os SFU12 probe || arachnids,150
628 || SCAN nmap TCP || arachnids,28
629 || SCAN nmap fingerprint attempt || arachnids,05
630 || SCAN synscan portscan || arachnids,441
631 || SMTP ehlo cybercop attempt || arachnids,372
632 || SMTP expn cybercop attempt || arachnids,371
634 || SCAN Amanda client version request
635 || SCAN XTACACS logout || arachnids,408
636 || SCAN cybercop udp bomb || arachnids,363
637 || SCAN Webtrends Scanner UDP Probe || arachnids,308
638 || SHELLCODE SGI NOOP || arachnids,356
639 || SHELLCODE SGI NOOP || arachnids,357
640 || SHELLCODE AIX NOOP
641 || SHELLCODE Digital UNIX NOOP || arachnids,352
642 || SHELLCODE HP-UX NOOP || arachnids,358
643 || SHELLCODE HP-UX NOOP || arachnids,359
644 || SHELLCODE sparc NOOP || arachnids,345
645 || SHELLCODE sparc NOOP || arachnids,353
646 || SHELLCODE sparc NOOP || arachnids,355
647 || SHELLCODE sparc setuid 0 || arachnids,282
648 || SHELLCODE x86 NOOP || arachnids,181
649 || SHELLCODE x86 setgid 0 || arachnids,284
650 || SHELLCODE x86 setuid 0 || arachnids,436
651 || SHELLCODE x86 stealth NOOP || arachnids,291
652 || SHELLCODE Linux shellcode || arachnids,343
653 || SHELLCODE x86 unicode NOOP
654 || SMTP RCPT TO overflow || cve,2001-0260 || bugtraq,9696 || bugtraq,2283
655 || SMTP sendmail 8.6.9 exploit || cve,1999-0204 || bugtraq,2311 || arachnids,140
656 || SMTP EXPLOIT x86 windows CSMMail overflow || cve,2000-0042 || bugtraq,895
657 || SMTP chameleon overflow || cve,1999-0261 || bugtraq,2387 || arachnids,266
658 || SMTP exchange mime DOS
659 || SMTP expn decode || arachnids,32
660 || SMTP expn root || arachnids,31
661 || SMTP majordomo ifs || cve,1999-0208 || arachnids,143
662 || SMTP sendmail 5.5.5 exploit || arachnids,119
663 || SMTP rcpt to command attempt || cve,1999-0095 || bugtraq,1 || arachnids,172
664 || SMTP RCPT TO decode attempt || cve,1999-0203 || bugtraq,2308 || arachnids,121
665 || SMTP sendmail 5.6.5 exploit || arachnids,122
666 || SMTP sendmail 8.4.1 exploit || arachnids,120
667 || SMTP sendmail 8.6.10 exploit || arachnids,123
668 || SMTP sendmail 8.6.10 exploit || arachnids,124
669 || SMTP sendmail 8.6.9 exploit || cve,1999-0204 || bugtraq,2311 || arachnids,142
670 || SMTP sendmail 8.6.9 exploit || cve,1999-0204 || bugtraq,2311 || arachnids,139
671 || SMTP sendmail 8.6.9c exploit || cve,1999-0204 || bugtraq,2311 || arachnids,141
672 || SMTP vrfy decode || arachnids,373
673 || MS-SQL sp_start_job - program execution
674 || MS-SQL xp_displayparamstmt possible buffer overflow || cve,2000-1081 || bugtraq,2030
675 || MS-SQL xp_setsqlsecurity possible buffer overflow || bugtraq,2043
676 || MS-SQL/SMB sp_start_job - program execution
677 || MS-SQL/SMB sp_password password change
678 || MS-SQL/SMB sp_delete_alert log file deletion
679 || MS-SQL/SMB sp_adduser database user creation
680 || MS-SQL/SMB sa login failed
681 || MS-SQL/SMB xp_cmdshell program execution
682 || MS-SQL xp_enumresultset possible buffer overflow
683 || MS-SQL sp_password - password change
684 || MS-SQL sp_delete_alert log file deletion
685 || MS-SQL sp_adduser - database user creation
686 || MS-SQL xp_reg* - registry access
687 || MS-SQL xp_cmdshell - program execution
688 || MS-SQL sa login failed
689 || MS-SQL/SMB xp_reg* registry access
690 || MS-SQL/SMB xp_printstatements possible buffer overflow || cve,2000-1086 || bugtraq,2041
691 || MS-SQL shellcode attempt
692 || MS-SQL/SMB shellcode attempt
693 || MS-SQL shellcode attempt
694 || MS-SQL/SMB shellcode attempt
695 || MS-SQL/SMB xp_sprintf possible buffer overflow || bugtraq,1204
696 || MS-SQL/SMB xp_showcolv possible buffer overflow || bugtraq,2038
697 || MS-SQL/SMB xp_peekqueue possible buffer overflow || cve,2000-1085 || bugtraq,2040
698 || MS-SQL/SMB xp_proxiedmetadata possible buffer overflow || cve,2000-1087 || bugtraq,2042
699 || MS-SQL xp_printstatements possible buffer overflow || cve,2000-1086 || bugtraq,2041
700 || MS-SQL/SMB xp_updatecolvbm possible buffer overflow || cve,2000-1084 || bugtraq,2039
701 || MS-SQL xp_updatecolvbm possible buffer overflow || cve,2000-1084 || bugtraq,2039
702 || MS-SQL/SMB xp_displayparamstmt possible buffer overflow || cve,2000-1081 || bugtraq,2030
703 || MS-SQL/SMB xp_setsqlsecurity possible buffer overflow || bugtraq,2043
704 || MS-SQL xp_sprintf possible buffer overflow || bugtraq,1204
705 || MS-SQL xp_showcolv possible buffer overflow || cve,2000-1083 || bugtraq,2038
706 || MS-SQL xp_peekqueue possible buffer overflow || cve,2000-1085 || bugtraq,2040
707 || MS-SQL xp_proxiedmetadata possible buffer overflow || cve,2000-1087 || cve,1999-0287 || bugtraq,2024
708 || MS-SQL/SMB xp_enumresultset possible buffer overflow || cve,2000-1082 || bugtraq,2031
709 || TELNET 4Dgifts SGI account attempt || cve,1999-0501
710 || TELNET EZsetup account attempt || cve,1999-0501
711 || TELNET SGI telnetd format bug || arachnids,304
712 || TELNET ld_library_path || cve,1999-0073 || bugtraq,459 || arachnids,367
713 || TELNET livingston DOS || arachnids,370
714 || TELNET resolv_host_conf || arachnids,369
715 || TELNET Attempted SU from wrong group
716 || TELNET access || cve,1999-0619 || arachnids,08
717 || TELNET not on console || arachnids,365
718 || TELNET login incorrect || arachnids,127
719 || TELNET root login
720 || Virus - SnowWhite Trojan Incoming
721 || VIRUS OUTBOUND bad file attachment
722 || Virus - Possible NAVIDAD Worm
723 || Virus - Possible MyRomeo Worm
724 || Virus - Possible MyRomeo Worm
725 || Virus - Possible MyRomeo Worm
726 || Virus - Possible MyRomeo Worm
727 || Virus - Possible MyRomeo Worm
728 || Virus - Possible MyRomeo Worm
729 || VIRUS OUTBOUND .scr file attachment
730 || VIRUS OUTBOUND .shs file attachment
731 || Virus - Possible QAZ Worm || MCAFEE,98775
732 || Virus - Possible QAZ Worm Infection || MCAFEE,98775
733 || Virus - Possible QAZ Worm Calling Home || MCAFEE,98775
734 || Virus - Possible Matrix worm
735 || Virus - Possible MyRomeo Worm
736 || Virus - Successful eurocalculator execution
737 || Virus - Possible eurocalculator.exe file
738 || Virus - Possible Pikachu Pokemon Virus || MCAFEE,98696
739 || Virus - Possible Triplesix Worm || MCAFEE,10389
740 || Virus - Possible Tune.vbs || MCAFEE,10497
741 || Virus - Possible NAIL Worm || MCAFEE,10109
742 || Virus - Possible NAIL Worm || MCAFEE,10109
743 || Virus - Possible NAIL Worm || MCAFEE,10109
744 || Virus - Possible NAIL Worm || MCAFEE,10109
745 || Virus - Possible Papa Worm || MCAFEE,10145
746 || Virus - Possible Freelink Worm || MCAFEE,10225
747 || Virus - Possible Simbiosis Worm
748 || Virus - Possible BADASS Worm || MCAFEE,10388
749 || Virus - Possible ExploreZip.B Worm || MCAFEE,10471
751 || Virus - Possible wscript.KakWorm || MCAFEE,10509
752 || Virus Possible Suppl Worm || MCAFEE,10361
753 || Virus - Possible NewApt.Worm - theobbq.exe || MCAFEE,10540
754 || Virus - Possible Word Macro - VALE || MCAFEE,10502
755 || Virus - Possible IROK Worm || MCAFEE,98552
756 || Virus - Possible Fix2001 Worm || MCAFEE,10355
757 || Virus - Possible Y2K Zelu Trojan || MCAFEE,10505
758 || Virus - Possible The_Fly Trojan || MCAFEE,10478
759 || Virus - Possible Word Macro - VALE || MCAFEE,10502
760 || Virus - Possible Passion Worm || MCAFEE,10467
761 || Virus - Possible NewApt.Worm - cooler3.exe || MCAFEE,10540
762 || Virus - Possible NewApt.Worm - party.exe || MCAFEE,10540
763 || Virus - Possible NewApt.Worm - hog.exe || MCAFEE,10540
764 || Virus - Possible NewApt.Worm - goal1.exe || MCAFEE,10540
765 || Virus - Possible NewApt.Worm - pirate.exe || MCAFEE,10540
766 || Virus - Possible NewApt.Worm - video.exe || MCAFEE,10540
767 || Virus - Possible NewApt.Worm - baby.exe || MCAFEE,10540
768 || Virus - Possible NewApt.Worm - cooler1.exe || MCAFEE,10540
769 || Virus - Possible NewApt.Worm - boss.exe || MCAFEE,10540
770 || Virus - Possible NewApt.Worm - g-zilla.exe || MCAFEE,10540
771 || Virus - Possible ToadieE-mail Trojan || MCAFEE,10540
772 || Virus - Possible PrettyPark Trojan || MCAFEE,10175
773 || Virus - Possible Happy99 Virus || MCAFEE,10144
774 || Virus - Possible CheckThis Trojan
775 || Virus - Possible Bubbleboy Worm || MCAFEE,10418
776 || Virus - Possible NewApt.Worm - copier.exe || MCAFEE,10540
777 || Virus - Possible MyPics Worm || MCAFEE,10467
778 || Virus - Possible Babylonia - X-MAS.exe || MCAFEE,10461
779 || Virus - Possible NewApt.Worm - gadget.exe || MCAFEE,10540
780 || Virus - Possible NewApt.Worm - irnglant.exe || MCAFEE,10540
781 || Virus - Possible NewApt.Worm - casper.exe || MCAFEE,10540
782 || Virus - Possible NewApt.Worm - fborfw.exe || MCAFEE,10540
783 || Virus - Possible NewApt.Worm - saddam.exe || MCAFEE,10540
784 || Virus - Possible NewApt.Worm - bboy.exe || MCAFEE,10540
785 || Virus - Possible NewApt.Worm - monica.exe || MCAFEE,10540
786 || Virus - Possible NewApt.Worm - goal.exe || MCAFEE,10540
787 || Virus - Possible NewApt.Worm - panther.exe || MCAFEE,10540
788 || Virus - Possible NewApt.Worm - chestburst.exe || MCAFEE,10540
789 || Virus - Possible NewApt.Worm - farter.exe || MCAFEE,1054
790 || Virus - Possible Common Sense Worm
791 || Virus - Possible NewApt.Worm - cupid2.exe || MCAFEE,10540
792 || Virus - Possible Resume Worm || MCAFEE,98661
793 || VIRUS OUTBOUND .vbs file attachment
794 || Virus - Possible Resume Worm || MCAFEE,98661
795 || Virus - Possible Worm -  txt.vbs file
796 || Virus - Possible Worm - xls.vbs file
797 || Virus - Possible Worm - jpg.vbs file
798 || Virus - Possible Worm -  gif.vbs file
799 || Virus - Possible Timofonica Worm || MCAFEE,98674
800 || Virus - Possible Resume Worm || MCAFEE,98661
801 || Virus - Possible Worm - doc.vbs file
802 || Virus - Possbile Zipped Files Trojan || MCAFEE,10450
803 || WEB-CGI HyperSeek hsx.cgi directory traversal attempt || cve,2001-0253 || bugtraq,2314
804 || WEB-CGI SWSoft ASPSeek Overflow attempt || cve,2001-0476 || bugtraq,2492
805 || WEB-CGI webspeed access || nessus,10304 || cve,2000-0127 || bugtraq,969 || arachnids,467
806 || WEB-CGI yabb directory traversal attempt || cve,2000-0853 || bugtraq,1668 || arachnids,462
807 || WEB-CGI /wwwboard/passwd.txt access || nessus,10321 || cve,1999-0954 || cve,1999-0953 || bugtraq,649 || arachnids,463
808 || WEB-CGI webdriver access || nessus,10592 || bugtraq,2166 || arachnids,473
809 || WEB-CGI whois_raw.cgi arbitrary command execution attempt || nessus,10306 || cve,1999-1063 || bugtraq,304 || arachnids,466
810 || WEB-CGI whois_raw.cgi access || nessus,10306 || cve,1999-1063 || bugtraq,304 || arachnids,466
811 || WEB-CGI websitepro path access || cve,2000-0066 || bugtraq,932 || arachnids,468
812 || WEB-CGI webplus version access || cve,2000-0282 || bugtraq,1102 || arachnids,470
813 || WEB-CGI webplus directory traversal || cve,2000-0282 || bugtraq,1102 || arachnids,471
815 || WEB-CGI websendmail access || nessus,10301 || cve,1999-0196 || bugtraq,2077 || arachnids,469
817 || WEB-CGI dcboard.cgi invalid user addition attempt || nessus,10583 || cve,2001-0527 || bugtraq,2728
818 || WEB-CGI dcforum.cgi access || nessus,10583 || cve,2001-0527 || bugtraq,2728
819 || WEB-CGI mmstdod.cgi access || cve,2001-0021
820 || WEB-CGI anaconda directory transversal attempt || cve,2001-0308 || cve,2000-0975 || bugtraq,2388 || bugtraq,2338
821 || WEB-CGI imagemap.exe overflow attempt || nessus,10122 || cve,1999-0951 || bugtraq,739 || arachnids,412
823 || WEB-CGI cvsweb.cgi access || cve,2000-0670 || bugtraq,1469
824 || WEB-CGI php.cgi access || cve,1999-0238 || bugtraq,2250 || arachnids,232
825 || WEB-CGI glimpse access || bugtraq,2026
826 || WEB-CGI htmlscript access || cve,1999-0264 || bugtraq,2001
827 || WEB-CGI info2www access || cve,1999-0266 || bugtraq,1995
828 || WEB-CGI maillist.pl access
829 || WEB-CGI nph-test-cgi access || nessus,10165 || cve,1999-0045 || bugtraq,686 || arachnids,224
830 || WEB-CGI NPH-publish access || cve,1999-1177
832 || WEB-CGI perl.exe access || url,www.cert.org/advisories/CA-1996-11.html || nessus,10173 || cve,1999-0509 || arachnids,219
833 || WEB-CGI rguest.exe access || cve,1999-0467 || cve,1999-0287 || bugtraq,2024
834 || WEB-CGI rwwwshell.pl access || url,www.itsecurity.com/papers/p37.htm
835 || WEB-CGI test-cgi access || nessus,10282 || cve,1999-0070 || bugtraq,2003 || arachnids,218
836 || WEB-CGI textcounter.pl access || cve,1999-1479
837 || WEB-CGI uploader.exe access || nessus,10291 || cve,1999-0177
838 || WEB-CGI webgais access || nessus,10300 || cve,1999-0176 || bugtraq,2058 || arachnids,472
839 || WEB-CGI finger access || nessus,10071 || cve,1999-0612 || arachnids,221
840 || WEB-CGI perlshop.cgi access || cve,1999-1374
841 || WEB-CGI pfdisplay.cgi access || cve,1999-0270 || bugtraq,64
842 || WEB-CGI aglimpse access || nessus,10095 || cve,1999-0147 || bugtraq,2026
843 || WEB-CGI anform2 access || cve,1999-0066 || arachnids,225
844 || WEB-CGI args.bat access || cve,1999-1374
845 || WEB-CGI AT-admin.cgi access || cve,1999-1072
846 || WEB-CGI bnbform.cgi access || cve,1999-0937 || bugtraq,2147
847 || WEB-CGI campas access || cve,1999-0146 || bugtraq,1975
848 || WEB-CGI view-source directory traversal || cve,1999-0174 || bugtraq,8883 || bugtraq,2251
849 || WEB-CGI view-source access || cve,1999-0174 || bugtraq,8883 || bugtraq,2251
850 || WEB-CGI wais.pl access
851 || WEB-CGI files.pl access || cve,1999-1081
852 || WEB-CGI wguest.exe access || cve,1999-0467 || cve,1999-0287 || bugtraq,2024
853 || WEB-CGI wrap access || nessus,10317 || cve,1999-0149 || bugtraq,373 || arachnids,234
854 || WEB-CGI classifieds.cgi access || cve,1999-0934 || bugtraq,2020
855 || WEB-CGI edit.pl access || bugtraq,2713
856 || WEB-CGI environ.cgi access
857 || WEB-CGI faxsurvey access || nessus,10067 || cve,1999-0262 || bugtraq,2056
858 || WEB-CGI filemail access || cve,1999-1154
859 || WEB-CGI man.sh access || cve,1999-1179
860 || WEB-CGI snork.bat access || cve,2000-0169 || bugtraq,1053 || arachnids,220
861 || WEB-CGI w3-msql access || nessus,10296 || cve,2000-0012 || cve,1999-0753 || cve,1999-0276 || bugtraq,898 || bugtraq,591 || arachnids,210
862 || WEB-CGI csh access || url,www.cert.org/advisories/CA-1996-11.html || cve,1999-0509
863 || WEB-CGI day5datacopier.cgi access || cve,1999-1232
864 || WEB-CGI day5datanotifier.cgi access || cve,1999-1232
865 || WEB-CGI ksh access || url,www.cert.org/advisories/CA-1996-11.html || cve,1999-0509
866 || WEB-CGI post-query access || cve,2001-0291 || bugtraq,6752
867 || WEB-CGI visadmin.exe access || nessus,10295 || cve,1999-1970 || cve,1999-0970 || bugtraq,1808
868 || WEB-CGI rsh access || url,www.cert.org/advisories/CA-1996-11.html || cve,1999-0509
869 || WEB-CGI dumpenv.pl access || nessus,10060 || cve,1999-1178
870 || WEB-CGI snorkerz.cmd access
871 || WEB-CGI survey.cgi access || cve,1999-0936 || bugtraq,1817
872 || WEB-CGI tcsh access || url,www.cert.org/advisories/CA-1996-11.html || cve,1999-0509
873 || WEB-CGI scriptalias access || cve,1999-0236 || bugtraq,2300 || arachnids,227
874 || WEB-CGI w3-msql solaris x86  access || cve,1999-0276 || arachnids,211
875 || WEB-CGI win-c-sample.exe access || nessus,10008 || cve,1999-0178 || bugtraq,2078 || arachnids,231
877 || WEB-CGI rksh access || url,www.cert.org/advisories/CA-1996-11.html || cve,1999-0509
878 || WEB-CGI w3tvars.pm access
879 || WEB-CGI admin.pl access || url,online.securityfocus.com/archive/1/249355 || bugtraq,3839
880 || WEB-CGI LWGate access || url,www.wiretrip.net/rfp/p/doc.asp/i2/d6.htm || url,www.netspace.org/~dwb/lwgate/lwgate-history.html
881 || WEB-CGI archie access
882 || WEB-CGI calendar access
883 || WEB-CGI flexform access || url,www.wiretrip.net/rfp/p/doc.asp/i2/d6.htm
884 || WEB-CGI formmail access || nessus,10782 || nessus,10076 || cve,2000-0411 || cve,1999-0172 || bugtraq,2079 || bugtraq,1187 || arachnids,226
885 || WEB-CGI bash access || url,www.cert.org/advisories/CA-1996-11.html || cve,1999-0509
886 || WEB-CGI phf access || cve,1999-0067 || bugtraq,629 || arachnids,128
887 || WEB-CGI www-sql access || url,marc.theaimsgroup.com/?l=bugtraq&m=88704258804054&w=2
888 || WEB-CGI wwwadmin.pl access
889 || WEB-CGI ppdscgi.exe access || url,online.securityfocus.com/archive/1/16878 || bugtraq,491
890 || WEB-CGI sendform.cgi access || url,www.scn.org/help/sendform.txt || cve,2002-0710 || bugtraq,5286
891 || WEB-CGI upload.pl access
892 || WEB-CGI AnyForm2 access || cve,1999-0066 || bugtraq,719
893 || WEB-CGI MachineInfo access || cve,1999-1067
894 || WEB-CGI bb-hist.sh access || nessus,10025 || cve,1999-1462 || bugtraq,142
895 || WEB-CGI redirect access || cve,2000-0382 || bugtraq,1179
896 || WEB-CGI way-board access || nessus,10610 || cve,2001-0214 || bugtraq,2370
897 || WEB-CGI pals-cgi access || nessus,10611 || cve,2001-0217 || cve,2001-0216 || bugtraq,2372
898 || WEB-CGI commerce.cgi access || nessus,10612 || cve,2001-0210 || bugtraq,2361
899 || WEB-CGI Amaya templates sendtemp.pl directory traversal attempt || cve,2001-0272 || bugtraq,2504
900 || WEB-CGI webspirs.cgi directory traversal attempt || nessus,10616 || cve,2001-0211 || bugtraq,2362
901 || WEB-CGI webspirs.cgi access || nessus,10616 || cve,2001-0211 || bugtraq,2362
902 || WEB-CGI tstisapi.dll access || cve,2001-0302
903 || WEB-COLDFUSION cfcache.map access || cve,2000-0057 || bugtraq,917
904 || WEB-COLDFUSION exampleapp application.cfm || cve,2000-0189 || bugtraq,1021
905 || WEB-COLDFUSION application.cfm access || cve,2000-0189 || bugtraq,1021
906 || WEB-COLDFUSION getfile.cfm access || cve,1999-0800 || bugtraq,229
907 || WEB-COLDFUSION addcontent.cfm access
908 || WEB-COLDFUSION administrator access || cve,2000-0538 || bugtraq,1314
909 || WEB-COLDFUSION datasource username attempt || bugtraq,550
910 || WEB-COLDFUSION fileexists.cfm access || bugtraq,550
911 || WEB-COLDFUSION exprcalc access || cve,1999-0455 || bugtraq,550 || bugtraq,115
912 || WEB-COLDFUSION parks access || bugtraq,550
913 || WEB-COLDFUSION cfappman access || bugtraq,550
914 || WEB-COLDFUSION beaninfo access || bugtraq,550
915 || WEB-COLDFUSION evaluate.cfm access || bugtraq,550
916 || WEB-COLDFUSION getodbcdsn access || bugtraq,550
917 || WEB-COLDFUSION db connections flush attempt || bugtraq,550
918 || WEB-COLDFUSION expeval access || cve,1999-0477 || bugtraq,550
919 || WEB-COLDFUSION datasource passwordattempt || bugtraq,550
920 || WEB-COLDFUSION datasource attempt || bugtraq,550
921 || WEB-COLDFUSION admin encrypt attempt || bugtraq,550
922 || WEB-COLDFUSION displayfile access || bugtraq,550
923 || WEB-COLDFUSION getodbcin attempt || bugtraq,550
924 || WEB-COLDFUSION admin decrypt attempt || bugtraq,550
925 || WEB-COLDFUSION mainframeset access || bugtraq,550
926 || WEB-COLDFUSION set odbc ini attempt || bugtraq,550
927 || WEB-COLDFUSION settings refresh attempt || bugtraq,550
928 || WEB-COLDFUSION exampleapp access
929 || WEB-COLDFUSION CFUSION_VERIFYMAIL access || bugtraq,550
930 || WEB-COLDFUSION snippets attempt || bugtraq,550
931 || WEB-COLDFUSION cfmlsyntaxcheck.cfm access || bugtraq,550
932 || WEB-COLDFUSION application.cfm access || cve,2000-0189 || bugtraq,550 || arachnids,268
933 || WEB-COLDFUSION onrequestend.cfm access || cve,2000-0189 || bugtraq,550 || arachnids,269
935 || WEB-COLDFUSION startstop DOS access || bugtraq,247
936 || WEB-COLDFUSION gettempdirectory.cfm access  || bugtraq,550
937 || WEB-FRONTPAGE _vti_rpc access || bugtraq,2144
939 || WEB-FRONTPAGE posting
940 || WEB-FRONTPAGE shtml.dll access || arachnids,292
941 || WEB-FRONTPAGE contents.htm access
942 || WEB-FRONTPAGE orders.htm access
943 || WEB-FRONTPAGE fpsrvadm.exe access
944 || WEB-FRONTPAGE fpremadm.exe access
945 || WEB-FRONTPAGE fpadmin.htm access
946 || WEB-FRONTPAGE fpadmcgi.exe access
947 || WEB-FRONTPAGE orders.txt access
948 || WEB-FRONTPAGE form_results access
949 || WEB-FRONTPAGE registrations.htm access
950 || WEB-FRONTPAGE cfgwiz.exe access
951 || WEB-FRONTPAGE authors.pwd access || nessus,10078 || cve,1999-0386 || bugtraq,989
952 || WEB-FRONTPAGE author.exe access
953 || WEB-FRONTPAGE administrators.pwd access || bugtraq,1205
954 || WEB-FRONTPAGE form_results.htm access
955 || WEB-FRONTPAGE access.cnf access
956 || WEB-FRONTPAGE register.txt access
957 || WEB-FRONTPAGE registrations.txt access
958 || WEB-FRONTPAGE service.cnf access
959 || WEB-FRONTPAGE service.pwd || bugtraq,1205
960 || WEB-FRONTPAGE service.stp access
961 || WEB-FRONTPAGE services.cnf access
962 || WEB-FRONTPAGE shtml.exe access || nessus,10405 || cve,2000-0709 || cve,2000-0413 || bugtraq,1608 || bugtraq,1174
963 || WEB-FRONTPAGE svcacl.cnf access
964 || WEB-FRONTPAGE users.pwd access
965 || WEB-FRONTPAGE writeto.cnf access
966 || WEB-FRONTPAGE .... request || cve,2000-0153 || cve,1999-0386 || bugtraq,989 || arachnids,248
967 || WEB-FRONTPAGE dvwssr.dll access || url,www.microsoft.com/technet/security/bulletin/ms00-025.mspx || cve,2000-0260 || bugtraq,1109 || bugtraq,1108 || arachnids,271
968 || WEB-FRONTPAGE register.htm access
969 || WEB-IIS WebDAV file lock attempt || bugtraq,2736
970 || WEB-IIS multiple decode attempt || cve,2001-0333 || bugtraq,2708
971 || WEB-IIS ISAPI .printer access || cve,2001-0241 || bugtraq,2674 || arachnids,533
972 || WEB-IIS %2E-asp access || cve,1999-0253 || bugtraq,1814
973 || WEB-IIS *.idc attempt || cve,2000-0661 || cve,1999-0874 || bugtraq,1448
974 || WEB-IIS Directory transversal attempt || cve,1999-0229 || bugtraq,2218
975 || WEB-IIS Alternate Data streams ASP file access attempt || url,support.microsoft.com/default.aspx?scid=kb\ || nessus,10362 || cve,1999-0278 || bugtraq,149
976 || WEB-IIS .bat? access || url,support.microsoft.com/support/kb/articles/Q155/0/56.asp || url,support.microsoft.com/support/kb/articles/Q148/1/88.asp || cve,1999-0233 || bugtraq,2023
977 || WEB-IIS .cnf access
978 || WEB-IIS ASP contents view || nessus,10356 || cve,2000-0302 || bugtraq,1084
979 || WEB-IIS ASP contents view || cve,2000-0942 || bugtraq,1861
980 || WEB-IIS CGImail.exe access || cve,2000-0726 || bugtraq,1623
981 || WEB-IIS unicode directory traversal attempt || cve,2000-0884 || bugtraq,1806
982 || WEB-IIS unicode directory traversal attempt || cve,2000-0884 || bugtraq,1806
983 || WEB-IIS unicode directory traversal attempt || cve,2000-0884 || bugtraq,1806
984 || WEB-IIS JET VBA access || cve,1999-0874 || bugtraq,307
985 || WEB-IIS JET VBA access || cve,1999-0874 || bugtraq,286
986 || WEB-IIS MSProxy access
987 || WEB-IIS .htr access || cve,2000-0630 || bugtraq,1488
988 || WEB-IIS SAM Attempt || url,www.ciac.org/ciac/bulletins/h-45.shtml
989 || WEB-IIS Unicode2.pl script File permission canonicalization
990 || WEB-IIS _vti_inf access
991 || WEB-IIS achg.htr access || cve,1999-0407 || bugtraq,2110
992 || WEB-IIS adctest.asp access
993 || WEB-IIS iisadmin access
994 || WEB-IIS /scripts/iisadmin/default.htm access
995 || WEB-IIS ism.dll access || cve,2000-0630 || cve,1999-1538 || bugtraq,189
996 || WEB-IIS anot.htr access || cve,1999-0407 || bugtraq,2110
997 || WEB-IIS asp-dot attempt
998 || WEB-IIS asp-srch attempt
999 || WEB-IIS bdir access
1000 || WEB-IIS bdir.htr access
1001 || WEB-MISC carbo.dll access || cve,1999-1069 || bugtraq,2126
1002 || WEB-IIS cmd.exe access
1003 || WEB-IIS cmd? access
1004 || WEB-IIS codebrowser Exair access || cve,1999-0815 || cve,1999-0499
1005 || WEB-IIS codebrowser SDK access || cve,1999-0736 || bugtraq,167
1007 || WEB-IIS cross-site scripting attempt
1008 || WEB-IIS del attempt
1009 || WEB-IIS directory listing
1010 || WEB-IIS encoding access || arachnids,200
1011 || WEB-IIS exec-src access
1012 || WEB-IIS fpcount attempt || cve,1999-1376 || bugtraq,2252
1013 || WEB-IIS fpcount access || cve,1999-1376 || bugtraq,2252
1015 || WEB-IIS getdrvs.exe access
1016 || WEB-IIS global.asa access || nessus,10491 || cve,2000-0778
1017 || WEB-IIS idc-srch attempt || cve,1999-0874
1018 || WEB-IIS iisadmpwd attempt || cve,2000-0304 || bugtraq,2110 || bugtraq,1191
1019 || WEB-IIS index server file source code attempt
1020 || WEB-IIS isc$data attempt || cve,1999-0874 || bugtraq,307
1021 || WEB-IIS ism.dll attempt || cve,2000-0457 || bugtraq,1193
1022 || WEB-IIS jet vba access || cve,1999-0874 || bugtraq,286
1023 || WEB-IIS msadcs.dll access || cve,1999-1011 || bugtraq,529
1024 || WEB-IIS newdsn.exe access || nessus,10360 || cve,1999-0191 || bugtraq,1818
1025 || WEB-IIS perl access
1026 || WEB-IIS perl-browse newline attempt || bugtraq,6833
1027 || WEB-IIS perl-browse space attempt || bugtraq,6833
1028 || WEB-IIS query.asp access || cve,1999-0449 || bugtraq,193
1029 || WEB-IIS scripts-browse access
1030 || WEB-IIS search97.vts access || bugtraq,162
1031 || WEB-IIS /SiteServer/Publishing/viewcode.asp access || nessus,10576
1032 || WEB-IIS showcode access || nessus,10576
1033 || WEB-IIS showcode access || nessus,10576
1034 || WEB-IIS showcode access || nessus,10576
1035 || WEB-IIS showcode access || nessus,10576
1036 || WEB-IIS showcode access || nessus,10576
1037 || WEB-IIS showcode.asp access || nessus,10007 || cve,1999-0736 || bugtraq,167
1038 || WEB-IIS site server config access || cve,1999-1520 || bugtraq,256
1039 || WEB-IIS srch.htm access
1040 || WEB-IIS srchadm access
1041 || WEB-IIS uploadn.asp access
1042 || WEB-IIS view source via translate header || bugtraq,1578 || arachnids,305
1043 || WEB-IIS viewcode.asp access || nessus,10576
1044 || WEB-IIS webhits access || arachnids,237
1045 || WEB-IIS Unauthorized IP Access Attempt
1046 || WEB-IIS site/iisamples access
1047 || WEB-MISC Netscape Enterprise DOS || cve,2001-0251 || bugtraq,2294
1048 || WEB-MISC Netscape Enterprise directory listing attempt || cve,2001-0250 || bugtraq,2285
1049 || WEB-MISC iPlanet ../../ DOS attempt || cve,2001-0252 || bugtraq,2282
1050 || WEB-MISC iPlanet GETPROPERTIES attempt
1051 || WEB-CGI technote main.cgi file directory traversal attempt || cve,2001-0075 || bugtraq,2156
1052 || WEB-CGI technote print.cgi directory traversal attempt || cve,2001-0075 || bugtraq,2156
1053 || WEB-CGI ads.cgi command execution attempt || cve,2001-0025 || bugtraq,2103
1054 || WEB-MISC weblogic/tomcat .jsp view source attempt || bugtraq,2527
1055 || WEB-MISC Tomcat directory traversal attempt || bugtraq,2518
1056 || WEB-MISC Tomcat view source attempt || bugtraq,2527
1057 || WEB-MISC ftp attempt
1058 || WEB-MISC xp_enumdsn attempt
1059 || WEB-MISC xp_filelist attempt
1060 || WEB-MISC xp_availablemedia attempt
1061 || WEB-MISC xp_cmdshell attempt
1062 || WEB-MISC nc.exe attempt
1064 || WEB-MISC wsh attempt
1065 || WEB-MISC rcmd attempt
1066 || WEB-MISC telnet attempt
1067 || WEB-MISC net attempt
1068 || WEB-MISC tftp attempt
1069 || WEB-MISC xp_regread attempt
1070 || WEB-MISC WebDAV search access || arachnids,474
1071 || WEB-MISC .htpasswd access
1072 || WEB-MISC Lotus Domino directory traversal || cve,2001-0009 || bugtraq,2173
1073 || WEB-MISC webhits.exe access
1075 || WEB-IIS postinfo.asp access
1076 || WEB-IIS repost.asp access || nessus,10372
1077 || WEB-MISC queryhit.htm access
1078 || WEB-MISC counter.exe access || cve,1999-1030 || bugtraq,267
1079 || WEB-MISC WebDAV propfind access || cve,2000-0869 || bugtraq,1656
1080 || WEB-MISC unify eWave ServletExec upload || cve,2000-1025 || cve,2000-1024 || bugtraq,1876 || bugtraq,1868
1081 || WEB-MISC Netscape Servers suite DOS || cve,2000-1025 || bugtraq,1868
1082 || WEB-MISC amazon 1-click cookie theft || cve,2000-0439 || bugtraq,1194
1083 || WEB-MISC unify eWave ServletExec DOS
1084 || WEB-MISC Allaire JRUN DOS attempt || bugtraq,2337
1085 || WEB-PHP strings overflow || bugtraq,802 || arachnids,431
1086 || WEB-PHP strings overflow || cve,2000-0967 || bugtraq,1786 || arachnids,430
1087 || WEB-MISC whisker tab splice attack || url,www.wiretrip.net/rfp/pages/whitepapers/whiskerids.html || arachnids,415
1088 || WEB-CGI eXtropia webstore directory traversal || cve,2000-1005 || bugtraq,1774
1089 || WEB-CGI shopping cart directory traversal || cve,2000-0921 || bugtraq,1777
1090 || WEB-CGI Allaire Pro Web Shell attempt
1091 || WEB-MISC ICQ Webfront HTTP DOS
1092 || WEB-CGI Armada Style Master Index directory traversal
1093 || WEB-CGI cached_feed.cgi moreover shopping cart directory traversal || cve,2000-0906 || bugtraq,1762
1094 || WEB-CGI webstore directory traversal || cve,2000-1005 || bugtraq,1774
1095 || WEB-MISC Talentsoft Web+ Source Code view access || bugtraq,1722
1096 || WEB-MISC Talentsoft Web+ internal IP Address access || bugtraq,1720
1097 || WEB-CGI Talentsoft Web+ exploit attempt || bugtraq,1725
1098 || WEB-MISC SmartWin CyberOffice Shopping Cart access || cve,2000-0925 || bugtraq,1734
1099 || WEB-MISC cybercop scan || arachnids,374
1100 || WEB-MISC L3retriever HTTP Probe || arachnids,310
1101 || WEB-MISC Webtrends HTTP probe || arachnids,309
1102 || WEB-MISC Nessus 404 probe || arachnids,301
1103 || WEB-MISC Netscape admin passwd || bugtraq,1579
1104 || WEB-MISC whisker space splice attack || url,www.wiretrip.net/rfp/pages/whitepapers/whiskerids.html || arachnids,296
1105 || WEB-MISC BigBrother access
1106 || WEB-CGI Poll-it access || cve,2000-0590 || bugtraq,1431
1107 || WEB-MISC ftp.pl access || nessus,10467 || cve,2000-0674 || bugtraq,1471
1108 || WEB-MISC Tomcat server snoop access || cve,2000-0760 || bugtraq,1532
1109 || WEB-MISC ROXEN directory list attempt || cve,2000-0671 || bugtraq,1510
1110 || WEB-MISC apache source.asp file access || cve,2000-0628 || bugtraq,1457
1111 || WEB-MISC Tomcat server exploit access
1112 || WEB-MISC http directory traversal || arachnids,298
1113 || WEB-MISC http directory traversal || arachnids,297
1114 || WEB-MISC prefix-get //
1115 || WEB-MISC ICQ webserver DOS || cve,1999-0474
1116 || WEB-MISC Lotus DelDoc attempt
1117 || WEB-MISC Lotus EditDoc attempt || url,www.securiteam.com/exploits/5NP080A1RE.html
1118 || WEB-MISC ls%20-l
1119 || WEB-MISC mlog.phtml access || cve,1999-0346 || cve,1999-0068 || bugtraq,713
1120 || WEB-MISC mylog.phtml access || cve,1999-0346 || cve,1999-0068 || bugtraq,713
1121 || WEB-MISC O'Reilly args.bat access
1122 || WEB-MISC /etc/passwd
1123 || WEB-MISC ?PageServices access || cve,1999-0269 || bugtraq,7621 || bugtraq,1063
1124 || WEB-MISC Ecommerce check.txt access
1125 || WEB-MISC webcart access || nessus,10298 || cve,1999-0610
1126 || WEB-MISC AuthChangeUrl access
1127 || WEB-MISC convert.bas access || cve,1999-0175 || bugtraq,2025
1128 || WEB-MISC cpshost.dll access
1129 || WEB-MISC .htaccess access
1130 || WEB-MISC .wwwacl access
1131 || WEB-MISC .wwwacl access
1132 || WEB-MISC Netscape Unixware overflow || arachnids,180
1133 || SCAN cybercop os probe || arachnids,145
1134 || WEB-PHP Phorum admin access || bugtraq,2271 || arachnids,205
1136 || WEB-MISC cd..
1137 || WEB-PHP Phorum authentication access || bugtraq,2274 || arachnids,206
1138 || WEB-MISC Cisco Web DOS attempt || arachnids,275
1139 || WEB-MISC whisker HEAD/./ || url,www.wiretrip.net/rfp/pages/whitepapers/whiskerids.html
1140 || WEB-MISC guestbook.pl access || nessus,10099 || cve,1999-1053 || cve,1999-0237 || bugtraq,776 || arachnids,228
1141 || WEB-MISC handler access || nessus,10100 || cve,1999-0148 || bugtraq,380 || arachnids,235
1142 || WEB-MISC /.... access
1143 || WEB-MISC ///cgi-bin access
1144 || WEB-MISC /cgi-bin/// access
1145 || WEB-MISC /~root access
1146 || WEB-MISC Ecommerce import.txt access
1147 || WEB-MISC cat%20 access || cve,1999-0039 || bugtraq,374
1148 || WEB-MISC Ecommerce import.txt access
1149 || WEB-CGI count.cgi access || nessus,10049 || cve,1999-0021 || bugtraq,128
1150 || WEB-MISC Domino catalog.nsf access
1151 || WEB-MISC Domino domcfg.nsf access
1152 || WEB-MISC Domino domlog.nsf access
1153 || WEB-MISC Domino log.nsf access
1154 || WEB-MISC Domino names.nsf access
1155 || WEB-MISC Ecommerce checks.txt access
1156 || WEB-MISC apache DOS attempt
1157 || WEB-MISC Netscape PublishingXpert access || cve,2000-1196
1158 || WEB-MISC windmail.exe access || nessus,10365 || cve,2000-0242 || bugtraq,1073 || arachnids,465
1159 || WEB-MISC webplus access || cve,2000-1005 || bugtraq,1725 || bugtraq,1722 || bugtraq,1720 || bugtraq,1174
1160 || WEB-MISC Netscape dir index wp || cve,2000-0236 || bugtraq,1063 || arachnids,270
1161 || WEB-PHP piranha passwd.php3 access || cve,2000-0322 || bugtraq,1149 || arachnids,272
1162 || WEB-MISC cart 32 AdminPwd access || cve,2000-0429 || bugtraq,1153
1163 || WEB-CGI webdist.cgi access || nessus,10299 || cve,1999-0039 || bugtraq,374
1164 || WEB-MISC shopping cart access || cve,2000-1188 || cve,1999-0607 || bugtraq,2049 || bugtraq,1983
1165 || WEB-MISC Novell Groupwise gwweb.exe access || nessus,10877 || cve,1999-1006 || cve,1999-1005 || bugtraq,879
1166 || WEB-MISC ws_ftp.ini access || cve,1999-1078 || bugtraq,547
1167 || WEB-MISC rpm_query access || cve,2000-0192 || bugtraq,1036
1168 || WEB-MISC mall log order access
1171 || WEB-MISC whisker HEAD with large datagram || url,www.wiretrip.net/rfp/pages/whitepapers/whiskerids.html
1172 || WEB-CGI bigconf.cgi access || nessus,10027 || cve,1999-1550 || bugtraq,778
1173 || WEB-MISC architext_query.pl access
1174 || WEB-CGI /cgi-bin/jj access || cve,1999-0260 || bugtraq,2002
1175 || WEB-MISC wwwboard.pl access || cve,1999-0954 || cve,1999-0930 || bugtraq,649 || bugtraq,1795
1176 || WEB-MISC order.log access
1177 || WEB-MISC Netscape Enterprise Server directory view || bugtraq,1063
1178 || WEB-PHP Phorum read access || arachnids,208
1179 || WEB-PHP Phorum violation access || bugtraq,2272 || arachnids,209
1180 || WEB-MISC get32.exe access || nessus,10013 || cve,1999-0885 || bugtraq,770 || bugtraq,1485 || arachnids,258
1181 || WEB-MISC Annex Terminal DOS attempt || cve,1999-1070 || arachnids,260
1182 || WEB-MISC cgitest.exe attempt || nessus,10623 || nessus,10040 || cve,2002-0128 || cve,2000-0521 || bugtraq,3885 || bugtraq,1313 || arachnids,265
1183 || WEB-MISC Netscape Enterprise Server directory view || cve,2000-0236 || bugtraq,1063
1184 || WEB-MISC Netscape Enterprise Server directory view || bugtraq,1063
1185 || WEB-CGI bizdbsearch attempt || cve,2000-0287 || bugtraq,1104
1186 || WEB-MISC Netscape Enterprise Server directory view || bugtraq,1063
1187 || WEB-MISC SalesLogix Eviewer web command attempt || cve,2000-0289 || cve,2000-0278 || bugtraq,1089 || bugtraq,1078
1188 || WEB-MISC Netscape Enterprise Server directory view || bugtraq,1063
1189 || WEB-MISC Netscape Enterprise Server directory view || bugtraq,1063
1190 || WEB-MISC Netscape Enterprise Server directory view || bugtraq,1063
1191 || WEB-MISC Netscape Enterprise Server directory view || bugtraq,1063
1192 || WEB-MISC Trend Micro OfficeScan access || bugtraq,1057
1193 || WEB-MISC oracle web arbitrary command execution attempt || nessus,10348 || cve,2000-0169 || bugtraq,1053
1194 || WEB-CGI sojourn.cgi File attempt || cve,2000-0180 || bugtraq,1052
1195 || WEB-CGI sojourn.cgi access || cve,2000-0180 || bugtraq,1052
1196 || WEB-CGI SGI InfoSearch fname attempt || cve,2000-0207 || bugtraq,1031 || arachnids,290
1197 || WEB-PHP Phorum code access || arachnids,207
1198 || WEB-MISC Netscape Enterprise Server directory view || bugtraq,1063
1199 || WEB-MISC Compaq Insight directory traversal || cve,1999-0771 || bugtraq,282 || arachnids,244
1200 || ATTACK-RESPONSES Invalid URL || url,www.microsoft.com/technet/security/bulletin/MS00-063.mspx
1201 || ATTACK-RESPONSES 403 Forbidden
1202 || WEB-MISC search.vts access
1204 || WEB-CGI ax-admin.cgi access
1205 || WEB-CGI axs.cgi access
1206 || WEB-CGI cachemgr.cgi access || nessus,10034 || cve,1999-0710 || bugtraq,2059
1207 || WEB-MISC htgrep access || cve,2000-0832
1208 || WEB-CGI responder.cgi access
1209 || WEB-MISC .nsconfig access
1211 || WEB-CGI web-map.cgi access
1212 || WEB-MISC Admin_files access
1213 || WEB-MISC backup access
1214 || WEB-MISC intranet access
1215 || WEB-CGI ministats admin access
1216 || WEB-MISC filemail access
1217 || WEB-MISC plusmail access || cve,2000-0074 || bugtraq,2653
1218 || WEB-MISC adminlogin access
1219 || WEB-CGI dfire.cgi access || cve,1999-0913 || bugtraq,564 || bugtraq,0564
1220 || WEB-MISC ultraboard access
1221 || WEB-MISC musicat empower access
1222 || WEB-CGI pals-cgi arbitrary file access attempt || nessus,10611 || cve,2001-0217 || bugtraq,2372
1224 || WEB-MISC ROADS search.pl attempt || nessus,10627 || cve,2001-0215 || bugtraq,2371
1225 || X11 MIT Magic Cookie detected || arachnids,396
1226 || X11 xopen || arachnids,395
1227 || X11 outbound client connection detected || arachnids,126
1228 || SCAN nmap XMAS || arachnids,30
1229 || FTP CWD ... || bugtraq,9237
1230 || WEB-MISC VirusWall FtpSave access || nessus,10733 || cve,2001-0432 || bugtraq,2808
1231 || WEB-MISC VirusWall catinfo access || nessus,10650 || cve,2001-0432 || bugtraq,2808 || bugtraq,2579
1232 || WEB-MISC VirusWall catinfo access || nessus,10650 || cve,2001-0432 || bugtraq,2808 || bugtraq,2579
1233 || WEB-CLIENT Outlook EML access
1234 || WEB-MISC VirusWall FtpSaveCSP access || nessus,10733 || cve,2001-0432 || bugtraq,2808
1235 || WEB-MISC VirusWall FtpSaveCVP access || nessus,10733 || cve,2001-0432 || bugtraq,2808
1236 || WEB-MISC Tomcat sourecode view
1237 || WEB-MISC Tomcat sourecode view
1238 || WEB-MISC Tomcat sourecode view
1239 || NETBIOS RFParalyze Attempt
1240 || EXPLOIT MDBMS overflow || cve,2000-0446 || bugtraq,1252
1241 || WEB-MISC SWEditServlet directory traversal attempt
1242 || WEB-IIS ISAPI .ida access || cve,2000-0071 || bugtraq,1065 || arachnids,552
1243 || WEB-IIS ISAPI .ida attempt || cve,2000-0071 || bugtraq,1065 || arachnids,552
1244 || WEB-IIS ISAPI .idq attempt || cve,2000-0071 || bugtraq,1065 || arachnids,553
1245 || WEB-IIS ISAPI .idq access || cve,2000-0071 || bugtraq,1065 || arachnids,553
1246 || WEB-FRONTPAGE rad overflow attempt || url,www.microsoft.com/technet/security/bulletin/MS01-035.mspx || cve,2001-0341 || bugtraq,2906 || arachnids,555
1247 || WEB-FRONTPAGE rad overflow attempt || cve,2001-0341 || bugtraq,2906
1248 || WEB-FRONTPAGE rad fp30reg.dll access || url,www.microsoft.com/technet/security/bulletin/MS01-035.mspx || cve,2001-0341 || bugtraq,2906 || arachnids,555
1249 || WEB-FRONTPAGE frontpage rad fp4areg.dll access || cve,2001-0341 || bugtraq,2906
1250 || WEB-MISC Cisco IOS HTTP configuration attempt || cve,2001-0537 || bugtraq,2936
1251 || INFO TELNET Bad Login
1252 || TELNET bsd telnet exploit response || cve,2001-0554 || bugtraq,3064
1253 || TELNET bsd exploit client finishing || cve,2001-0554 || bugtraq,3064
1254 || WEB-PHP PHPLIB remote command attempt || cve,2001-1370 || bugtraq,3079
1255 || WEB-PHP PHPLIB remote command attempt || cve,2001-1370 || bugtraq,3079
1256 || WEB-IIS CodeRed v2 root.exe access || url,www.cert.org/advisories/CA-2001-19.html
1257 || DOS Winnuke attack || cve,1999-0153 || bugtraq,2010
1258 || WEB-MISC HP OpenView Manager DOS || cve,2001-0552 || bugtraq,2845
1259 || WEB-MISC SWEditServlet access
1260 || WEB-MISC long basic authorization string || cve,2001-1067 || bugtraq,3230
1261 || EXPLOIT AIX pdnsd overflow || cve,1999-0745 || bugtraq,590 || bugtraq,3237
1262 || RPC portmap admind request TCP || arachnids,18
1263 || RPC portmap amountd request TCP || arachnids,19
1264 || RPC portmap bootparam request TCP || cve,1999-0647 || arachnids,16
1265 || RPC portmap cmsd request TCP || arachnids,17
1266 || RPC portmap mountd request TCP || arachnids,13
1267 || RPC portmap nisd request TCP || arachnids,21
1268 || RPC portmap pcnfsd request TCP || arachnids,22
1269 || RPC portmap rexd request TCP || arachnids,23
1270 || RPC portmap rstatd request TCP || arachnids,10
1271 || RPC portmap rusers request TCP || cve,1999-0626 || arachnids,133
1272 || RPC portmap sadmind request TCP || arachnids,20
1273 || RPC portmap selection_svc request TCP || arachnids,25
1274 || RPC portmap ttdbserv request TCP || url,www.cert.org/advisories/CA-2001-05.html || cve,2001-0717 || cve,1999-1075 || cve,1999-0687 || cve,1999-0003 || bugtraq,3382 || bugtraq,122 || arachnids,24
1275 || RPC portmap yppasswd request TCP || arachnids,14
1276 || RPC portmap ypserv request TCP || cve,2002-1232 || cve,2000-1043 || cve,2000-1042 || bugtraq,6016 || bugtraq,5914 || arachnids,12
1277 || RPC portmap ypupdated request UDP || arachnids,125
1278 || RPC rstatd query || arachnids,9
1279 || RPC portmap snmpXdmi request UDP || url,www.cert.org/advisories/CA-2001-05.html || cve,2001-0236 || bugtraq,2417
1280 || RPC portmap listing UDP 111 || arachnids,428
1281 || RPC portmap listing UDP 32771 || arachnids,429
1282 || RPC EXPLOIT statdx || arachnids,442
1283 || WEB-IIS outlook web dos || bugtraq,3223
1284 || WEB-CLIENT readme.eml download attempt || url,www.cert.org/advisories/CA-2001-26.html
1285 || WEB-IIS msdac access
1286 || WEB-IIS _mem_bin access
1287 || WEB-IIS scripts access
1288 || WEB-FRONTPAGE /_vti_bin/ access
1289 || TFTP GET Admin.dll || url,www.cert.org/advisories/CA-2001-26.html
1290 || WEB-CLIENT readme.eml autoload attempt || url,www.cert.org/advisories/CA-2001-26.html
1291 || WEB-MISC sml3com access || cve,2001-0740 || bugtraq,2721
1292 || ATTACK-RESPONSES directory listing
1293 || NETBIOS nimda .eml || url,www.f-secure.com/v-descs/nimda.shtml
1294 || NETBIOS nimda .nws || url,www.f-secure.com/v-descs/nimda.shtml
1295 || NETBIOS nimda RICHED20.DLL || url,www.f-secure.com/v-descs/nimda.shtml
1296 || RPC portmap request yppasswdd || bugtraq,2763
1297 || RPC portmap request yppasswdd || bugtraq,2763
1298 || RPC portmap tooltalk request TCP || url,www.cert.org/advisories/CA-2001-05.html || cve,2001-0717 || cve,1999-1075 || cve,1999-0687 || cve,1999-0003 || bugtraq,3382
1299 || RPC portmap tooltalk request UDP || url,www.cert.org/advisories/CA-2001-05.html || cve,2001-0717 || cve,1999-1075 || cve,1999-0687 || cve,1999-0003 || bugtraq,3382
1300 || WEB-PHP admin.php file upload attempt || cve,2001-1032 || bugtraq,3361
1301 || WEB-PHP admin.php access || cve,2001-1032 || bugtraq,9270 || bugtraq,7532 || bugtraq,3361
1302 || WEB-MISC console.exe access || cve,2001-1252 || bugtraq,3375
1303 || WEB-MISC cs.exe access || cve,2001-1252 || bugtraq,3375
1304 || WEB-CGI txt2html.cgi access
1305 || WEB-CGI txt2html.cgi directory traversal attempt
1306 || WEB-CGI store.cgi product directory traversal attempt || cve,2001-0305 || bugtraq,2385
1307 || WEB-CGI store.cgi access || nessus,10639 || cve,2001-0305 || bugtraq,2385
1308 || WEB-CGI sendmessage.cgi access
1309 || WEB-CGI zsh access || url,www.cert.org/advisories/CA-1996-11.html || cve,1999-0509
1310 || PORN free XXX
1311 || PORN hardcore anal
1312 || PORN nude cheerleader
1313 || PORN up skirt
1314 || PORN young teen
1315 || PORN hot young sex
1316 || PORN fuck fuck fuck
1317 || PORN anal sex
1318 || PORN hardcore rape
1319 || PORN real snuff
1320 || PORN fuck movies
1321 || BAD-TRAFFIC 0 ttl || url,www.isi.edu/in-notes/rfc1122.txt || url,support.microsoft.com/default.aspx?scid=kb\
1322 || BAD-TRAFFIC bad frag bits
1323 || EXPLOIT rwhoisd format string attempt || cve,2001-0838 || bugtraq,3474
1324 || EXPLOIT ssh CRC32 overflow /bin/sh || cve,2001-0572 || cve,2001-0144 || bugtraq,2347
1325 || EXPLOIT ssh CRC32 overflow filler || cve,2001-0572 || cve,2001-0144 || bugtraq,2347
1326 || EXPLOIT ssh CRC32 overflow NOOP || cve,2001-0572 || cve,2001-0144 || bugtraq,2347
1327 || EXPLOIT ssh CRC32 overflow || cve,2001-0572 || cve,2001-0144 || bugtraq,2347
1328 || WEB-ATTACKS ps command attempt
1329 || WEB-ATTACKS /bin/ps command attempt
1330 || WEB-ATTACKS wget command attempt
1331 || WEB-ATTACKS uname -a command attempt
1332 || WEB-ATTACKS /usr/bin/id command attempt
1333 || WEB-ATTACKS id command attempt
1334 || WEB-ATTACKS echo command attempt
1335 || WEB-ATTACKS kill command attempt
1336 || WEB-ATTACKS chmod command attempt
1337 || WEB-ATTACKS chgrp command attempt
1338 || WEB-ATTACKS chown command attempt
1339 || WEB-ATTACKS chsh command attempt
1340 || WEB-ATTACKS tftp command attempt
1341 || WEB-ATTACKS /usr/bin/gcc command attempt
1342 || WEB-ATTACKS gcc command attempt
1343 || WEB-ATTACKS /usr/bin/cc command attempt
1344 || WEB-ATTACKS cc command attempt
1345 || WEB-ATTACKS /usr/bin/cpp command attempt
1346 || WEB-ATTACKS cpp command attempt
1347 || WEB-ATTACKS /usr/bin/g++ command attempt
1348 || WEB-ATTACKS g++ command attempt
1349 || WEB-ATTACKS bin/python access attempt
1350 || WEB-ATTACKS python access attempt
1351 || WEB-ATTACKS bin/tclsh execution attempt
1352 || WEB-ATTACKS tclsh execution attempt
1353 || WEB-ATTACKS bin/nasm command attempt
1354 || WEB-ATTACKS nasm command attempt
1355 || WEB-ATTACKS /usr/bin/perl execution attempt
1356 || WEB-ATTACKS perl execution attempt
1357 || WEB-ATTACKS nt admin addition attempt
1358 || WEB-ATTACKS traceroute command attempt
1359 || WEB-ATTACKS ping command attempt
1360 || WEB-ATTACKS netcat command attempt
1361 || WEB-ATTACKS nmap command attempt
1362 || WEB-ATTACKS xterm command attempt
1363 || WEB-ATTACKS X application to remote host attempt
1364 || WEB-ATTACKS lsof command attempt
1365 || WEB-ATTACKS rm command attempt
1366 || WEB-ATTACKS mail command attempt
1367 || WEB-ATTACKS mail command attempt
1368 || WEB-ATTACKS /bin/ls| command attempt
1369 || WEB-ATTACKS /bin/ls command attempt
1370 || WEB-ATTACKS /etc/inetd.conf access
1371 || WEB-ATTACKS /etc/motd access
1372 || WEB-ATTACKS /etc/shadow access
1373 || WEB-ATTACKS conf/httpd.conf attempt
1374 || WEB-ATTACKS .htgroup access
1375 || WEB-MISC sadmind worm access || url,www.cert.org/advisories/CA-2001-11.html
1376 || WEB-MISC jrun directory browse attempt || bugtraq,3592
1377 || FTP wu-ftp bad file completion attempt [ || cve,2001-0886 || cve,2001-0550 || bugtraq,3707 || bugtraq,3581
1378 || FTP wu-ftp bad file completion attempt { || cve,2001-0886 || cve,2001-0550 || bugtraq,3707 || bugtraq,3581
1379 || FTP STAT overflow attempt || url,labs.defcom.com/adv/2001/def-2001-31.txt
1380 || WEB-IIS cross-site scripting attempt
1381 || WEB-MISC Trend Micro OfficeScan attempt || bugtraq,1057
1382 || EXPLOIT CHAT IRC Ettercap parse overflow attempt || url,www.bugtraq.org/dev/GOBBLES-12.txt
1383 || P2P Fastrack kazaa/morpheus GET request || url,www.musiccity.com/technology.htm || url,www.kazaa.com
1384 || MISC UPnP malformed advertisement || url,www.microsoft.com/technet/security/bulletin/MS01-059.mspx || cve,2001-0877 || cve,2001-0876 || bugtraq,3723
1385 || WEB-MISC mod-plsql administration access || nessus,10849 || cve,2001-1217 || cve,2001-1216 || bugtraq,3727 || bugtraq,3726
1386 || MS-SQL/SMB raiserror possible buffer overflow || cve,2001-0542 || bugtraq,3733
1387 || MS-SQL raiserror possible buffer overflow || cve,2001-0542 || bugtraq,3733
1388 || MISC UPnP Location overflow || cve,2001-0876 || bugtraq,3723
1389 || WEB-MISC viewcode.jse access || bugtraq,3715
1390 || SHELLCODE x86 inc ebx NOOP
1391 || WEB-MISC Phorecast remote code execution attempt || cve,2001-1049 || bugtraq,3388
1392 || WEB-CGI lastlines.cgi access || cve,2001-1206 || cve,2001-1205 || bugtraq,3755 || bugtraq,3754
1393 || MISC AIM AddGame attempt || url,www.w00w00.org/files/w00aimexp/ || cve,2002-0005 || bugtraq,3769
1394 || SHELLCODE x86 NOOP
1395 || WEB-CGI zml.cgi attempt || cve,2001-1209 || bugtraq,3759
1396 || WEB-CGI zml.cgi access || cve,2001-1209 || bugtraq,3759
1397 || WEB-CGI wayboard attempt || cve,2001-0214 || bugtraq,2370
1398 || EXPLOIT CDE dtspcd exploit attempt || url,www.cert.org/advisories/CA-2002-01.html || cve,2001-0803 || bugtraq,3517
1399 || WEB-PHP PHP-Nuke remote file include attempt || cve,2002-0206 || bugtraq,3889
1400 || WEB-IIS /scripts/samples/ access
1401 || WEB-IIS /msadc/samples/ access
1402 || WEB-IIS iissamples access
1403 || WEB-MISC viewcode access
1404 || WEB-MISC showcode access
1405 || WEB-CGI AHG search.cgi access || bugtraq,3985
1406 || WEB-CGI agora.cgi access || nessus,10836 || cve,2002-0215 || cve,2001-1199 || bugtraq,3976 || bugtraq,3702
1407 || WEB-PHP smssend.php access || cve,2002-0220 || bugtraq,3982
1408 || DOS MSDTC attempt || cve,2002-0224 || bugtraq,4006
1409 || SNMP community string buffer overflow attempt || url,www.cert.org/advisories/CA-2002-03.html || cve,2002-0013 || cve,2002-0012 || bugtraq,4132 || bugtraq,4089 || bugtraq,4088
1410 || WEB-CGI dcboard.cgi access || nessus,10583 || cve,2001-0527 || bugtraq,2728
1411 || SNMP public access udp || cve,2002-0013 || cve,2002-0012 || cve,1999-0517 || bugtraq,4089 || bugtraq,4088 || bugtraq,2112
1412 || SNMP public access tcp || cve,2002-0013 || cve,2002-0012 || cve,1999-0517 || bugtraq,7212 || bugtraq,4089 || bugtraq,4088 || bugtraq,2112
1413 || SNMP private access udp || cve,2002-0013 || cve,2002-0012 || bugtraq,7212 || bugtraq,4132 || bugtraq,4089 || bugtraq,4088
1414 || SNMP private access tcp || cve,2002-0013 || cve,2002-0012 || bugtraq,4132 || bugtraq,4089 || bugtraq,4088
1415 || SNMP Broadcast request || cve,2002-0013 || cve,2002-0012 || bugtraq,4132 || bugtraq,4089 || bugtraq,4088
1416 || SNMP broadcast trap || cve,2002-0013 || cve,2002-0012 || bugtraq,4132 || bugtraq,4089 || bugtraq,4088
1417 || SNMP request udp || cve,2002-0013 || cve,2002-0012 || bugtraq,4132 || bugtraq,4089 || bugtraq,4088
1418 || SNMP request tcp || cve,2002-0013 || cve,2002-0012 || bugtraq,4132 || bugtraq,4089 || bugtraq,4088
1419 || SNMP trap udp || cve,2002-0013 || cve,2002-0012 || bugtraq,4132 || bugtraq,4089 || bugtraq,4088
1420 || SNMP trap tcp || cve,2002-0013 || cve,2002-0012 || bugtraq,4132 || bugtraq,4089 || bugtraq,4088
1421 || SNMP AgentX/tcp request || cve,2002-0013 || cve,2002-0012 || bugtraq,4132 || bugtraq,4089 || bugtraq,4088
1422 || SNMP community string buffer overflow attempt with evasion || url,www.cert.org/advisories/CA-2002-03.html || cve,2002-0013 || cve,2002-0012 || bugtraq,4132 || bugtraq,4089 || bugtraq,4088
1423 || WEB-PHP content-disposition memchr overflow || cve,2002-0081 || bugtraq,4183
1424 || SHELLCODE x86 0xEB0C NOOP
1425 || WEB-PHP content-disposition || cve,2002-0081 || bugtraq,4183
1426 || SNMP PROTOS test-suite-req-app attempt || url,www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/index.html
1427 || SNMP PROTOS test-suite-trap-app attempt || url,www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/index.html
1428 || MULTIMEDIA audio galaxy keepalive
1429 || POLICY poll.gotomypc.com access || url,www.gotomypc.com/help2.tmpl
1430 || TELNET Solaris memory mismanagement exploit attempt
1431 || BAD-TRAFFIC syn to multicast address
1432 || P2P GNUTella client request
1433 || WEB-MISC .history access
1434 || WEB-MISC .bash_history access
1435 || DNS named authors attempt || nessus,10728 || arachnids,480
1436 || MULTIMEDIA Quicktime User Agent access
1437 || MULTIMEDIA Windows Media audio download
1438 || MULTIMEDIA Windows Media Video download
1439 || MULTIMEDIA Shoutcast playlist redirection
1440 || MULTIMEDIA Icecast playlist redirection
1441 || TFTP GET nc.exe
1442 || TFTP GET shadow
1443 || TFTP GET passwd
1444 || TFTP Get
1445 || POLICY FTP file_id.diz access possible warez site
1446 || SMTP vrfy root
1447 || MISC MS Terminal server request RDP || cve,2001-0540 || bugtraq,3099
1448 || MISC MS Terminal server request || cve,2001-0540 || bugtraq,3099
1449 || POLICY FTP anonymous ftp login attempt
1450 || SMTP expn *@ || cve,1999-1200
1451 || WEB-CGI NPH-publish access || cve,2001-0400 || bugtraq,2563
1452 || WEB-CGI args.cmd access || cve,1999-1374
1453 || WEB-CGI AT-generated.cgi access || cve,1999-1072
1454 || WEB-CGI wwwwais access || nessus,10597 || cve,2001-0223
1455 || WEB-CGI calender.pl access || cve,2000-0432
1456 || WEB-CGI calender_admin.pl access || cve,2000-0432
1457 || WEB-CGI user_update_admin.pl access || cve,2000-0627 || bugtraq,1486
1458 || WEB-CGI user_update_passwd.pl access || cve,2000-0627 || bugtraq,1486
1459 || WEB-CGI bb-histlog.sh access || cve,1999-1462 || bugtraq,142
1460 || WEB-CGI bb-histsvc.sh access || cve,1999-1462 || bugtraq,142
1461 || WEB-CGI bb-rep.sh access || cve,1999-1462 || bugtraq,142
1462 || WEB-CGI bb-replog.sh access || cve,1999-1462 || bugtraq,142
1463 || CHAT IRC message
1464 || ATTACK-RESPONSES oracle one hour install
1465 || WEB-CGI auktion.cgi access || nessus,10638 || cve,2001-0212 || bugtraq,2367
1466 || WEB-CGI cgiforum.pl access || nessus,10552 || cve,2000-1171 || bugtraq,1963
1467 || WEB-CGI directorypro.cgi access || cve,2001-0780 || bugtraq,2793
1468 || WEB-CGI Web Shopper shopper.cgi attempt || cve,2000-0922 || bugtraq,1776
1469 || WEB-CGI Web Shopper shopper.cgi access || cve,2000-0922 || bugtraq,1776
1470 || WEB-CGI listrec.pl access || cve,2001-0997
1471 || WEB-CGI mailnews.cgi access || cve,2001-0271
1472 || WEB-CGI book.cgi access || nessus,10721 || cve,2001-1114 || bugtraq,3178
1473 || WEB-CGI newsdesk.cgi access || cve,2001-0232
1474 || WEB-CGI cal_make.pl access || cve,2001-0463 || bugtraq,2663
1475 || WEB-CGI mailit.pl access
1476 || WEB-CGI sdbsearch.cgi access || cve,2001-1130
1477 || WEB-CGI swc attempt
1478 || WEB-CGI swc access
1479 || WEB-CGI ttawebtop.cgi arbitrary file attempt || nessus,10696 || cve,2001-0805 || bugtraq,2890
1480 || WEB-CGI ttawebtop.cgi access || nessus,10696 || cve,2001-0805 || bugtraq,2890
1481 || WEB-CGI upload.cgi access || nessus,10290
1482 || WEB-CGI view_source access || nessus,10294
1483 || WEB-CGI ustorekeeper.pl access || nessus,10646 || cve,2001-0466
1484 || WEB-IIS /isapi/tstisapi.dll access || cve,2001-0302 || bugtraq,2381
1485 || WEB-IIS mkilog.exe access
1486 || WEB-IIS ctss.idc access
1487 || WEB-IIS /iisadmpwd/aexp2.htr access
1488 || WEB-CGI store.cgi directory traversal attempt || nessus,10639 || cve,2001-0305 || bugtraq,2385
1489 || WEB-MISC /~nobody access
1490 || WEB-PHP Phorum /support/common.php attempt
1491 || WEB-PHP Phorum /support/common.php access
1492 || WEB-MISC RBS ISP /newuser  directory traversal attempt
1493 || WEB-MISC RBS ISP /newuser access
1494 || WEB-CGI SIX webboard generate.cgi attempt || cve,2001-1115 || bugtraq,3175
1495 || WEB-CGI SIX webboard generate.cgi access || cve,2001-1115 || bugtraq,3175
1496 || WEB-CGI spin_client.cgi access
1497 || WEB-MISC cross site scripting attempt
1498 || WEB-MISC PIX firewall manager directory traversal attempt
1499 || WEB-MISC SiteScope Service access || nessus,10778
1500 || WEB-MISC ExAir access || cve,1999-0449 || bugtraq,193
1501 || WEB-CGI a1stats a1disp3.cgi directory traversal attempt || nessus,10669 || cve,2001-0561 || bugtraq,2705
1502 || WEB-CGI a1stats a1disp3.cgi access || nessus,10669 || cve,2001-0561 || bugtraq,2705
1503 || WEB-CGI admentor admin.asp access || url,www.securiteam.com/windowsntfocus/5DP0N1F6AW.html || nessus,10880 || cve,2002-0308 || bugtraq,4152
1504 || MISC AFS access || nessus,10441
1505 || WEB-CGI alchemy http server PRN arbitrary command execution attempt || cve,2001-0871 || bugtraq,3599
1506 || WEB-CGI alchemy http server NUL arbitrary command execution attempt || cve,2001-0871 || bugtraq,3599
1507 || WEB-CGI alibaba.pl arbitrary command execution attempt || nessus,10013 || cve,1999-0885
1508 || WEB-CGI alibaba.pl access || cve ,CAN-1999-0885
1509 || WEB-CGI AltaVista Intranet Search directory traversal attempt || nessus,10015 || cve,2000-0039 || bugtraq,896
1510 || WEB-CGI test.bat arbitrary command execution attempt || nessus,10016 || cve,1999-0947 || bugtraq,762
1511 || WEB-CGI test.bat access || nessus,10016 || cve,1999-0947 || bugtraq,762
1512 || WEB-CGI input.bat arbitrary command execution attempt || nessus,10016 || cve,1999-0947 || bugtraq,762
1513 || WEB-CGI input.bat access || nessus,10016 || cve,1999-0947 || bugtraq,762
1514 || WEB-CGI input2.bat arbitrary command execution attempt || nessus,10016 || cve,1999-0947 || bugtraq,762
1515 || WEB-CGI input2.bat access || nessus,10016 || cve,1999-0947 || bugtraq,762
1516 || WEB-CGI envout.bat arbitrary command execution attempt || nessus,10016 || cve,1999-0947 || bugtraq,762
1517 || WEB-CGI envout.bat access || nessus,10016 || cve,1999-0947 || bugtraq,762
1518 || WEB-MISC nstelemetry.adp access
1519 || WEB-MISC apache ?M=D directory list attempt || cve,2001-0731 || bugtraq,3009
1520 || WEB-MISC server-info access || url,httpd.apache.org/docs/mod/mod_info.html
1521 || WEB-MISC server-status access || url,httpd.apache.org/docs/mod/mod_info.html
1522 || WEB-MISC ans.pl attempt || nessus,10875 || cve,2002-0307 || cve,2002-0306 || bugtraq,4149 || bugtraq,4147
1523 || WEB-MISC ans.pl access || nessus,10875 || cve,2002-0307 || cve,2002-0306 || bugtraq,4149 || bugtraq,4147
1524 || WEB-MISC AxisStorpoint CD attempt || nessus,10023 || cve,2000-0191 || bugtraq,1025
1525 || WEB-MISC Axis Storpoint CD access || nessus,10023 || cve,2000-0191 || bugtraq,1025
1526 || WEB-MISC basilix sendmail.inc access || nessus,10601 || cve,2001-1044
1527 || WEB-MISC basilix mysql.class access || nessus,10601 || cve,2001-1044
1528 || WEB-MISC BBoard access || nessus,10507 || cve,2000-0629 || bugtraq,1459
1529 || FTP SITE overflow attempt || cve,2001-0770 || cve,2001-0755 || cve,1999-0838
1530 || FTP format string attempt
1531 || WEB-CGI bb-hist.sh attempt || nessus,10025 || cve,1999-1462 || bugtraq,142
1532 || WEB-CGI bb-hostscv.sh attempt || nessus,10460 || cve,2000-0638 || bugtraq,1455
1533 || WEB-CGI bb-hostscv.sh access || nessus,10460 || cve,2000-0638 || bugtraq,1455
1534 || WEB-CGI agora.cgi attempt || nessus,10836 || cve,2002-0215 || cve,2001-1199 || bugtraq,3976 || bugtraq,3702
1535 || WEB-CGI bizdbsearch access || cve,2000-0287 || bugtraq,1104
1536 || WEB-CGI calendar_admin.pl arbitrary command execution attempt || cve,2000-0432
1537 || WEB-CGI calendar_admin.pl access || cve,2000-0432
1538 || NNTP AUTHINFO USER overflow attempt || cve,2000-0341 || bugtraq,1156 || arachnids,274
1539 || WEB-CGI /cgi-bin/ls access || cve,2000-0079 || bugtraq,936
1540 || WEB-COLDFUSION ?Mode=debug attempt
1541 || FINGER version query
1542 || WEB-CGI cgimail access || cve,2000-0726
1543 || WEB-CGI cgiwrap access || nessus,10041 || cve,2001-0987 || cve,2000-0431 || cve,1999-1530 || bugtraq,777 || bugtraq,3084 || bugtraq,1238
1544 || WEB-MISC Cisco Catalyst command execution attempt || cve,2000-0945 || bugtraq,1846
1545 || DOS Cisco attempt
1546 || WEB-MISC Cisco /%% DOS attempt || cve,2000-0380 || bugtraq,1154
1547 || WEB-CGI csSearch.cgi arbitrary command execution attempt || nessus,10924 || cve,2002-0495 || bugtraq,4368
1548 || WEB-CGI csSearch.cgi access || nessus,10924 || cve,2002-0495 || bugtraq,4368
1549 || SMTP HELO overflow attempt || nessus,11674 || nessus,10324 || cve,2000-0042 || bugtraq,895 || bugtraq,7726
1550 || SMTP ETRN overflow attempt || cve,2000-0490 || bugtraq,1297
1551 || WEB-MISC /CVS/Entries access
1552 || WEB-MISC cvsweb version access || cve,2000-0670
1553 || WEB-CGI /cart/cart.cgi access || cve,2000-0252 || bugtraq,1115
1554 || WEB-CGI dbman db.cgi access || nessus,10403 || cve,2000-0381 || bugtraq,1178
1555 || WEB-CGI DCShop access || cve,2001-0821 || bugtraq,2889
1556 || WEB-CGI DCShop orders.txt access || cve,2001-0821 || bugtraq,2889
1557 || WEB-CGI DCShop auth_user_file.txt access || cve,2001-0821 || bugtraq,2889
1558 || WEB-MISC Delegate whois overflow attempt || cve,2000-0165
1559 || WEB-MISC /doc/packages access
1560 || WEB-MISC /doc/ access || cve,1999-0678 || bugtraq,318
1561 || WEB-MISC ?open access
1562 || FTP SITE CHOWN overflow attempt || cve,2001-0065 || bugtraq,2120
1563 || WEB-MISC login.htm attempt || cve,1999-1533 || bugtraq,665
1564 || WEB-MISC login.htm access || cve,1999-1533 || bugtraq,665
1565 || WEB-CGI eshop.pl arbitrary commane execution attempt || cve,2001-1014 || bugtraq,3340
1566 || WEB-CGI eshop.pl access || cve,2001-1014 || bugtraq,3340
1567 || WEB-IIS /exchange/root.asp attempt
1568 || WEB-IIS /exchange/root.asp access
1569 || WEB-CGI loadpage.cgi directory traversal attempt
1570 || WEB-CGI loadpage.cgi access
1571 || WEB-CGI dcforum.cgi directory traversal attempt || cve,2001-0437 || cve,2001-0436 || bugtraq,2611
1572 || WEB-CGI commerce.cgi arbitrary file access attempt || nessus,10612 || cve,2001-0210 || bugtraq,2361
1573 || WEB-CGI cgiforum.pl attempt || nessus,10552 || cve,2000-1171 || bugtraq,1963
1574 || WEB-CGI directorypro.cgi attempt || cve,2001-0780 || bugtraq,2793
1575 || WEB-MISC Domino mab.nsf access
1576 || WEB-MISC Domino cersvr.nsf access
1577 || WEB-MISC Domino setup.nsf access
1578 || WEB-MISC Domino statrep.nsf access
1579 || WEB-MISC Domino webadmin.nsf access
1580 || WEB-MISC Domino events4.nsf access
1581 || WEB-MISC Domino ntsync4.nsf access
1582 || WEB-MISC Domino collect4.nsf access
1583 || WEB-MISC Domino mailw46.nsf access
1584 || WEB-MISC Domino bookmark.nsf access
1585 || WEB-MISC Domino agentrunner.nsf access
1586 || WEB-MISC Domino mail.box access
1587 || WEB-MISC cgitest.exe access || nessus,10623 || nessus,10040 || cve,2002-0128 || cve,2000-0521 || bugtraq,3885 || bugtraq,1313 || arachnids,265
1588 || WEB-MISC SalesLogix Eviewer access || cve,2000-0289 || cve,2000-0278 || bugtraq,1089 || bugtraq,1078
1589 || WEB-MISC musicat empower attempt
1590 || WEB-CGI faqmanager.cgi arbitrary file access attempt || nessus,10837 || bugtraq,3810
1591 || WEB-CGI faqmanager.cgi access || nessus,10837 || bugtraq,3810
1592 || WEB-CGI /fcgi-bin/echo.exe access || nessus,10838
1593 || WEB-CGI FormHandler.cgi external site redirection attempt || nessus,10075 || cve,1999-1050 || bugtraq,799 || bugtraq,798
1594 || WEB-CGI FormHandler.cgi access || nessus,10075 || cve,1999-1050 || bugtraq,799 || bugtraq,798
1595 || WEB-IIS htimage.exe access || nessus,10376 || cve,2000-0256 || cve,2000-0122 || bugtraq,964 || bugtraq,1117
1597 || WEB-CGI guestbook.cgi access || nessus,10098 || cve,1999-0237
1598 || WEB-CGI Home Free search.cgi directory traversal attempt || cve,2000-0054 || bugtraq,921
1599 || WEB-CGI search.cgi access || cve,2000-0054 || bugtraq,921
1600 || WEB-CGI htsearch arbitrary configuration file attempt || cve,2000-0208
1601 || WEB-CGI htsearch arbitrary file read attempt || cve,2000-0208 || bugtraq,1026
1602 || WEB-CGI htsearch access || cve,2000-0208
1603 || WEB-MISC DELETE attempt
1604 || WEB-MISC iChat directory traversal attempt || cve,1999-0897
1605 || DOS iParty DOS attempt || cve,1999-1566 || bugtraq,6844
1606 || WEB-CGI icat access || cve,1999-1069
1607 || WEB-CGI HyperSeek hsx.cgi access || cve,2001-0253 || bugtraq,2314
1608 || WEB-CGI htmlscript attempt || cve,1999-0264 || bugtraq,2001
1609 || WEB-CGI faxsurvey arbitrary file read attempt || nessus,10067 || cve,1999-0262 || bugtraq,2056
1610 || WEB-CGI formmail arbitrary command execution attempt || nessus,10782 || nessus,10076 || cve,2000-0411 || cve,1999-0172 || bugtraq,2079 || bugtraq,1187 || arachnids,226
1611 || WEB-CGI eXtropia webstore access || cve,2000-1005 || bugtraq,1774
1612 || WEB-MISC ftp.pl attempt || nessus,10467 || cve,2000-0674 || bugtraq,1471
1613 || WEB-MISC handler attempt || nessus,10100 || cve,1999-0148 || bugtraq,380 || arachnids,235
1614 || WEB-MISC Novell Groupwise gwweb.exe attempt || nessus,10877 || cve,1999-1006 || cve,1999-1005 || bugtraq,879
1615 || WEB-MISC htgrep attempt || cve,2000-0832
1616 || DNS named version attempt || nessus,10028 || arachnids,278
1617 || WEB-CGI Bugzilla doeditvotes.cgi access || cve,2002-0011 || bugtraq,3800
1618 || WEB-IIS .asp chunked Transfer-Encoding || nessus,10932 || cve,2002-0079 || cve,2002-0071 || bugtraq,4485 || bugtraq,4474
1619 || EXPERIMENTAL WEB-IIS .htr request || nessus,10932 || cve,2002-0071 || bugtraq,4474
1620 || BAD TRAFFIC Non-Standard IP protocol
1621 || FTP CMD overflow attempt
1622 || FTP RNFR ././ attempt
1623 || FTP invalid MODE
1624 || FTP large PWD command
1625 || FTP large SYST command
1626 || WEB-IIS /StoreCSVS/InstantOrder.asmx request
1627 || BAD-TRAFFIC Unassigned/Reserved IP protocol || url,www.iana.org/assignments/protocol-numbers
1628 || WEB-CGI FormHandler.cgi directory traversal attempt attempt || nessus,10075 || cve,1999-1050 || bugtraq,799 || bugtraq,798
1629 || OTHER-IDS SecureNetPro traffic
1631 || CHAT AIM login
1632 || CHAT AIM send message
1633 || CHAT AIM receive message
1634 || POP3 PASS overflow attempt || nessus,10325 || cve,1999-1511
1635 || POP3 APOP overflow attempt || nessus,10559 || cve,2000-0841 || cve,2000-0840 || bugtraq,1652
1636 || MISC Xtramail Username overflow attempt || cve,1999-1511 || bugtraq,791
1637 || WEB-CGI yabb access || cve,2000-0853 || bugtraq,1668 || arachnids,462
1638 || SCAN SSH Version map attempt
1639 || CHAT IRC DCC file transfer request
1640 || CHAT IRC DCC chat request
1641 || DOS DB2 dos attempt
1642 || WEB-CGI document.d2w access || cve,2000-1110 || bugtraq,2017
1643 || WEB-CGI db2www access || cve,2000-0677
1644 || WEB-CGI test-cgi attempt || nessus,10282 || cve,1999-0070 || bugtraq,2003 || arachnids,218
1645 || WEB-CGI testcgi access || nessus,11610 || bugtraq,7214
1646 || WEB-CGI test.cgi access
1647 || WEB-CGI faxsurvey attempt full path || nessus,10067 || cve,1999-0262 || bugtraq,2056
1648 || WEB-CGI perl.exe command attempt || url,www.cert.org/advisories/CA-1996-11.html || nessus,10173 || cve,1999-0509 || arachnids,219
1649 || WEB-CGI perl command attempt || url,www.cert.org/advisories/CA-1996-11.html || nessus,10173 || cve,1999-0509 || arachnids,219
1650 || WEB-CGI tst.bat access || nessus,10013 || cve,1999-0885 || bugtraq,770
1651 || WEB-CGI enivorn.pl access
1652 || WEB-CGI campus attempt || bugtraq,1975
1653 || WEB-CGI campus access || bugtraq,1975
1654 || WEB-CGI cart32.exe access
1655 || WEB-CGI pfdispaly.cgi arbitrary command execution attempt
1656 || WEB-CGI pfdispaly.cgi access
1657 || WEB-CGI pagelog.cgi directory traversal attempt || nessus,10591 || cve,2000-0940 || bugtraq,1864
1658 || WEB-CGI pagelog.cgi access || nessus,10591 || cve,2000-0940 || bugtraq,1864
1659 || WEB-COLDFUSION sendmail.cfm access
1660 || WEB-IIS trace.axd access
1661 || WEB-IIS cmd32.exe access
1662 || WEB-MISC /~ftp access
1663 || WEB-MISC *%0a.pl access
1664 || WEB-MISC mkplog.exe access
1665 || WEB-MISC mkilog.exe access
1666 || ATTACK-RESPONSES index of /cgi-bin/ response || nessus,10039
1667 || WEB-MISC cross site scripting HTML Image tag set to javascript attempt
1668 || WEB-CGI /cgi-bin/ access
1669 || WEB-CGI /cgi-dos/ access
1670 || WEB-MISC /home/ftp access
1671 || WEB-MISC /home/www access
1672 || FTP CWD ~ attempt || cve,2001-0421 || bugtraq,9215 || bugtraq,2601
1673 || ORACLE EXECUTE_SYSTEM attempt
1674 || ORACLE connect_data remote version detection attempt
1675 || ORACLE misparsed login response
1676 || ORACLE select union attempt
1677 || ORACLE select like '%' attempt
1678 || ORACLE select like '%' attempt backslash escaped
1679 || ORACLE describe attempt
1680 || ORACLE all_constraints access
1681 || ORACLE all_views access
1682 || ORACLE all_source access
1683 || ORACLE all_tables access
1684 || ORACLE all_tab_columns access
1685 || ORACLE all_tab_privs access
1686 || ORACLE dba_tablespace access
1687 || ORACLE dba_tables access
1688 || ORACLE user_tablespace access
1689 || ORACLE sys.all_users access
1690 || ORACLE grant attempt
1691 || ORACLE ALTER USER attempt
1692 || ORACLE drop table attempt
1693 || ORACLE create table attempt
1694 || ORACLE alter table attempt
1695 || ORACLE truncate table attempt
1696 || ORACLE create database attempt
1697 || ORACLE alter database attempt
1698 || ORACLE execute_system attempt
1699 || P2P Fastrack kazaa/morpheus traffic || url,www.kazaa.com
1700 || WEB-CGI imagemap.exe access || nessus,10122 || cve,1999-0951 || bugtraq,739 || arachnids,412
1701 || WEB-CGI calendar-admin.pl access || bugtraq,1215
1702 || WEB-CGI Amaya templates sendtemp.pl access || cve,2001-0272 || bugtraq,2504
1703 || WEB-CGI auktion.cgi directory traversal attempt || nessus,10638 || cve,2001-0212 || bugtraq,2367
1704 || WEB-CGI cal_make.pl directory traversal attempt || cve,2001-0463 || bugtraq,2663
1705 || WEB-CGI echo.bat arbitrary command execution attempt || nessus,10246 || cve,2000-0213 || bugtraq,1002
1706 || WEB-CGI echo.bat access || nessus,10246 || cve,2000-0213 || bugtraq,1002
1707 || WEB-CGI hello.bat arbitrary command execution attempt || nessus,10246 || cve,2000-0213 || bugtraq,1002
1708 || WEB-CGI hello.bat access || nessus,10246 || cve,2000-0213 || bugtraq,1002
1709 || WEB-CGI ad.cgi access
1710 || WEB-CGI bbs_forum.cgi access
1711 || WEB-CGI bsguest.cgi access
1712 || WEB-CGI bslist.cgi access
1713 || WEB-CGI cgforum.cgi access
1714 || WEB-CGI newdesk access
1715 || WEB-CGI register.cgi access
1716 || WEB-CGI gbook.cgi access || cve,2000-1131 || bugtraq,1940
1717 || WEB-CGI simplestguest.cgi access
1718 || WEB-CGI statusconfig.pl access
1719 || WEB-CGI talkback.cgi directory traversal attempt
1720 || WEB-CGI talkback.cgi access
1721 || WEB-CGI adcycle access
1722 || WEB-CGI MachineInfo access
1723 || WEB-CGI emumail.cgi NULL attempt || cve,2002-1526 || bugtraq,5824
1724 || WEB-CGI emumail.cgi access || cve,2002-1526 || bugtraq,5824
1725 || WEB-IIS +.htr code fragment attempt || cve,2000-0630 || bugtraq,1488
1726 || WEB-IIS doctodep.btr access
1727 || WEB-CGI SGI InfoSearch fname access || cve,2000-0207 || bugtraq,1031 || arachnids,290
1728 || FTP CWD ~<CR><NEWLINE> attempt || cve,2001-0421 || bugtraq,2601
1729 || CHAT IRC channel join
1730 || WEB-CGI ustorekeeper.pl directory traversal attempt || nessus,10645 || cve,2001-0466
1731 || WEB-CGI a1stats access || nessus,10669 || cve,2001-0561 || bugtraq,2705
1732 || RPC portmap rwalld request UDP
1733 || RPC portmap rwalld request TCP
1734 || FTP USER overflow attempt || cve,2002-0126 || cve,2001-0826 || cve,2001-0794 || cve,2000-1194 || cve,2000-1035 || cve,2000-0943 || cve,2000-0656 || cve,2000-0479 || bugtraq,4638 || bugtraq,1690 || bugtraq,1504 || bugtraq,1227
1735 || WEB-CLIENT XMLHttpRequest attempt
1736 || WEB-PHP squirrel mail spell-check arbitrary command attempt || bugtraq,3952
1737 || WEB-PHP squirrel mail theme arbitrary command attempt || cve,2002-0516 || bugtraq,4385
1738 || WEB-MISC global.inc access || cve,2002-0614 || bugtraq,4612
1739 || WEB-PHP DNSTools administrator authentication bypass attempt || cve,2002-0613 || bugtraq,4617
1740 || WEB-PHP DNSTools authentication bypass attempt || cve,2002-0613 || bugtraq,4617
1741 || WEB-PHP DNSTools access || cve,2002-0613 || bugtraq,4617
1742 || WEB-PHP Blahz-DNS dostuff.php modify user attempt || cve,2002-0599 || bugtraq,4618
1743 || WEB-PHP Blahz-DNS dostuff.php access || cve,2002-0599 || bugtraq,4618
1744 || WEB-MISC SecureSite authentication bypass attempt || bugtraq,4621
1745 || WEB-PHP Messagerie supp_membre.php access || bugtraq,4635
1746 || RPC portmap cachefsd request UDP || cve,2002-0084 || cve,2002-0033 || bugtraq,4674
1747 || RPC portmap cachefsd request TCP || cve,2002-0084 || cve,2002-0033 || bugtraq,4674
1748 || FTP command overflow attempt || cve,2002-0606 || bugtraq,4638
1749 || EXPERIMENTAL WEB-IIS .NET trace.axd access
1750 || WEB-IIS users.xml access
1751 || EXPLOIT cachefsd buffer overflow attempt || cve,2002-0084 || bugtraq,4631
1752 || MISC AIM AddExternalApp attempt || url,www.w00w00.org/files/w00aimexp/
1753 || WEB-IIS as_web.exe access || bugtraq,4670
1754 || WEB-IIS as_web4.exe access || bugtraq,4670
1755 || IMAP partial body buffer overflow attempt || cve,2002-0379 || bugtraq,4713
1756 || WEB-IIS NewsPro administration authentication attempt
1757 || WEB-MISC b2 arbitrary command execution attempt
1758 || WEB-MISC b2 access
1759 || MS-SQL xp_cmdshell program execution 445
1760 || OTHER-IDS ISS RealSecure 6 event collector connection attempt
1761 || OTHER-IDS ISS RealSecure 6 daemon connection attempt
1762 || WEB-CGI phf arbitrary command execution attempt || cve,1999-0067 || bugtraq,629 || arachnids,128
1763 || WEB-CGI Nortel Contivity cgiproc DOS attempt || nessus,10160 || cve,2000-0064 || cve,2000-0063 || bugtraq,938
1764 || WEB-CGI Nortel Contivity cgiproc DOS attempt || nessus,10160 || cve,2000-0064 || cve,2000-0063 || bugtraq,938
1765 || WEB-CGI Nortel Contivity cgiproc access || nessus,10160 || cve,2000-0064 || cve,2000-0063 || bugtraq,938
1766 || WEB-MISC search.dll directory listing attempt || nessus,10514 || cve,2000-0835 || bugtraq,1684
1767 || WEB-MISC search.dll access || nessus,10514 || cve,2000-0835 || bugtraq,1684
1768 || WEB-IIS header field buffer overflow attempt || cve,2002-0150 || bugtraq,4476
1769 || WEB-MISC .DS_Store access || url,www.macintouch.com/mosxreaderreports46.html
1770 || WEB-MISC .FBCIndex access || url,www.securiteam.com/securitynews/5LP0O005FS.html
1771 || POLICY IPSec PGPNet connection attempt
1772 || WEB-IIS pbserver access || url,www.microsoft.com/technet/security/bulletin/ms00-094.mspx
1773 || WEB-PHP php.exe access || url,www.securitytracker.com/alerts/2002/Jan/1003104.html
1774 || WEB-PHP bb_smilies.php access || url,www.securiteam.com/securitynews/Serious_security_hole_in_PHP-Nuke__bb_smilies_.html
1775 || MYSQL root login attempt
1776 || MYSQL show databases attempt
1777 || FTP EXPLOIT STAT * dos attempt || cve,2002-0073 || bugtraq,4482
1778 || FTP EXPLOIT STAT ? dos attempt || cve,2002-0073 || bugtraq,4482
1779 || FTP CWD .... attempt || bugtraq,4884
1780 || IMAP EXPLOIT partial body overflow attempt || cve,2002-0379 || bugtraq,4713
1781 || PORN dildo
1782 || PORN nipple clamp
1783 || PORN oral sex
1784 || PORN nude celeb
1785 || PORN voyeur
1786 || PORN raw sex
1787 || WEB-CGI csPassword.cgi access || cve,2002-0918 || cve,2002-0917 || bugtraq,4889 || bugtraq,4887 || bugtraq,4886 || bugtraq,4885
1788 || WEB-CGI csPassword password.cgi.tmp access || cve,2002-0920 || bugtraq,4889
1789 || CHAT IRC dns request
1790 || CHAT IRC dns response
1791 || BACKDOOR fragroute trojan connection attempt || bugtraq,4898
1792 || NNTP return code buffer overflow attempt || cve,2002-0909 || bugtraq,4900
1793 || PORN fetish
1794 || PORN masturbation
1795 || PORN ejaculation
1796 || PORN virgin
1797 || PORN BDSM
1798 || PORN erotica
1799 || PORN fisting
1800 || VIRUS Klez Incoming
1801 || WEB-IIS .asp HTTP header buffer overflow attempt || cve,2002-0150 || bugtraq,4476
1802 || WEB-IIS .asa HTTP header buffer overflow attempt || cve,2002-0150 || bugtraq,4476
1803 || WEB-IIS .cer HTTP header buffer overflow attempt || cve,2002-0150 || bugtraq,4476
1804 || WEB-IIS .cdx HTTP header buffer overflow attempt || cve,2002-0150 || bugtraq,4476
1805 || WEB-CGI Oracle reports CGI access || cve,2002-0947 || bugtraq,4848
1806 || WEB-IIS .htr chunked Transfer-Encoding || cve,2002-0364 || bugtraq,5003 || bugtraq,4855
1807 || WEB-MISC Chunked-Encoding transfer attempt || cve,2002-0392 || cve,2002-0079 || cve,2002-0071 || bugtraq,5033 || bugtraq,4485 || bugtraq,4474
1808 || WEB-MISC apache chunked encoding memory corruption exploit attempt || cve,2002-0392 || bugtraq,5033
1809 || WEB-MISC Apache Chunked-Encoding worm attempt || cve,2002-0392 || cve,2002-0079 || cve,2002-0071 || bugtraq,5033 || bugtraq,4485 || bugtraq,4474
1810 || ATTACK-RESPONSES successful gobbles ssh exploit GOBBLE || cve,2002-0639 || cve,2002-0390 || bugtraq,5093
1811 || ATTACK-RESPONSES successful gobbles ssh exploit uname || cve,2002-0639 || cve,2002-0390 || bugtraq,5093
1812 || EXPLOIT gobbles SSH exploit attempt || cve,2002-0639 || cve,2002-0390 || bugtraq,5093
1813 || ICMP digital island bandwidth query
1814 || WEB-MISC CISCO VoIP DOS ATTEMPT || cve,2002-0882 || bugtraq,4798 || bugtraq,4794
1815 || WEB-PHP directory.php arbitrary command attempt || cve,2002-0434 || bugtraq,4278
1816 || WEB-PHP directory.php access || cve,2002-0434 || bugtraq,4278
1817 || WEB-IIS MS Site Server default login attempt || nessus,11018
1818 || WEB-IIS MS Site Server admin attempt || nessus,11018
1819 || MISC Alcatel PABX 4400 connection attempt || nessus,11019
1820 || WEB-MISC IBM Net.Commerce orderdspc.d2w access || nessus,11020 || cve,2001-0319 || bugtraq,2350
1821 || EXPLOIT LPD dvips remote command execution attempt || nessus,11023 || cve,2001-1002 || bugtraq,3241
1822 || WEB-CGI alienform.cgi directory traversal attempt || nessus,11027 || cve,2002-0934 || bugtraq,4983
1823 || WEB-CGI AlienForm af.cgi directory traversal attempt || nessus,11027 || cve,2002-0934 || bugtraq,4983
1824 || WEB-CGI alienform.cgi access || nessus,11027 || cve,2002-0934 || bugtraq,4983
1825 || WEB-CGI AlienForm af.cgi access || nessus,11027 || cve,2002-0934 || bugtraq,4983
1826 || WEB-MISC WEB-INF access || nessus,11037
1827 || WEB-MISC Tomcat servlet mapping cross site scripting attempt || nessus,11041 || cve,2002-0682 || bugtraq,5193
1828 || WEB-MISC iPlanet Search directory traversal attempt || nessus,11043 || cve,2002-1042 || bugtraq,5191
1829 || WEB-MISC Tomcat TroubleShooter servlet access || nessus,11046 || bugtraq,4575
1830 || WEB-MISC Tomcat SnoopServlet servlet access || nessus,11046 || bugtraq,4575
1831 || WEB-MISC jigsaw dos attempt || nessus,11047
1832 || CHAT ICQ forced user addition || cve,2001-1305 || bugtraq,3226
1833 || PORN naked lesbians
1834 || WEB-PHP PHP-Wiki cross site scripting attempt || cve,2002-1070 || bugtraq,5254
1835 || WEB-MISC Macromedia SiteSpring cross site scripting attempt || cve,2002-1027 || bugtraq,5249
1836 || PORN alt.binaries.pictures.erotica
1837 || PORN alt.binaries.pictures.tinygirls
1838 || EXPLOIT SSH server banner overflow || cve,2002-1059 || bugtraq,5287
1839 || WEB-MISC mailman cross site scripting attempt || cve,2002-0855 || bugtraq,5298
1840 || WEB-CLIENT Javascript document.domain attempt || bugtraq,5346
1841 || WEB-CLIENT Javascript URL host spoofing attempt || bugtraq,5293
1842 || IMAP login buffer overflow attempt || nessus,10125 || cve,1999-0005
1843 || BACKDOOR trinity connection attempt || nessus,10501 || cve,2000-0138
1844 || IMAP authenticate overflow attempt || nessus,10292 || cve,1999-0042
1845 || IMAP list literal overflow attempt || nessus,10374 || cve,2000-0284 || bugtraq,1110
1846 || POLICY vncviewer Java applet download attempt || nessus,10758
1847 || WEB-MISC webalizer access || nessus,10816 || cve,2001-0835 || cve,1999-0643 || bugtraq,3473
1848 || WEB-MISC webcart-lite access || nessus,10298 || cve,1999-0610
1849 || WEB-MISC webfind.exe access || nessus,10475 || cve,2000-0622 || bugtraq,1487
1850 || WEB-CGI way-board.cgi access || nessus,10610
1851 || WEB-MISC active.log access || nessus,10470 || cve,2000-0642 || bugtraq,1497
1852 || WEB-MISC robots.txt access || nessus,10302
1853 || BACKDOOR win-trin00 connection attempt || nessus,10307 || cve,2000-0138
1854 || DDOS Stacheldraht handler->agent niggahbitch || url,staff.washington.edu/dittrich/misc/stacheldraht.analysis
1855 || DDOS Stacheldraht agent->handler skillz || url,staff.washington.edu/dittrich/misc/stacheldraht.analysis
1856 || DDOS Stacheldraht handler->agent ficken || url,staff.washington.edu/dittrich/misc/stacheldraht.analysis
1857 || WEB-MISC robot.txt access || nessus,10302
1858 || WEB-MISC CISCO PIX Firewall Manager directory traversal attempt || nessus,10819 || cve,1999-0158 || bugtraq,691
1859 || WEB-MISC Sun JavaServer default password login attempt || nessus,10995 || cve,1999-0508
1860 || WEB-MISC Linksys router default password login attempt || nessus,10999
1861 || WEB-MISC Linksys router default username and password login attempt || nessus,10999
1862 || WEB-CGI mrtg.cgi directory traversal attempt || nessus,11001 || cve,2002-0232 || bugtraq,4017
1864 || FTP SITE NEWER attempt || nessus,10319 || cve,1999-0880
1865 || WEB-CGI webdist.cgi arbitrary command attempt || nessus,10299 || cve,1999-0039 || bugtraq,374
1866 || POP3 USER overflow attempt || nessus,10311 || cve,1999-0494 || bugtraq,789
1867 || MISC xdmcp info query || nessus,10891
1868 || WEB-CGI story.pl arbitrary file read attempt || nessus,10817 || cve,2001-0804 || bugtraq,3028
1869 || WEB-CGI story.pl access || nessus,10817 || cve,2001-0804 || bugtraq,3028
1870 || WEB-CGI siteUserMod.cgi access || nessus,10253 || cve,2000-0117 || bugtraq,951
1871 || WEB-MISC Oracle XSQLConfig.xml access || nessus,10855 || cve,2002-0568 || bugtraq,4290
1872 || WEB-MISC Oracle Dynamic Monitoring Services dms access || nessus,10848
1873 || WEB-MISC globals.jsa access || nessus,10850 || cve,2002-0562 || bugtraq,4034
1874 || WEB-MISC Oracle Java Process Manager access || nessus,10851
1875 || WEB-CGI cgicso access || nessus,10780 || nessus,10779 || bugtraq,6141
1876 || WEB-CGI nph-publish.cgi access || nessus,10164 || cve,1999-1177
1877 || WEB-CGI printenv access || nessus,10503 || cve,2000-0868 || bugtraq,1658
1878 || WEB-CGI sdbsearch.cgi access || nessus,10503 || cve,2000-0868 || bugtraq,1658
1879 || WEB-CGI book.cgi arbitrary command execution attempt || nessus,10721 || cve,2001-1114 || bugtraq,3178
1880 || WEB-MISC oracle web application server access || nessus,10348 || cve,2000-0169 || bugtraq,1053
1881 || WEB-MISC bad HTTP/1.1 request, Potentially worm attack || url,securityresponse.symantec.com/avcenter/security/Content/2002.09.13.html
1882 || ATTACK-RESPONSES id check returned userid
1883 || ATTACK-RESPONSES id check returned nobody
1884 || ATTACK-RESPONSES id check returned web
1885 || ATTACK-RESPONSES id check returned http
1886 || ATTACK-RESPONSES id check returned apache
1887 || MISC OpenSSL Worm traffic || url,www.cert.org/advisories/CA-2002-27.html
1888 || FTP SITE CPWD overflow attempt || cve,2002-0826 || bugtraq,5427
1889 || MISC slapper worm admin traffic || url,www.cert.org/advisories/CA-2002-27.html || url,isc.incidents.org/analysis.html?id=167
1890 || RPC status GHBN format string attack || cve,2000-0666 || bugtraq,1480
1891 || RPC status GHBN format string attack || cve,2000-0666 || bugtraq,1480
1892 || SNMP null community string attempt || cve,1999-0517 || bugtraq,8974 || bugtraq,2112
1893 || SNMP missing community string attempt || cve,1999-0517 || bugtraq,2112
1894 || EXPLOIT kadmind buffer overflow attempt || url,www.kb.cert.org/vuls/id/875073 || cve,2002-1235 || cve,2002-1226 || bugtraq,6024 || bugtraq,5731
1895 || EXPLOIT kadmind buffer overflow attempt || url,www.kb.cert.org/vuls/id/875073 || cve,2002-1235 || cve,2002-1226 || bugtraq,6024 || bugtraq,5731
1896 || EXPLOIT kadmind buffer overflow attempt || url,www.kb.cert.org/vuls/id/875073 || cve,2002-1235 || cve,2002-1226 || bugtraq,6024 || bugtraq,5731
1897 || EXPLOIT kadmind buffer overflow attempt || url,www.kb.cert.org/vuls/id/875073 || cve,2002-1235 || cve,2002-1226 || bugtraq,6024 || bugtraq,5731
1898 || EXPLOIT kadmind buffer overflow attempt || url,www.kb.cert.org/vuls/id/875073 || cve,2002-1235 || cve,2002-1226 || bugtraq,6024 || bugtraq,5731
1899 || EXPLOIT kadmind buffer overflow attempt || url,www.kb.cert.org/vuls/id/875073 || cve,2002-1235 || cve,2002-1226 || bugtraq,6024 || bugtraq,5731
1900 || ATTACK-RESPONSES successful kadmind buffer overflow attempt || url,www.kb.cert.org/vuls/id/875073 || cve,2002-1235 || cve,2002-1226 || bugtraq,6024 || bugtraq,5731
1901 || ATTACK-RESPONSES successful kadmind buffer overflow attempt || url,www.kb.cert.org/vuls/id/875073 || cve,2002-1235 || cve,2002-1226 || bugtraq,6024 || bugtraq,5731
1902 || IMAP lsub literal overflow attempt || nessus,10374 || cve,2000-0284 || bugtraq,1110
1903 || IMAP rename overflow attempt || nessus,10374 || cve,2000-0284 || bugtraq,1110
1904 || IMAP find overflow attempt || nessus,10374 || cve,2000-0284 || bugtraq,1110
1905 || RPC AMD UDP amqproc_mount plog overflow attempt || cve,1999-0704 || bugtraq,614
1906 || RPC AMD TCP amqproc_mount plog overflow attempt || cve,1999-0704 || bugtraq,614
1907 || RPC CMSD UDP CMSD_CREATE buffer overflow attempt || cve,1999-0696 || bugtraq,524
1908 || RPC CMSD TCP CMSD_CREATE buffer overflow attempt || cve,1999-0696 || bugtraq,524
1909 || RPC CMSD TCP CMSD_INSERT buffer overflow attempt || url,www.cert.org/advisories/CA-99-08-cmsd.html || cve,1999-0696
1910 || RPC CMSD udp CMSD_INSERT buffer overflow attempt || url,www.cert.org/advisories/CA-99-08-cmsd.html || cve,1999-0696
1911 || RPC sadmind UDP NETMGT_PROC_SERVICE CLIENT_DOMAIN overflow attempt || cve,1999-0977 || bugtraq,866 || bugtraq,0866
1912 || RPC sadmind TCP NETMGT_PROC_SERVICE CLIENT_DOMAIN overflow attempt || cve,1999-0977 || bugtraq,866 || bugtraq,0866
1913 || RPC STATD UDP stat mon_name format string exploit attempt || cve,2000-0666 || bugtraq,1480
1914 || RPC STATD TCP stat mon_name format string exploit attempt || cve,2000-0666 || bugtraq,1480
1915 || RPC STATD UDP monitor mon_name format string exploit attempt || cve,2000-0666 || bugtraq,1480
1916 || RPC STATD TCP monitor mon_name format string exploit attempt || cve,2000-0666 || bugtraq,1480
1917 || SCAN UPnP service discover attempt
1918 || SCAN SolarWinds IP scan attempt
1919 || FTP CWD overflow attempt || cve,2002-0126 || cve,2000-1194 || cve,2000-1035 || bugtraq,7950 || bugtraq,1690 || bugtraq,1227
1920 || FTP SITE NEWER overflow attempt || cve,1999-0800 || bugtraq,229
1921 || FTP SITE ZIPCHK overflow attempt || cve,2000-0040
1922 || RPC portmap proxy attempt TCP
1923 || RPC portmap proxy attempt UDP
1924 || RPC mountd UDP export request || arachnids,26
1925 || RPC mountd TCP exportall request || arachnids,26
1926 || RPC mountd UDP exportall request || arachnids,26
1927 || FTP authorized_keys
1928 || FTP shadow retrieval attempt
1929 || BACKDOOR TCPDUMP/PCAP trojan traffic || url,hlug.fscker.com
1930 || IMAP auth literal overflow attempt || cve,1999-0005
1931 || WEB-CGI rpc-nlog.pl access || cve,1999-1278
1932 || WEB-CGI rpc-smb.pl access || cve,1999-1278
1933 || WEB-CGI cart.cgi access
1934 || POP2 FOLD overflow attempt || cve,1999-0920 || bugtraq,283
1935 || POP2 FOLD arbitrary file attempt
1936 || POP3 AUTH overflow attempt
1937 || POP3 LIST overflow attempt || cve,2000-0096 || bugtraq,948
1938 || POP3 XTND overflow attempt
1939 || MISC bootp hardware address length overflow || cve,1999-0798
1940 || MISC bootp invalid hardware type || cve,1999-0798
1941 || TFTP GET filename overflow attempt || cve,2002-0813 || bugtraq,5328
1942 || FTP RMDIR overflow attempt
1943 || WEB-MISC /Carello/add.exe access || cve,2000-0396 || bugtraq,1245
1944 || WEB-MISC /ecscripts/ecware.exe access
1945 || WEB-IIS unicode directory traversal attempt || cve,2000-0884 || bugtraq,1806
1946 || WEB-MISC answerbook2 admin attempt
1947 || WEB-MISC answerbook2 arbitrary command execution attempt
1948 || DNS zone transfer UDP || cve,1999-0532 || arachnids,212
1949 || RPC portmap SET attempt TCP 111
1950 || RPC portmap SET attempt UDP 111
1951 || RPC mountd TCP mount request
1952 || RPC mountd UDP mount request
1953 || RPC AMD TCP pid request
1954 || RPC AMD UDP pid request
1955 || RPC AMD TCP version request
1956 || RPC AMD UDP version request
1957 || RPC sadmind UDP PING || bugtraq,866
1958 || RPC sadmind TCP PING || bugtraq,866
1959 || RPC portmap NFS request UDP
1960 || RPC portmap NFS request TCP
1961 || RPC portmap RQUOTA request UDP
1962 || RPC portmap RQUOTA request TCP
1963 || RPC RQUOTA getquota overflow attempt UDP || cve,1999-0974 || bugtraq,864
1964 || RPC tooltalk UDP overflow attempt || cve,1999-0003 || bugtraq,122
1965 || RPC tooltalk TCP overflow attempt || cve,1999-0003 || bugtraq,122
1966 || MISC GlobalSunTech Access Point Information Disclosure attempt || bugtraq,6100
1967 || WEB-PHP phpbb quick-reply.php arbitrary command attempt || bugtraq,6173
1968 || WEB-PHP phpbb quick-reply.php access || bugtraq,6173
1969 || WEB-MISC ion-p access || cve,2002-1559 || bugtraq,6091
1970 || WEB-IIS MDAC Content-Type overflow attempt || url,www.foundstone.com/knowledge/randd-advisories-display.html?id=337 || cve,2002-1142 || bugtraq,6214
1971 || FTP SITE EXEC format string attempt
1972 || FTP PASS overflow attempt || cve,2002-0126 || cve,2000-1035 || bugtraq,9285 || bugtraq,8601 || bugtraq,3884 || bugtraq,1690
1973 || FTP MKD overflow attempt || cve,1999-0911 || bugtraq,9872 || bugtraq,612
1974 || FTP REST overflow attempt || cve,2001-0826 || bugtraq,2972
1975 || FTP DELE overflow attempt || cve,2001-0826 || bugtraq,2972
1976 || FTP RMD overflow attempt || cve,2001-0826 || bugtraq,2972
1977 || WEB-MISC xp_regwrite attempt
1978 || WEB-MISC xp_regdeletekey attempt
1979 || WEB-MISC perl post attempt || nessus,11158 || cve,2002-1436 || bugtraq,5520
1980 || BACKDOOR DeepThroat 3.1 Connection attempt
1981 || BACKDOOR DeepThroat 3.1 Connection attempt [3150]
1982 || BACKDOOR DeepThroat 3.1 Server Response [3150] || arachnids,106
1983 || BACKDOOR DeepThroat 3.1 Connection attempt [4120]
1984 || BACKDOOR DeepThroat 3.1 Server Response [4120] || arachnids,106
1985 || BACKDOOR Doly 1.5 server response
1986 || CHAT MSN file transfer request
1987 || MISC xfs overflow attempt || nessus,11188 || cve,2002-1317 || bugtraq,6241
1988 || CHAT MSN file transfer accept
1989 || CHAT MSN file transfer reject
1990 || CHAT MSN user search
1991 || CHAT MSN login attempt
1992 || FTP LIST directory traversal attempt || nessus,11112 || cve,2001-0680 || bugtraq,2618
1993 || IMAP login literal buffer overflow attempt || bugtraq,6298
1994 || WEB-CGI vpasswd.cgi access || nessus,11165 || bugtraq,6038
1995 || WEB-CGI alya.cgi access || nessus,11118
1996 || WEB-CGI viralator.cgi access || nessus,11107 || cve,2001-0849
1997 || WEB-PHP read_body.php access attempt || cve,2002-1341 || bugtraq,6302
1998 || WEB-PHP calendar.php access || nessus,11179 || bugtraq,9353 || bugtraq,5820
1999 || WEB-PHP edit_image.php access || nessus,11104 || cve,2001-1020 || bugtraq,3288
2000 || WEB-PHP readmsg.php access || nessus,11073
2001 || WEB-CGI smartsearch.cgi access
2002 || WEB-PHP remote include path
2003 || MS-SQL Worm propagation attempt || url,vil.nai.com/vil/content/v_99992.htm || cve,2002-0649 || bugtraq,5311 || bugtraq,5310
2004 || MS-SQL Worm propagation attempt OUTBOUND || url,vil.nai.com/vil/content/v_99992.htm || cve,2002-0649 || bugtraq,5311 || bugtraq,5310
2005 || RPC portmap kcms_server request UDP || url,www.kb.cert.org/vuls/id/850785 || cve,2003-0027 || bugtraq,6665
2006 || RPC portmap kcms_server request TCP || url,www.kb.cert.org/vuls/id/850785 || cve,2003-0027 || bugtraq,6665
2007 || RPC kcms_server directory traversal attempt || url,www.kb.cert.org/vuls/id/850785 || cve,2003-0027 || bugtraq,6665
2008 || MISC CVS invalid user authentication response
2009 || MISC CVS invalid repository response
2010 || MISC CVS double free exploit attempt response || cve,2003-0015 || bugtraq,6650
2011 || MISC CVS invalid directory response || cve,2003-0015 || bugtraq,6650
2012 || MISC CVS missing cvsroot response
2013 || MISC CVS invalid module response
2014 || RPC portmap UNSET attempt TCP 111 || bugtraq,1892
2015 || RPC portmap UNSET attempt UDP 111 || bugtraq,1892
2016 || RPC portmap status request TCP || arachnids,15
2017 || RPC portmap espd request UDP || cve,2001-0331 || bugtraq,2714
2018 || RPC mountd TCP dump request
2019 || RPC mountd UDP dump request
2020 || RPC mountd TCP unmount request
2021 || RPC mountd UDP unmount request
2022 || RPC mountd TCP unmountall request
2023 || RPC mountd UDP unmountall request
2024 || RPC RQUOTA getquota overflow attempt TCP || cve,1999-0974 || bugtraq,864
2025 || RPC yppasswd username overflow attempt UDP || cve,2001-0779 || bugtraq,2763
2026 || RPC yppasswd username overflow attempt TCP || cve,2001-0779 || bugtraq,2763
2027 || RPC yppasswd old password overflow attempt UDP
2028 || RPC yppasswd old password overflow attempt TCP
2029 || RPC yppasswd new password overflow attempt UDP
2030 || RPC yppasswd new password overflow attempt TCP
2031 || RPC yppasswd user update UDP
2032 || RPC yppasswd user update TCP
2033 || RPC ypserv maplist request UDP || cve,2002-1232 || bugtraq,6016 || bugtraq,5914
2034 || RPC ypserv maplist request TCP || bugtraq,6016 || bugtraq,5914 || Cve,CAN-2002-1232
2035 || RPC portmap network-status-monitor request UDP
2036 || RPC portmap network-status-monitor request TCP
2037 || RPC network-status-monitor mon-callback request UDP
2038 || RPC network-status-monitor mon-callback request TCP
2039 || MISC bootp hostname format string attempt || cve,2002-0702 || bugtraq,4701
2040 || POLICY xtacacs login attempt
2041 || MISC xtacacs failed login response
2042 || POLICY xtacacs accepted login response
2043 || MISC isakmp login failed
2044 || POLICY PPTP Start Control Request attempt
2045 || RPC snmpXdmi overflow attempt UDP || url,www.cert.org/advisories/CA-2001-05.html || cve,2001-0236 || bugtraq,2417
2046 || IMAP partial body.peek buffer overflow attempt || cve,2002-0379 || bugtraq,4713
2047 || MISC rsyncd module list access
2048 || MISC rsyncd overflow attempt
2049 || MS-SQL ping attempt || nessus,10674
2050 || MS-SQL version overflow attempt || nessus,10674 || cve,2002-0649 || bugtraq,5310
2051 || WEB-CGI cached_feed.cgi moreover shopping cart access || cve,2000-0906 || bugtraq,1762
2052 || WEB-CGI overflow.cgi access || url,www.cert.org/advisories/CA-2002-35.html || nessus,11190
2053 || WEB-CGI process_bug.cgi access || cve,2002-0008
2054 || WEB-CGI enter_bug.cgi arbitrary command attempt || cve,2002-0008
2055 || WEB-CGI enter_bug.cgi access || cve,2002-0008
2056 || WEB-MISC TRACE attempt || url,www.whitehatsec.com/press_releases/WH-PR-20030120.pdf || nessus,11213 || bugtraq,9561
2057 || WEB-MISC helpout.exe access || nessus,11162 || cve,2002-1169 || bugtraq,6002
2058 || WEB-MISC MsmMask.exe attempt || nessus,11163
2059 || WEB-MISC MsmMask.exe access || nessus,11163
2060 || WEB-MISC DB4Web access || nessus,11180
2061 || WEB-MISC Tomcat null byte directory listing attempt || cve,2003-0042 || bugtraq,6721 || bugtraq,2518
2062 || WEB-MISC iPlanet .perf access
2063 || WEB-MISC Demarc SQL injection attempt
2064 || WEB-MISC Lotus Notes .csp script source download attempt
2065 || WEB-MISC Lotus Notes .csp script source download attempt
2066 || WEB-MISC Lotus Notes .pl script source download attempt
2067 || WEB-MISC Lotus Notes .exe script source download attempt
2068 || WEB-MISC BitKeeper arbitrary command attempt || bugtraq,6588
2069 || WEB-MISC chip.ini access || cve,2001-0771 || cve,2001-0749 || bugtraq,2775 || bugtraq,2755
2070 || WEB-MISC post32.exe arbitrary command attempt || bugtraq,1485
2071 || WEB-MISC post32.exe access || bugtraq,1485
2072 || WEB-MISC lyris.pl access || cve,2000-0758 || bugtraq,1584
2073 || WEB-MISC globals.pl access || cve,2001-0330 || bugtraq,2671
2074 || WEB-PHP Mambo uploadimage.php upload php file attempt || bugtraq,6572
2075 || WEB-PHP Mambo upload.php upload php file attempt || bugtraq,6572
2076 || WEB-PHP Mambo uploadimage.php access || bugtraq,6572
2077 || WEB-PHP Mambo upload.php access || bugtraq,6572
2078 || WEB-PHP phpBB privmsg.php access || bugtraq,6634
2079 || RPC portmap nlockmgr request UDP || cve,2000-0508 || bugtraq,1372
2080 || RPC portmap nlockmgr request TCP || cve,2000-0508 || bugtraq,1372
2081 || RPC portmap rpc.xfsmd request UDP || cve,2002-0359 || bugtraq,5075 || bugtraq,5072
2082 || RPC portmap rpc.xfsmd request TCP || cve,2002-0359 || bugtraq,5075 || bugtraq,5072
2083 || RPC rpc.xfsmd xfs_export attempt UDP || cve,2002-0359 || bugtraq,5075 || bugtraq,5072
2084 || RPC rpc.xfsmd xfs_export attempt TCP || cve,2002-0359 || bugtraq,5075 || bugtraq,5072
2085 || WEB-CGI parse_xml.cgi access || cve,2003-0054 || bugtraq,6960
2086 || WEB-CGI streaming server parse_xml.cgi access || cve,2003-0054 || bugtraq,6960
2087 || SMTP From comment overflow attempt || url,www.kb.cert.org/vuls/id/398025 || cve,2002-1337
2088 || RPC ypupdated arbitrary command attempt UDP
2089 || RPC ypupdated arbitrary command attempt TCP
2090 || WEB-IIS WEBDAV exploit attempt || url,www.microsoft.com/technet/security/bulletin/ms03-007.mspx || cve,2003-0109 || bugtraq,7716 || bugtraq,7116
2091 || WEB-IIS WEBDAV nessus safe scan attempt || url,www.microsoft.com/technet/security/bulletin/ms03-007.mspx || nessus,11413 || nessus,11412 || cve,2003-0109 || bugtraq,7116
2092 || RPC portmap proxy integer overflow attempt UDP || cve,2003-0028 || bugtraq,7123
2093 || RPC portmap proxy integer overflow attempt TCP || cve,2003-0028 || bugtraq,7123
2094 || RPC CMSD UDP CMSD_CREATE array buffer overflow attempt || cve,2002-0391 || bugtraq,5356
2095 || RPC CMSD TCP CMSD_CREATE array buffer overflow attempt || cve,2002-0391 || bugtraq,5356
2100 || BACKDOOR SubSeven 2.1 Gold server connection response
2101 || NETBIOS SMB SMB_COM_TRANSACTION Max Parameter and Max Count of 0 DOS Attempt || url,www.microsoft.com/technet/security/bulletin/MS02-045.mspx || url,www.corest.com/common/showdoc.php?idx=262 || cve,2002-0724 || bugtraq,5556
2102 || NETBIOS SMB SMB_COM_TRANSACTION Max Data Count of 0 DOS Attempt || url,www.microsoft.com/technet/security/bulletin/MS02-045.mspx || url,www.corest.com/common/showdoc.php?idx=262 || cve,2002-0724 || bugtraq,5556
2103 || NETBIOS SMB trans2open buffer overflow attempt || url,www.digitaldefense.net/labs/advisories/DDI-1013.txt || cve,2003-0201 || bugtraq,7294
2104 || ATTACK-RESPONSES rexec username too long response
2105 || IMAP authenticate literal overflow attempt || nessus,10292 || cve,1999-0042
2106 || IMAP lsub overflow attempt || nessus,10374 || cve,2000-0284 || bugtraq,1110
2107 || IMAP create buffer overflow attempt || bugtraq,7446
2108 || POP3 CAPA overflow attempt
2109 || POP3 TOP overflow attempt
2110 || POP3 STAT overflow attempt
2111 || POP3 DELE overflow attempt
2112 || POP3 RSET overflow attempt
2113 || RSERVICES rexec username overflow attempt
2114 || RSERVICES rexec password overflow attempt
2115 || WEB-CGI album.pl access || bugtraq,7444
2116 || WEB-CGI chipcfg.cgi access || cve,2001-1341 || bugtraq,2767
2117 || WEB-IIS Battleaxe Forum login.asp access || cve,2003-0215 || bugtraq,7416
2118 || IMAP list overflow attempt || nessus,10374 || cve,2000-0284 || bugtraq,1110
2119 || IMAP rename literal overflow attempt || nessus,10374 || cve,2000-0284 || bugtraq,1110
2120 || IMAP create literal buffer overflow attempt || bugtraq,7446
2121 || POP3 DELE negative arguement attempt || cve,2002-1539 || bugtraq,7445 || bugtraq,6053
2122 || POP3 UIDL negative arguement attempt || cve,2002-1539 || bugtraq,6053
2123 || ATTACK-RESPONSES Microsoft cmd.exe banner || nessus,11633
2124 || BACKDOOR Remote PC Access connection attempt || nessus,11673
2125 || FTP CWD Root directory transversal attempt || nessus,11677 || cve,2003-0392 || bugtraq,7674
2126 || MISC Microsoft PPTP Start Control Request buffer overflow attempt || cve,2002-1214 || bugtraq,5807
2127 || WEB-CGI ikonboard.cgi access || nessus,11605 || bugtraq,7361
2128 || WEB-CGI swsrv.cgi access || nessus,11608 || cve,2003-0217 || bugtraq,7510
2129 || WEB-IIS nsiislog.dll access || url,www.microsoft.com/technet/security/bulletin/ms03-018.mspx || nessus,11664 || cve,2003-0349 || bugtraq,8035
2130 || WEB-IIS IISProtect siteadmin.asp access || nessus,11662 || cve,2003-0377 || bugtraq,7675
2131 || WEB-IIS IISProtect access || nessus,11661
2132 || WEB-IIS Synchrologic Email Accelerator userid list access attempt || nessus,11657
2133 || WEB-IIS MS BizTalk server access || nessus,11638 || cve,2003-0118 || cve,2003-0117 || bugtraq,7470 || bugtraq,7469
2134 || WEB-IIS register.asp access || nessus,11621
2135 || WEB-MISC philboard.mdb access || nessus,11682
2136 || WEB-MISC philboard_admin.asp authentication bypass attempt || nessus,11675 || bugtraq,7739
2137 || WEB-MISC philboard_admin.asp access || nessus,11675 || bugtraq,7739
2138 || WEB-MISC logicworks.ini access || nessus,11639 || bugtraq,6996
2139 || WEB-MISC /*.shtml access || nessus,11604 || cve,2000-0683 || bugtraq,1517
2140 || WEB-PHP p-news.php access || nessus,11669
2141 || WEB-PHP shoutbox.php directory traversal attempt || nessus,11668
2142 || WEB-PHP shoutbox.php access || nessus,11668
2143 || WEB-PHP b2 cafelog gm-2-b2.php remote file include attempt || nessus,11667
2144 || WEB-PHP b2 cafelog gm-2-b2.php access || nessus,11667
2145 || WEB-PHP TextPortal admin.php default password admin attempt || nessus,11660 || bugtraq,7673
2146 || WEB-PHP TextPortal admin.php default password 12345 attempt || nessus,11660 || bugtraq,7673
2147 || WEB-PHP BLNews objects.inc.php4 remote file include attempt || nessus,11647 || cve,2003-0394 || bugtraq,7677
2148 || WEB-PHP BLNews objects.inc.php4 access || nessus,11647 || cve,2003-0394 || bugtraq,7677
2149 || WEB-PHP Turba status.php access || nessus,11646
2150 || WEB-PHP ttCMS header.php remote file include attempt || nessus,11636 || bugtraq,7625 || bugtraq,7543 || bugtraq,7542
2151 || WEB-PHP ttCMS header.php access || nessus,11636 || bugtraq,7625 || bugtraq,7543 || bugtraq,7542
2152 || WEB-PHP test.php access || nessus,11617
2153 || WEB-PHP autohtml.php directory traversal attempt || nessus,11630
2154 || WEB-PHP autohtml.php access || nessus,11630
2155 || WEB-PHP ttforum remote file include attempt || nessus,11615 || bugtraq,7543 || bugtraq,7542
2156 || WEB-MISC mod_gzip_status access || nessus,11685
2157 || WEB-IIS IISProtect globaladmin.asp access || nessus,11661
2158 || MISC BGP invalid length || url,sf.net/tracker/index.php?func=detail&aid=744523&group_id=53066&atid=469575
2159 || MISC BGP invalid type 0
2160 || VIRUS OUTBOUND .exe file attachment
2161 || VIRUS OUTBOUND .doc file attachment
2162 || VIRUS OUTBOUND .hta file attachment
2163 || VIRUS OUTBOUND .chm file attachment
2164 || VIRUS OUTBOUND .reg file attachment
2165 || VIRUS OUTBOUND .ini file attachment
2166 || VIRUS OUTBOUND .bat file attachment
2167 || VIRUS OUTBOUND .diz file attachment
2168 || VIRUS OUTBOUND .cpp file attachment
2169 || VIRUS OUTBOUND .dll file attachment
2170 || VIRUS OUTBOUND .vxd file attachment
2171 || VIRUS OUTBOUND .sys file attachment
2172 || VIRUS OUTBOUND .com file attachment
2173 || VIRUS OUTBOUND .hsq file attachment
2174 || NETBIOS SMB winreg access
2175 || NETBIOS SMB winreg unicode access
2176 || NETBIOS SMB startup folder access
2177 || NETBIOS SMB startup folder unicode access
2178 || FTP USER format string attempt || cve,2004-0277 || bugtraq,9800 || bugtraq,9600 || bugtraq,9402 || bugtraq,9262 || bugtraq,7776 || bugtraq,7474
2179 || FTP PASS format string attempt || bugtraq,9800 || bugtraq,9262 || bugtraq,7474
2180 || P2P BitTorrent announce request
2181 || P2P BitTorrent transfer
2182 || BACKDOOR typot trojan traffic
2183 || SMTP Content-Transfer-Encoding overflow attempt || url,www.cert.org/advisories/CA-2003-12.html || cve,2003-0161
2184 || RPC mountd TCP mount path overflow attempt || nessus,11800 || cve,2003-0252 || bugtraq,8179
2185 || RPC mountd UDP mount path overflow attempt || nessus,11800 || cve,2003-0252 || bugtraq,8179
2186 || BAD-TRAFFIC IP Proto 53 SWIPE || cve,2003-0567 || bugtraq,8211
2187 || BAD-TRAFFIC IP Proto 55 IP Mobility || cve,2003-0567 || bugtraq,8211
2188 || BAD-TRAFFIC IP Proto 77 Sun ND || cve,2003-0567 || bugtraq,8211
2189 || BAD-TRAFFIC IP Proto 103 PIM || cve,2003-0567 || bugtraq,8211
2190 || NETBIOS DCERPC invalid bind attempt
2191 || NETBIOS SMB DCERPC invalid bind attempt
2192 || NETBIOS DCERPC ISystemActivator bind attempt || url,www.microsoft.com/technet/security/bulletin/MS03-026.mspx || cve,2003-0352 || bugtraq,8205
2193 || NETBIOS SMB-DS DCERPC ISystemActivator bind attempt || url,www.microsoft.com/technet/security/bulletin/MS03-026.mspx || cve,2003-0352 || bugtraq,8205
2194 || WEB-CGI CSMailto.cgi access || nessus,11748 || cve,2002-0749 || bugtraq,6265 || bugtraq,4579
2195 || WEB-CGI alert.cgi access || nessus,11748 || cve,2002-0346 || bugtraq,4579 || bugtraq,4211
2196 || WEB-CGI catgy.cgi access || nessus,11748 || cve,2001-1212 || bugtraq,4579 || bugtraq,3714
2197 || WEB-CGI cvsview2.cgi access || nessus,11748 || cve,2003-0153 || bugtraq,5517 || bugtraq,4579
2198 || WEB-CGI cvslog.cgi access || nessus,11748 || cve,2003-0153 || bugtraq,5517 || bugtraq,4579
2199 || WEB-CGI multidiff.cgi access || nessus,11748 || cve,2003-0153 || bugtraq,5517 || bugtraq,4579
2200 || WEB-CGI dnewsweb.cgi access || nessus,11748 || cve,2000-0423 || bugtraq,4579 || bugtraq,1172
2201 || WEB-CGI download.cgi access || nessus,11748 || cve,1999-1377 || bugtraq,4579
2202 || WEB-CGI edit_action.cgi access || nessus,11748 || cve,2001-1196 || bugtraq,4579 || bugtraq,3698
2203 || WEB-CGI everythingform.cgi access || nessus,11748 || cve,2001-0023 || bugtraq,4579 || bugtraq,2101
2204 || WEB-CGI ezadmin.cgi access || nessus,11748 || cve,2002-0263 || bugtraq,4579 || bugtraq,4068
2205 || WEB-CGI ezboard.cgi access || nessus,11748 || cve,2002-0263 || bugtraq,4579 || bugtraq,4068
2206 || WEB-CGI ezman.cgi access || nessus,11748 || cve,2002-0263 || bugtraq,4579 || bugtraq,4068
2207 || WEB-CGI fileseek.cgi access || nessus,11748 || cve,2002-0611 || bugtraq,6784 || bugtraq,4579
2208 || WEB-CGI fom.cgi access || nessus,11748 || cve,2002-0230 || bugtraq,4579
2209 || WEB-CGI getdoc.cgi access || nessus,11748 || cve,2000-0288 || bugtraq,4579
2210 || WEB-CGI global.cgi access || nessus,11748 || cve,2000-0952 || bugtraq,4579
2211 || WEB-CGI guestserver.cgi access || nessus,11748 || cve,2001-0180 || bugtraq,4579
2212 || WEB-CGI imageFolio.cgi access || nessus,11748 || cve,2002-1334 || bugtraq,6265 || bugtraq,4579
2213 || WEB-CGI mailfile.cgi access || nessus,11748 || cve,2000-0977 || bugtraq,4579 || bugtraq,1807
2214 || WEB-CGI mailview.cgi access || nessus,11748 || cve,2000-0526 || bugtraq,4579 || bugtraq,1335
2215 || WEB-CGI nsManager.cgi access || nessus,11748 || cve,2000-1023 || bugtraq,4579 || bugtraq,1710
2216 || WEB-CGI readmail.cgi access || nessus,11748 || cve,2001-1283 || bugtraq,4579 || bugtraq,3427
2217 || WEB-CGI printmail.cgi access || nessus,11748 || cve,2001-1283 || bugtraq,4579 || bugtraq,3427
2218 || WEB-CGI service.cgi access || nessus,11748 || cve,2002-0346 || bugtraq,4579 || bugtraq,4211
2219 || WEB-CGI setpasswd.cgi access || nessus,11748 || cve,2001-0133 || bugtraq,4579 || bugtraq,2212
2220 || WEB-CGI simplestmail.cgi access || nessus,11748 || cve,2001-0022 || bugtraq,4579 || bugtraq,2106
2221 || WEB-CGI ws_mail.cgi access || nessus,11748 || cve,2001-1343 || bugtraq,4579 || bugtraq,2861
2222 || WEB-CGI nph-exploitscanget.cgi access || nessus,11740 || cve,2003-0434 || bugtraq,7912 || bugtraq,7911 || bugtraq,7910
2223 || WEB-CGI csNews.cgi access || nessus,11726 || cve,2002-0923 || bugtraq,4994
2224 || WEB-CGI psunami.cgi access || nessus,11750 || bugtraq,6607
2225 || WEB-CGI gozila.cgi access || nessus,11773
2226 || WEB-PHP pmachine remote file include attempt || nessus,11739 || bugtraq,7919
2227 || WEB-PHP forum_details.php access || nessus,11760 || bugtraq,7933
2228 || WEB-PHP phpMyAdmin db_details_importdocsql.php access || nessus,11761 || bugtraq,7965 || bugtraq,7962
2229 || WEB-PHP viewtopic.php access || nessus,11767 || cve,2003-0486 || bugtraq,7979
2230 || WEB-MISC NetGear router default password login attempt admin/password || nessus,11737
2231 || WEB-MISC register.dll access || nessus,11747 || cve,2001-0958 || bugtraq,3327
2232 || WEB-MISC ContentFilter.dll access || nessus,11747 || cve,2001-0958 || bugtraq,3327
2233 || WEB-MISC SFNofitication.dll access || nessus,11747 || cve,2001-0958 || bugtraq,3327
2234 || WEB-MISC TOP10.dll access || nessus,11747 || cve,2001-0958 || bugtraq,3327
2235 || WEB-MISC SpamExcp.dll access || nessus,11747 || cve,2001-0958 || bugtraq,3327
2236 || WEB-MISC spamrule.dll access || nessus,11747 || cve,2001-0958 || bugtraq,3327
2237 || WEB-MISC cgiWebupdate.exe access || nessus,11722 || cve,2001-1150 || bugtraq,3216
2238 || WEB-MISC WebLogic ConsoleHelp view source attempt || nessus,11724 || cve,2000-0682 || bugtraq,1518
2239 || WEB-MISC redirect.exe access || cve,2000-0401 || bugtraq,1256
2240 || WEB-MISC changepw.exe access || cve,2000-0401 || bugtraq,1256
2241 || WEB-MISC cwmail.exe access || nessus,11727 || cve,2002-0273 || bugtraq,4093
2242 || WEB-MISC ddicgi.exe access || nessus,11728 || cve,2000-0826 || bugtraq,1657
2243 || WEB-MISC ndcgi.exe access || nessus,11730 || cve,2001-0922
2244 || WEB-MISC VsSetCookie.exe access || nessus,11731 || cve,2002-0236 || bugtraq,3784
2245 || WEB-MISC Webnews.exe access || nessus,11732 || cve,2002-0290 || bugtraq,4124
2246 || WEB-MISC webadmin.dll access || nessus,11771
2247 || WEB-IIS UploadScript11.asp access || cve,2001-0938
2248 || WEB-IIS DirectoryListing.asp access || cve,2001-0938
2249 || WEB-IIS /pcadmin/login.asp access || nessus,11785 || bugtraq,8103
2250 || POP3 USER format string attempt || nessus,11742 || bugtraq,7667
2251 || NETBIOS DCERPC Remote Activation bind attempt || url,www.microsoft.com/technet/security/bulletin/MS03-039.mspx || cve,2003-0715 || cve,2003-0605 || cve,2003-0528 || bugtraq,8458 || bugtraq,8234
2252 || NETBIOS SMB-DS DCERPC Remote Activation bind attempt || url,www.microsoft.com/technet/security/bulletin/MS03-039.mspx || cve,2003-0715 || cve,2003-0605 || cve,2003-0528 || bugtraq,8458 || bugtraq,8234
2253 || SMTP XEXCH50 overflow attempt || url,www.microsoft.com/technet/security/bulletin/MS03-046.mspx
2254 || SMTP XEXCH50 overflow with evasion attempt || url,www.microsoft.com/technet/security/bulletin/MS03-046.mspx
2255 || RPC sadmind query with root credentials attempt TCP
2256 || RPC sadmind query with root credentials attempt UDP
2257 || NETBIOS DCERPC Messenger Service buffer overflow attempt || url,www.microsoft.com/technet/security/bulletin/MS03-043.mspx || cve,2003-0717 || bugtraq,8826
2258 || NETBIOS SMB-DS DCERPC Messenger Service buffer overflow attempt || url,www.microsoft.com/technet/security/bulletin/MS03-043.mspx || cve,2003-0717 || bugtraq,8826
2259 || SMTP EXPN overflow attempt || cve,2003-0161 || cve,2002-1337 || bugtraq,7230 || bugtraq,6991
2260 || SMTP VRFY overflow attempt || cve,2003-0161 || cve,2002-1337 || bugtraq,7230 || bugtraq,6991
2261 || SMTP SEND FROM sendmail prescan too many addresses overflow || cve,2002-1337 || bugtraq,6991
2262 || SMTP SEND FROM sendmail prescan too long addresses overflow || cve,2003-0161 || bugtraq,7230
2263 || SMTP SAML FROM sendmail prescan too many addresses overflow || cve,2002-1337 || bugtraq,6991
2264 || SMTP SAML FROM sendmail prescan too long addresses overflow || cve,2003-0161 || bugtraq,7230
2265 || SMTP SOML FROM sendmail prescan too many addresses overflow || cve,2002-1337 || bugtraq,6991
2266 || SMTP SOML FROM sendmail prescan too long addresses overflow || cve,2003-0161 || bugtraq,7230
2267 || SMTP MAIL FROM sendmail prescan too many addresses overflow || cve,2002-1337 || bugtraq,6991
2268 || SMTP MAIL FROM sendmail prescan too long addresses overflow || cve,2003-0161 || bugtraq,7230
2269 || SMTP RCPT TO sendmail prescan too many addresses overflow || cve,2002-1337 || bugtraq,6991
2270 || SMTP RCPT TO sendmail prescan too long addresses overflow || cve,2003-0161 || bugtraq,7230
2271 || BACKDOOR FsSniffer connection attempt || nessus,11854
2272 || FTP LIST integer overflow attempt || cve,2003-0854 || cve,2003-0853 || bugtraq,8875
2273 || IMAP login brute force attempt
2274 || POP3 login brute force attempt
2275 || SMTP AUTH LOGON brute force attempt
2276 || WEB-MISC oracle portal demo access || nessus,11918
2277 || WEB-MISC PeopleSoft PeopleBooks psdoccgi access || cve,2003-0627 || cve,2003-0626 || bugtraq,9038 || bugtraq,9037
2278 || WEB-MISC negative Content-Length attempt || cve,2004-0095 || bugtraq,9576 || bugtraq,9476 || bugtraq,9098
2279 || WEB-PHP UpdateClasses.php access || bugtraq,9057
2280 || WEB-PHP Title.php access || bugtraq,9057
2281 || WEB-PHP Setup.php access || bugtraq,9057
2282 || WEB-PHP GlobalFunctions.php access || bugtraq,9057
2283 || WEB-PHP DatabaseFunctions.php access || bugtraq,9057
2284 || WEB-PHP rolis guestbook remote file include attempt || bugtraq,9057
2285 || WEB-PHP rolis guestbook access || bugtraq,9057
2286 || WEB-PHP friends.php access || bugtraq,9088
2287 || WEB-PHP Advanced Poll admin_comment.php access || nessus,11487 || bugtraq,8890
2288 || WEB-PHP Advanced Poll admin_edit.php access || nessus,11487 || bugtraq,8890
2289 || WEB-PHP Advanced Poll admin_embed.php access || nessus,11487 || bugtraq,8890
2290 || WEB-PHP Advanced Poll admin_help.php access || nessus,11487 || bugtraq,8890
2291 || WEB-PHP Advanced Poll admin_license.php access || nessus,11487 || bugtraq,8890
2292 || WEB-PHP Advanced Poll admin_logout.php access || nessus,11487 || bugtraq,8890
2293 || WEB-PHP Advanced Poll admin_password.php access || nessus,11487 || bugtraq,8890
2294 || WEB-PHP Advanced Poll admin_preview.php access || nessus,11487 || bugtraq,8890
2295 || WEB-PHP Advanced Poll admin_settings.php access || nessus,11487 || bugtraq,8890
2296 || WEB-PHP Advanced Poll admin_stats.php access || nessus,11487 || bugtraq,8890
2297 || WEB-PHP Advanced Poll admin_templates_misc.php access || nessus,11487 || bugtraq,8890
2298 || WEB-PHP Advanced Poll admin_templates.php access || nessus,11487 || bugtraq,8890
2299 || WEB-PHP Advanced Poll admin_tpl_misc_new.php access || nessus,11487 || bugtraq,8890
2300 || WEB-PHP Advanced Poll admin_tpl_new.php access || nessus,11487 || bugtraq,8890
2301 || WEB-PHP Advanced Poll booth.php access || nessus,11487 || bugtraq,8890
2302 || WEB-PHP Advanced Poll poll_ssi.php access || nessus,11487 || bugtraq,8890
2303 || WEB-PHP Advanced Poll popup.php access || nessus,11487 || bugtraq,8890
2304 || WEB-PHP files.inc.php access || bugtraq,8910
2305 || WEB-PHP chatbox.php access || bugtraq,8930
2306 || WEB-PHP gallery remote file include attempt || nessus,11876 || bugtraq,8814
2307 || WEB-PHP PayPal Storefront remote file include attemtp || nessus,11873 || bugtraq,8791
2308 || NETBIOS SMB DCERPC Workstation Service unicode bind attempt || url,www.microsoft.com/technet/security/bulletin/MS03-049.mspx || cve,2003-0812 || bugtraq,9011
2309 || NETBIOS SMB DCERPC Workstation Service bind attempt || url,www.microsoft.com/technet/security/bulletin/MS03-049.mspx || cve,2003-0812 || bugtraq,9011
2310 || NETBIOS SMB-DS DCERPC Workstation Service unicode bind attempt || url,www.microsoft.com/technet/security/bulletin/MS03-049.mspx || cve,2003-0812 || bugtraq,9011
2311 || NETBIOS SMB-DS DCERPC Workstation Service bind attempt || url,www.microsoft.com/technet/security/bulletin/MS03-049.mspx || cve,2003-0812 || bugtraq,9011
2312 || SHELLCODE x86 0x71FB7BAB NOOP
2313 || SHELLCODE x86 0x71FB7BAB NOOP unicode
2314 || SHELLCODE x86 0x90 NOOP unicode
2315 || NETBIOS DCERPC Workstation Service direct service bind attempt || url,www.microsoft.com/technet/security/bulletin/MS03-049.mspx || cve,2003-0812 || bugtraq,9011
2316 || NETBIOS DCERPC Workstation Service direct service access attempt || url,www.microsoft.com/technet/security/bulletin/MS03-049.mspx || cve,2003-0812 || bugtraq,9011
2317 || MISC CVS non-relative path error response || cve,2003-0977 || bugtraq,9178
2318 || MISC CVS non-relative path access attempt || cve,2003-0977 || bugtraq,9178
2319 || EXPLOIT ebola PASS overflow attempt || bugtraq,9156
2320 || EXPLOIT ebola USER overflow attempt || bugtraq,9156
2321 || WEB-IIS foxweb.exe access || nessus,11939
2322 || WEB-IIS foxweb.dll access || nessus,11939
2323 || WEB-CGI quickstore.cgi access || nessus,11975 || bugtraq,9282
2324 || WEB-IIS VP-ASP shopsearch.asp access || nessus,11942 || bugtraq,9134 || bugtraq,9133
2325 || WEB-IIS VP-ASP ShopDisplayProducts.asp access || nessus,11942 || bugtraq,9134 || bugtraq,9133
2326 || WEB-IIS sgdynamo.exe access || nessus,11955 || cve,2002-0375 || bugtraq,4720
2327 || WEB-MISC bsml.pl access || nessus,11973 || bugtraq,9311
2328 || WEB-PHP authentication_index.php access || nessus,11982 || cve,2004-0032
2329 || MS-SQL probe response overflow attempt || url,www.microsoft.com/technet/security/bulletin/MS04-003.mspx || cve,2003-0903 || bugtraq,9407
2330 || IMAP auth overflow attempt || bugtraq,8861
2331 || WEB-PHP MatrikzGB privilege escalation attempt || bugtraq,8430
2332 || FTP MKDIR format string attempt || bugtraq,9262
2333 || FTP RENAME format string attempt || bugtraq,9262
2334 || FTP Yak! FTP server default account login attempt || bugtraq,9072
2335 || FTP RMD / attempt || bugtraq,9159
2336 || TFTP NULL command attempt || bugtraq,7575
2337 || TFTP PUT filename overflow attempt || cve,2003-0380 || bugtraq,8505 || bugtraq,7819
2338 || FTP LIST buffer overflow attempt || bugtraq,9675 || bugtraq,8486 || bugtraq,10181
2339 || TFTP NULL command attempt || bugtraq,7575
2340 || FTP SITE CHMOD overflow attempt || nessus,12037 || bugtraq,9483 || bugtraq,10181
2341 || WEB-PHP DCP-Portal remote file include attempt || bugtraq,6525
2342 || WEB-PHP DCP-Portal remote file include attempt || bugtraq,6525
2343 || FTP STOR overflow attempt || bugtraq,8668
2344 || FTP XCWD overflow attempt || bugtraq,8704
2345 || WEB-PHP PhpGedView search.php access || cve,2004-0032 || bugtraq,9369
2346 || WEB-PHP myPHPNuke chatheader.php access || bugtraq,6544
2347 || WEB-PHP myPHPNuke partner.php access || bugtraq,6544
2348 || NETBIOS SMB-DS DCERPC print spool bind attempt
2349 || NETBIOS SMB-DS DCERPC enumerate printers request attempt
2350 || NETBIOS DCERPC ISystemActivator bind accept || url,www.microsoft.com/technet/security/bulletin/MS03-026.mspx || cve,2003-0352 || bugtraq,8205
2351 || NETBIOS DCERPC ISystemActivator path overflow attempt little endian || url,www.microsoft.com/technet/security/bulletin/MS03-026.mspx || cve,2003-0352 || bugtraq,8205
2352 || NETBIOS DCERPC ISystemActivator path overflow attempt big endian || url,www.microsoft.com/technet/security/bulletin/MS03-026.mspx || cve,2003-0352 || bugtraq,8205
2353 || WEB-PHP IdeaBox cord.php file include || bugtraq,7488
2354 || WEB-PHP IdeaBox notification.php file include || bugtraq,7488
2355 || WEB-PHP Invision Board emailer.php file include || bugtraq,7204
2356 || WEB-PHP WebChat db_mysql.php file include || bugtraq,7000
2357 || WEB-PHP WebChat english.php file include || bugtraq,7000
2358 || WEB-PHP Typo3 translations.php file include || bugtraq,6984
2359 || WEB-PHP Invision Board ipchat.php file include || bugtraq,6976
2360 || WEB-PHP myphpPagetool pt_config.inc file include || bugtraq,6744
2361 || WEB-PHP news.php file include || bugtraq,6674
2362 || WEB-PHP YaBB SE packages.php file include || bugtraq,6663
2363 || WEB-PHP Cyboards default_header.php access || bugtraq,6597
2364 || WEB-PHP Cyboards options_form.php access || bugtraq,6597
2365 || WEB-PHP newsPHP Language file include attempt || bugtraq,8488
2366 || WEB-PHP PhpGedView PGV authentication_index.php base directory manipulation attempt || cve,2004-0030 || bugtraq,9368
2367 || WEB-PHP PhpGedView PGV functions.php base directory manipulation attempt || cve,2004-0030 || bugtraq,9368
2368 || WEB-PHP PhpGedView PGV config_gedcom.php base directory manipulation attempt || cve,2004-0030 || bugtraq,9368
2369 || WEB-MISC ISAPISkeleton.dll access || bugtraq,9516
2370 || WEB-MISC BugPort config.conf file access || bugtraq,9542
2371 || WEB-MISC Sample_showcode.html access || bugtraq,9555
2372 || WEB-PHP Photopost PHP Pro showphoto.php access || bugtraq,9557
2373 || FTP XMKD overflow attempt || bugtraq,7909
2374 || FTP NLST overflow attempt || bugtraq,9675 || bugtraq,7909 || bugtraq,10184
2375 || BACKDOOR DoomJuice file upload attempt || url,securityresponse.symantec.com/avcenter/venc/data/w32.hllw.doomjuice.html
2376 || EXPLOIT ISAKMP first payload certificate request length overflow attempt || cve,2004-0040 || bugtraq,9582
2377 || EXPLOIT ISAKMP second payload certificate request length overflow attempt || cve,2004-0040 || bugtraq,9582
2378 || EXPLOIT ISAKMP third payload certificate request length overflow attempt || cve,2004-0040 || bugtraq,9582
2379 || EXPLOIT ISAKMP forth payload certificate request length overflow attempt || cve,2004-0040 || bugtraq,9582
2380 || EXPLOIT ISAKMP fifth payload certificate request length overflow attempt || cve,2004-0040 || bugtraq,9582
2381 || WEB-MISC schema overflow attempt || cve,2004-0039 || bugtraq,9581
2382 || NETBIOS SMB NTLMSSP invalid mechtype attempt || nessus,12052 || cve,2003-0818 || bugtraq,9635 || bugtraq,9633
2383 || NETBIOS SMB-DS DCERPC NTLMSSP invalid mechtype attempt || nessus,12052 || cve,2003-0818 || bugtraq,9635 || bugtraq,9633
2384 || NETBIOS SMB NTLMSSP invalid mechlistMIC attempt || nessus,12054 || nessus,12052 || cve,2003-0818 || bugtraq,9635 || bugtraq,9633
2385 || NETBIOS SMB-DS DCERPC NTLMSSP invalid mechlistMIC attempt || nessus,12054 || nessus,12052 || cve,2003-0818 || bugtraq,9635 || bugtraq,9633
2386 || WEB-IIS NTLM ASN.1 vulnerability scan attempt || nessus,12055 || nessus,12052 || cve,2003-0818 || bugtraq,9635 || bugtraq,9633
2387 || WEB-CGI view_broadcast.cgi access || cve,2003-0422 || bugtraq,8257
2388 || WEB-CGI streaming server view_broadcast.cgi access || cve,2003-0422 || bugtraq,8257
2389 || FTP RNTO overflow attempt || cve,2003-0466 || bugtraq,8315
2390 || FTP STOU overflow attempt || cve,2003-0466 || bugtraq,8315
2391 || FTP APPE overflow attempt || cve,2003-0466 || bugtraq,8315
2392 || FTP RETR overflow attempt || cve,2003-0466 || bugtraq,8315
2393 || WEB-PHP /_admin access || nessus,12032 || bugtraq,9537
2394 || WEB-MISC Compaq web-based management agent denial of service attempt || bugtraq,8014
2395 || WEB-MISC InteractiveQuery.jsp access || cve,2003-0624 || bugtraq,8938
2396 || WEB-CGI CCBill whereami.cgi arbitrary command execution attempt || bugtraq,8095
2397 || WEB-CGI CCBill whereami.cgi access || bugtraq,8095
2398 || WEB-PHP WAnewsletter newsletter.php file include attempt || bugtraq,6965
2399 || WEB-PHP WAnewsletter db_type.php access || bugtraq,6964
2400 || WEB-MISC edittag.pl access || bugtraq,6675
2401 || NETBIOS SMB Session Setup AndX request username overflow attempt || url,www.eeye.com/html/Research/Advisories/AD20040226.html || bugtraq,9752
2402 || NETBIOS SMB-DS Session Setup AndX request username overflow attempt || url,www.eeye.com/html/Research/Advisories/AD20040226.html || bugtraq,9752
2403 || NETBIOS SMB Session Setup AndX request unicode username overflow attempt || url,www.eeye.com/html/Research/Advisories/AD20040226.html || bugtraq,9752
2404 || NETBIOS SMB-DS Session Setup AndX request unicode username overflow attempt || url,www.eeye.com/html/Research/Advisories/AD20040226.html || bugtraq,9752
2405 || WEB-PHP phptest.php access || bugtraq,9737
2406 || TELNET APC SmartSlot default admin account attempt || bugtraq,9681
2407 || WEB-MISC util.pl access || bugtraq,9748
2408 || WEB-MISC Invision Power Board search.pl access || bugtraq,9766
2409 || POP3 APOP USER overflow attempt || bugtraq,9794
2410 || WEB-PHP IGeneric Free Shopping Cart page.php access || bugtraq,9773
2411 || WEB-MISC Real Server DESCRIBE buffer overflow attempt || url,www.service.real.com/help/faq/security/rootexploit091103.html || bugtraq,8476
2412 || ATTACK-RESPONSES successful cross site scripting forced download attempt
2413 || EXPLOIT ISAKMP delete hash with empty hash attempt || cve,2004-0164 || bugtraq,CAN-2004-0164 || bugtraq,9417 || bugtraq,9416
2414 || EXPLOIT ISAKMP initial contact notification without SPI attempt || cve,2004-0164 || bugtraq,CAN-2004-0164 || bugtraq,9417 || bugtraq,9416
2415 || EXPLOIT ISAKMP second payload initial contact notification without SPI attempt || cve,2004-0164 || bugtraq,CAN-2004-0164 || bugtraq,9417 || bugtraq,9416
2416 || FTP invalid MDTM command attempt
2417 || FTP format string attempt
2418 || MISC MS Terminal Server no encryption session initiation attmept || url,www.microsoft.com/technet/security/bulletin/MS01-052.mspx
2419 || MULTIMEDIA realplayer .ram playlist download attempt
2420 || MULTIMEDIA realplayer .rmp playlist download attempt
2421 || MULTIMEDIA realplayer .smi playlist download attempt
2422 || MULTIMEDIA realplayer .rt playlist download attempt
2423 || MULTIMEDIA realplayer .rp playlist download attempt
2424 || NNTP sendsys overflow attempt || cve,2004-00045 || bugtraq,9382
2425 || NNTP senduuname overflow attempt || cve,2004-00045 || bugtraq,9382
2426 || NNTP version overflow attempt || cve,2004-00045 || bugtraq,9382
2427 || NNTP checkgroups overflow attempt || cve,2004-00045 || bugtraq,9382
2428 || NNTP ihave overflow attempt || cve,2004-00045 || bugtraq,9382
2429 || NNTP sendme overflow attempt || cve,2004-00045 || bugtraq,9382
2430 || NNTP newgroup overflow attempt || cve,2004-00045 || bugtraq,9382
2431 || NNTP rmgroup overflow attempt || cve,2004-00045 || bugtraq,9382
2432 || NNTP article post without path attempt
2433 || WEB-CGI MDaemon form2raw.cgi overflow attempt || bugtraq,9317
2434 || WEB-CGI MDaemon form2raw.cgi access || bugtraq,9317
2435 || WEB-CLIENT Microsoft emf metafile access || bugtraq,9707
2436 || WEB-CLIENT Microsoft wmf metafile access || bugtraq,9707
2437 || WEB-CLIENT RealPlayer arbitrary javascript command attempt || cve,2003-0726 || bugtraq,9738 || bugtraq,8453
2438 || WEB-CLIENT RealPlayer playlist file URL overflow attempt || bugtraq,9579
2439 || WEB-CLIENT RealPlayer playlist http URL overflow attempt || bugtraq,9579
2440 || WEB-CLIENT RealPlayer playlist rtsp URL overflow attempt || bugtraq,9579
2441 || WEB-MISC NetObserve authentication bypass attempt || bugtraq,9319
2442 || WEB-MISC Quicktime User-Agent buffer overflow attempt || cve,2004-0169 || bugtraq,9735
2443 || EXPLOIT ICQ SRV_MULTI/SRV_META_USER first name overflow attempt || url,www.eeye.com/html/Research/Advisories/AD20040318.html
2444 || EXPLOIT ICQ SRV_MULTI/SRV_META_USER first name overflow attempt || url,www.eeye.com/html/Research/Advisories/AD20040318.html
2445 || EXPLOIT ICQ SRV_MULTI/SRV_META_USER last name overflow attempt || url,www.eeye.com/html/Research/Advisories/AD20040318.html
2446 || EXPLOIT ICQ SRV_MULTI/SRV_META_USER email overflow attempt || url,www.eeye.com/html/Research/Advisories/AD20040318.html
2447 || WEB-MISC ServletManager access || nessus,12122 || cve,2001-1195 || bugtraq,3697
2448 || WEB-MISC setinfo.hts access || nessus,12120 || bugtraq,9973
2449 || FTP ALLO overflow attempt || bugtraq,9953
2450 || CHAT Yahoo IM successful logon
2451 || CHAT Yahoo IM voicechat
2452 || CHAT Yahoo IM ping
2453 || CHAT Yahoo IM conference invitation
2454 || CHAT Yahoo IM conference logon success
2455 || CHAT Yahoo IM conference message
2456 || CHAT Yahoo IM file transfer request
2457 || CHAT Yahoo IM message
2458 || CHAT Yahoo IM successful chat join
2459 || CHAT Yahoo IM webcam offer invitation
2460 || CHAT Yahoo IM webcam request
2461 || CHAT Yahoo IM webcam watch
2462 || EXPLOIT IGMP IGAP account overflow attempt || cve,2004-0367 || cve,2004-0176 || cve, CAN-2004-0367 || bugtraq,9952
2463 || EXPLOIT IGMP IGAP message overflow attempt || cve,2004-0367 || cve,2004-0176 || cve, CAN-2004-0367 || bugtraq,9952
2464 || EXPLOIT EIGRP prefix length overflow attempt || cve,2004-0367 || cve,2004-0176 || cve, CAN-2004-0367 || bugtraq,9952
2465 || NETBIOS SMB-DS IPC$ share access
2466 || NETBIOS SMB-DS IPC$ share unicode access
2467 || NETBIOS SMB D$ share unicode access
2468 || NETBIOS SMB-DS D$ share access
2469 || NETBIOS SMB-DS D$ share unicode access
2470 || NETBIOS SMB C$ share unicode access
2471 || NETBIOS SMB-DS C$ share access
2472 || NETBIOS SMB-DS C$ share unicode access
2473 || NETBIOS SMB ADMIN$ share unicode access
2474 || NETBIOS SMB-DS ADMIN$ share access
2475 || NETBIOS SMB-DS ADMIN$ share unicode access
2476 || NETBIOS SMB-DS Create AndX Request winreg attempt
2477 || NETBIOS SMB-DS Create AndX Request winreg unicode attempt
2478 || NETBIOS SMB-DS DCERPC bind winreg attempt
2479 || NETBIOS SMB-DS DCERPC bind winreg unicode attempt
2480 || NETBIOS SMB-DS DCERPC shutdown unicode attempt
2481 || NETBIOS SMB-DS DCERPC shutdown unicode little endian attempt
2482 || NETBIOS SMB-DS DCERPC shutdown attempt
2483 || NETBIOS SMB-DS DCERPC shutdown little endian attempt
2484 || WEB-MISC source.jsp access || nessus,12119
2485 || WEB-CLIENT Nortan antivirus sysmspam.dll load attempt || cve,2004-0363 || bugtraq,9916
2486 || DOS ISAKMP invalid identification payload attempt || cve,2004-0184 || bugtraq,10004
2487 || SMTP WinZip MIME content-type buffer overflow || bugtraq,9758
2488 || SMTP WinZip MIME content-disposition buffer overflow || bugtraq,9758
2489 || EXPLOIT esignal STREAMQUOTE buffer overflow attempt || bugtraq,9978
2490 || EXPLOIT esignal SNAPQUOTE buffer overflow attempt || bugtraq,9978
2491 || NETBIOS SMB-DS DCERPC ISystemActivator unicode bind attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2003-0813 || bugtraq,8811
2492 || NETBIOS SMB DCERPC ISystemActivator bind attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2003-0813 || bugtraq,8811
2493 || NETBIOS SMB DCERPC ISystemActivator unicode bind attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2003-0813 || bugtraq,8811
2494 || NETBIOS DCEPRC ORPCThis request flood attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2003-0813 || bugtraq,8811
2495 || NETBIOS SMB DCEPRC ORPCThis request flood attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2003-0813 || bugtraq,8811
2496 || NETBIOS SMB-DS DCEPRC ORPCThis request flood attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2003-0813 || bugtraq,8811
2497 || IMAP SSLv3 invalid data version attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2004-0120 || bugtraq,10115
2498 || IMAP SSLv3 invalid timestamp attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2004-0120 || bugtraq,10115
2499 || MISC LDAP SSLv3 invalid timestamp attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2004-0120 || bugtraq,10115
2500 || MISC LDAP SSLv3 invalid data version attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx
2501 || POP3 SSLv3 invalid timestamp attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2004-0120 || bugtraq,10115
2502 || POP3 SSLv3 invalid data version attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2004-0120 || bugtraq,10115
2503 || SMTP SSLv3 invalid timestamp attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2004-0120 || bugtraq,10115
2504 || SMTP SSLv3 invalid data version attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2004-0120 || bugtraq,10115
2505 || WEB-MISC SSLv3 invalid data version attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2004-0120 || bugtraq,10115
2506 || WEB-MISC SSLv3 invalid timestamp attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2004-0120 || bugtraq,10115
2507 || NETBIOS DCERPC LSASS bind attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2003-0533 || bugtraq,10108
2508 || NETBIOS DCERPC LSASS DsRolerUpgradeDownlevelServer Exploit attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2003-0533 || bugtraq,10108
2509 || NETBIOS SMB DCERPC LSASS unicode bind attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2003-0533 || bugtraq,10108
2510 || NETBIOS SMB DCERPC LSASS bind attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2003-0533 || bugtraq,10108
2511 || NETBIOS SMB DCERPC LSASS DsRolerUpgradeDownlevelServer exploit attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2003-0533 || bugtraq,10108
2512 || NETBIOS SMB-DS DCERPC LSASS bind attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2003-0533 || bugtraq,10108
2513 || NETBIOS SMB-DS DCERPC LSASS unicode bind attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2003-0533 || bugtraq,10108
2514 || NETBIOS SMB-DS DCERPC LSASS DsRolerUpgradeDownlevelServer exploit attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2003-0533 || bugtraq,10108
2515 || WEB-MISC PCT Client_Hello overflow attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2003-0719 || bugtraq,10116
2516 || MISC LDAP PCT Client_Hello overflow attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2003-0719 || bugtraq,10116
2517 || IMAP PCT Client_Hello overflow attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2003-0719 || bugtraq,10116
2518 || PO3 PCT Client_Hello overflow attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2003-0719 || bugtraq,10116
2519 || SMTP Client_Hello overflow attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2003-0719 || bugtraq,10116
2520 || WEB-MISC SSLv3 Client_Hello request || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2004-0120
2521 || WEB-MISC SSLv3 Server_Hello request || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2004-0120
2522 || WEB-MISC SSLv3 invalid Client_Hello attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2004-0120
2523 || DOS BGP spoofed connection reset attempt || url,www.uniras.gov.uk/vuls/2004/236929/index.htm || cve,2004-0230 || bugtraq,10183
2524 || NETBIOS DCERPC LSASS direct bind attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2003-0533 || bugtraq,10108
2525 || NETBIOS SMB DCERPC LSASS direct bind attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2003-0533 || bugtraq,10108
2526 || NETBIOS SMB-DS DCERPC LSASS direct bind attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2003-0533 || bugtraq,10108
2527 || SMTP STARTTLS attempt
2528 || SMTP TLS PCT Client_Hello overflow attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2003-0719 || bugtraq,10116
2529 || IMAP SSLv3 Client_Hello request || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2004-0120
2530 || IMAP SSLv3 Server_Hello request || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2004-0120
2531 || IMAP SSLv3 invalid Client_Hello attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2004-0120
2532 || MISC LDAP SSLv3 Client_Hello request || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2004-0120
2533 || MISC LDAP SSLv3 Server_Hello request || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2004-0120
2534 || MISC LDAP SSLv3 invalid Client_Hello attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2004-0120
2535 || POP3 SSLv3 Client_Hello request || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2004-0120
2536 || POP3 SSLv3 Server_Hello request || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2004-0120
2537 || POP3 SSLv3 invalid Client_Hello attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2004-0120
2538 || SMTP SSLv3 Client_Hello request || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2004-0120
2539 || SMTP SSLv3 Server_Hello request || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2004-0120
2540 || SMTP SSLv3 invalid Client_Hello attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2004-0120
2541 || SMTP TLS SSLv3 invalid data version attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2004-0120 || bugtraq,10115
2542 || SMTP TLS SSLv3 Client_Hello request || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2004-0120
2543 || SMTP TLS SSLv3 Server_Hello request || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2004-0120
2544 || SMTP TLS SSLv3 invalid Client_Hello attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx || cve,2004-0120
2545 || EXPLOIT AFP FPLoginExt username buffer overflow attempt || url,www.atstake.com/research/advisories/2004/a050304-1.txt || cve,2004-0430 || bugtraq,10271
2546 || FTP MDTM overflow attempt || bugtraq,9751
2547 || MISC HP Web JetAdmin remote file upload attempt || bugtraq,9978
2548 || MISC HP Web JetAdmin setinfo access || bugtraq,9972
2549 || MISC HP Web JetAdmin file write attempt || bugtraq,9973
2550 || EXPLOIT winamp XM module name overflow || url,www.nextgenss.com/advisories/winampheap.txt
2551 || EXPLOIT Oracle Web Cache GET overflow attempt || cve,2004-0385 || bugtraq,9868
2552 || EXPLOIT Oracle Web Cache HEAD overflow attempt || cve,2004-0385 || bugtraq,9868
2553 || EXPLOIT Oracle Web Cache PUT overflow attempt || cve,2004-0385 || bugtraq,9868
2554 || EXPLOIT Oracle Web Cache POST overflow attempt || cve,2004-0385 || bugtraq,9868
2555 || EXPLOIT Oracle Web Cache TRACE overflow attempt || cve,2004-0385 || bugtraq,9868
2556 || EXPLOIT Oracle Web Cache DELETE overflow attempt || cve,2004-0385 || bugtraq,9868
2557 || EXPLOIT Oracle Web Cache LOCK overflow attempt || cve,2004-0385 || bugtraq,9868
2558 || EXPLOIT Oracle Web Cache MKCOL overflow attempt || cve,2004-0385 || bugtraq,9868
2559 || EXPLOIT Oracle Web Cache COPY overflow attempt || cve,2004-0385 || bugtraq,9868
2560 || EXPLOIT Oracle Web Cache MOVE overflow attempt || cve,2004-0385 || bugtraq,9868
2561 || MISC rsync backup-dir directory traversal attempt || cve,2004-0426 || bugtraq,10247
2562 || WEB-MISC McAfee ePO file upload attempt || cve,2004-0038 || bugtraq,10200
2563 || NETBIOS NS lookup response name overflow attempt || url,www.eeye.com/html/Research/Advisories/AD20040512A.html || cve,2004-0445 || cve,2004-0444 || bugtraq,10334 || bugtraq,10333
2564 || NETBIOS NS lookup short response attempt || url,www.eeye.com/html/Research/Advisories/AD20040512C.html || cve,2004-0445 || cve,2004-0444 || bugtraq,10335 || bugtraq,10334
2565 || WEB-PHP modules.php access || bugtraq,9879
2566 || WEB-PHP PHPBB viewforum.php access || bugtraq,9866
2567 || WEB-CGI Emumail init.emu access || bugtraq,9861
2568 || WEB-CGI Emumail emumail.fcgi access || bugtraq,9861
2569 || WEB-MISC cPanel resetpass access || bugtraq,9848
2570 || WEB-MISC Invalid HTTP Version String || nessus,11593 || bugtraq,9809
2571 || WEB-IIS SmarterTools SmarterMail frmGetAttachment.aspx access || bugtraq,9805
2572 || WEB-IIS SmarterTools SmarterMail login.aspx buffer overflow attempt || bugtraq,9805
2573 || WEB-IIS SmarterTools SmarterMail frmCompose.asp access || bugtraq,9805
2574 || FTP RETR format string attempt || bugtraq,9800
2575 || WEB-PHP Opt-X header.php remote file include attempt || bugtraq,9732
2576 || ORACLE generate_replication_support prefix overflow attempt
2577 || WEB-CLIENT local resource redirection attempt || url,www.kb.cert.org/vuls/id/713878 || cve,2004-0549