Daily Ruleset Update Summary 2017/07/12

[***]            Summary:            [***]

6 new Open, 21 new Pro (6 + 15). Winnti-related DNS, LockPOS, Ovidiy Stealer, Various Phishing, Various Mobile.

[+++]          Added rules:          [+++]

Open:

2024456 - ET TROJAN Possible Winnti-related DNS Lookup (vps2java .securitytactics .com) (trojan.rules)
2024457 - ET TROJAN Possible Winnti-related DNS Lookup (job .yoyakuweb .technology) (trojan.rules)
2024458 - ET TROJAN Possible Winnti-related DNS Lookup (resume .immigrantlol .com) (trojan.rules)
2024459 - ET TROJAN Possible Winnti-related DNS Lookup (macos .exoticlol .com) (trojan.rules)
2024460 - ET TROJAN Possible Winnti-related DNS Lookup (css .google-statics .com) (trojan.rules)
2024461 - ET TROJAN LockPOS CnC (trojan.rules)

Pro:

2827107 - ETPRO TROJAN Cmstar/Meciv related Stage2 SSL Cert (trojan.rules)
2827108 - ETPRO TROJAN Unknown Implant CnC Beacon (trojan.rules)
2827109 - ETPRO TROJAN Unknown Win32/Go Implant CnC Beacon 1 (trojan.rules)
2827110 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 175 (mobile_malware.rules)
2827111 - ETPRO MOBILE_MALWARE Android/Spy.SmsSpy.JX CnC Beacon (mobile_malware.rules)
2827112 - ETPRO MOBILE_MALWARE Android/Spy.SmsSpy.JX Download (mobile_malware.rules)
2827113 - ETPRO TROJAN Observed DNS Query to Ovidiy Stealer CnC Domain (trojan.rules)
2827114 - ETPRO TROJAN MSIL/Ovidiy Stealer CnC Checkin (trojan.rules)
2827115 - ETPRO TROJAN MSIL/Ovidiy Stealer Reporting Passwords (trojan.rules)
2827116 - ETPRO MOBILE_MALWARE Android/TrojanDropper.Agent.BCS Checkin (mobile_malware.rules)
2827117 - ETPRO TROJAN Zeus Panda Banker Malicious SSL Certificate Detected (trojan.rules)
2827118 - ETPRO TROJAN Volk-Botnet Downloader Retrieving Payload (trojan.rules)
2827119 - ETPRO TROJAN Volk-Botnet Downloader User-Agent Observed (hackThemAll) (trojan.rules)
2827120 - ETPRO TROJAN Volk-Botnet Downloader User-Agent Observed (wininet_test) (trojan.rules)
2827121 - ETPRO TROJAN Unknown Downloader DNS Query (trojan.rules)

[///]     Modified active rules:     [///]

2014726 - ET POLICY Outdated Flash Version M1 (policy.rules)
2021692 - ET CURRENT_EVENTS Possible Successful Generic Phish - Credit Card (current_events.rules)
2021693 - ET CURRENT_EVENTS Possible Successful Generic Phish - Three Security Questions (current_events.rules)
2021890 - ET CURRENT_EVENTS Successful Phish Outlook Credentials Oct 1 (current_events.rules)
2023045 - ET CURRENT_EVENTS Excel Online Phishing Landing Aug 9 (current_events.rules)
2023047 - ET CURRENT_EVENTS Adobe Shared Document Phishing Landing Nov 19 2015 (current_events.rules)
2024379 - ET POLICY Outdated Flash Version M2 (policy.rules)
2024420 - ET TROJAN MalDoc Retrieving Malicious Payload (Possibly Ursnif) (trojan.rules)
2821870 - ETPRO CURRENT_EVENTS Successful Adobe Shared Document Phish Aug 26 2016 (current_events.rules)
2821964 - ETPRO CURRENT_EVENTS Successful Generic Epass Phish Aug 31 2016 (current_events.rules)
2823362 - ETPRO CURRENT_EVENTS Successful Generic Webmail Phish M1 Nov 18 2016 (current_events.rules)
2823572 - ETPRO CURRENT_EVENTS Successful Generic Webmail Phish Dec 02 2016 (current_events.rules)
2824356 - ETPRO CURRENT_EVENTS Successful Generic Webmail Phish Jan 11 2017 (current_events.rules)
2824384 - ETPRO CURRENT_EVENTS Successful Personalized Generic Webmail Phish M1 Jan 11 2017 (current_events.rules)
2824469 - ETPRO CURRENT_EVENTS Successful Generic Mailbox Validation Phish Jan 17 2017 (current_events.rules)
2824521 - ETPRO CURRENT_EVENTS Successful Generic Mailbox Upgrade Phish Jan 19 2017 (current_events.rules)
2824532 - ETPRO CURRENT_EVENTS Successful Generic Webmail Phish Jan 19 2017 (current_events.rules)
2824662 - ETPRO CURRENT_EVENTS Successful Generic Webmail Phish Jan 26 2017 (current_events.rules)
2824726 - ETPRO CURRENT_EVENTS Successful Generic Mailbox Update Phish Jan 31 2017 (current_events.rules)
2825010 - ETPRO CURRENT_EVENTS Successful Generic Personalized Email Phish Feb 16 2017 (current_events.rules)
2826518 - ETPRO TROJAN DNS Query matching Cerber Domain Format (trojan.rules)

[---]  Disabled and modified rules:  [---]

2023046 - ET CURRENT_EVENTS Successful Generic Excel Online Phish Aug 9 (current_events.rules)
2023048 - ET CURRENT_EVENTS Successful Generic Adobe Shared Document Phish Aug 11 2016 (current_events.rules)
2813017 - ETPRO CURRENT_EVENTS Successful Generic Unlock PDF Phish Sept 14 (current_events.rules)
2821036 - ETPRO CURRENT_EVENTS Successful Generic Email Account Phish Jul 11 M1 (current_events.rules)
2821238 - ETPRO CURRENT_EVENTS Successful Generic Webmail Login Phish Jul 20 (current_events.rules)
2822848 - ETPRO CURRENT_EVENTS Successful Generic Phish (Observed in Apple/Paypal/Amazon Campaigns) M1 Oct 25 2016 (current_events.rules)

[---]         Disabled rules:        [---]

2004552 - ET WEB_SPECIFIC_APPS phpPgAdmin XSS Attempt -- sqledit.php server (web_specific_apps.rules)
2004554 - ET WEB_SPECIFIC_APPS HLstats XSS Attempt -- hlstats.php authusername (web_specific_apps.rules)
2004555 - ET WEB_SPECIFIC_APPS HLstats XSS Attempt -- hlstats.php authpassword (web_specific_apps.rules)
2004556 - ET WEB_SERVER Cisco CallManager XSS Attempt serverlist.asp pattern (web_server.rules)
2004557 - ET WEB_SPECIFIC_APPS @Mail XSS Attempt -- ReadMsg.php (web_specific_apps.rules)
2004558 - ET WEB_SPECIFIC_APPS Track+ XSS Attempt -- reportItem.do projId (web_specific_apps.rules)
2004559 - ET WEB_SPECIFIC_APPS CactuSoft Parodia XSS Attempt -- cand_login.asp strJobIDs (web_specific_apps.rules)
2004560 - ET WEB_SPECIFIC_APPS HLstats XSS Attempt -- hlstats.php (web_specific_apps.rules)
2004561 - ET WEB_SPECIFIC_APPS HLstats XSS Attempt -- hlstats.php action (web_specific_apps.rules)
2004562 - ET WEB_SPECIFIC_APPS Gnatsweb and Gnats XSS Attempt -- gnatsweb.pl database (web_specific_apps.rules)
2004563 - ET WEB_SPECIFIC_APPS GaliX XSS Attempt -- index.php galix_cat_detail (web_specific_apps.rules)
2004564 - ET WEB_SPECIFIC_APPS GaliX XSS Attempt -- index.php galix_gal_detail (web_specific_apps.rules)
2004565 - ET WEB_SPECIFIC_APPS GaliX XSS Attempt -- index.php galix_cat_detail_sort (web_specific_apps.rules)
2004566 - ET WEB_SPECIFIC_APPS ClientExec (CE) XSS Attempt -- index.php ticketID (web_specific_apps.rules)
2004567 - ET WEB_SPECIFIC_APPS ClientExec (CE) XSS Attempt -- index.php view (web_specific_apps.rules)
2004568 - ET WEB_SPECIFIC_APPS ClientExec (CE) XSS Attempt -- index.php fuse (web_specific_apps.rules)
2004569 - ET WEB_SPECIFIC_APPS CandyPress Store XSS Attempt -- prodList.asp brand (web_specific_apps.rules)
2004570 - ET WEB_SPECIFIC_APPS CandyPress Store XSS Attempt -- prodList.asp Msg (web_specific_apps.rules)
2004571 - ET WEB_SPECIFIC_APPS RM EasyMail Plus XSS Attempt -- Login d (web_specific_apps.rules)
2004572 - ET WEB_SPECIFIC_APPS Jetbox CMS XSS Attempt -- index.php login (web_specific_apps.rules)
2004573 - ET WEB_SPECIFIC_APPS VP-ASP Shopping Cart XSS Attempt -- shopcontent.asp type (web_specific_apps.rules)
2004574 - ET WEB_SPECIFIC_APPS WikyBlog XSS Attempt sessionRegister.php (web_specific_apps.rules)
2004575 - ET WEB_SPECIFIC_APPS Tomcat XSS Attempt -- hello.jsp test (web_specific_apps.rules)
2004576 - ET WEB_SPECIFIC_APPS Invision Power Board XSS Attempt -- module_bbcodeloader.php (web_specific_apps.rules)
2004577 - ET WEB_SPECIFIC_APPS Invision Power Board XSS Attempt -- module_div.php (web_specific_apps.rules)
2004578 - ET WEB_SPECIFIC_APPS Invision Power Board XSS Attempt -- module_email.php (web_specific_apps.rules)
2004579 - ET WEB_SPECIFIC_APPS Invision Power Board XSS Attempt -- module_image.php (web_specific_apps.rules)
2004580 - ET WEB_SPECIFIC_APPS Invision Power Board XSS Attempt -- module_link.php (web_specific_apps.rules)
2004581 - ET WEB_SPECIFIC_APPS Invision Power Board XSS Attempt -- module_table.php editorid (web_specific_apps.rules)
2004582 - ET WEB_SPECIFIC_APPS Particle Gallery XSS Attempt -- search.php order (web_specific_apps.rules)
2004583 - ET WEB_SPECIFIC_APPS BoastMachine XSS Attempt -- index.php blog (web_specific_apps.rules)
2004584 - ET WEB_SPECIFIC_APPS DGNews XSS Attempt -- footer.php copyright (web_specific_apps.rules)
2004585 - ET WEB_SPECIFIC_APPS DGNews XSS Attempt -- news.php catid (web_specific_apps.rules)
2004586 - ET WEB_SPECIFIC_APPS GMTT Music Distro XSS Attempt -- showown.php st (web_specific_apps.rules)
2004587 - ET WEB_SPECIFIC_APPS PsychoStats XSS Attempt -- awards.php (web_specific_apps.rules)
2004588 - ET WEB_SPECIFIC_APPS PsychoStats XSS Attempt -- login.php (web_specific_apps.rules)
2004589 - ET WEB_SPECIFIC_APPS PsychoStats XSS Attempt -- register.php (web_specific_apps.rules)
2004590 - ET WEB_SPECIFIC_APPS PsychoStats XSS Attempt -- weapons.php (web_specific_apps.rules)
2004591 - ET WEB_SPECIFIC_APPS ClonusWiki XSS Attempt -- index.php query (web_specific_apps.rules)
2004592 - ET WEB_SPECIFIC_APPS Jelsoft vBulletin XSS Attempt -- calendar.php (web_specific_apps.rules)
2004593 - ET WEB_SPECIFIC_APPS Dokeos XSS Attempt -- editor.php img (web_specific_apps.rules)
2004594 - ET WEB_SPECIFIC_APPS ASP-Nuke XSS Attempt -- news.asp id (web_specific_apps.rules)
2004595 - ET WEB_SPECIFIC_APPS Digirez XSS Attempt -- info_book.asp Room_name (web_specific_apps.rules)
2004596 - ET WEB_SPECIFIC_APPS Digirez XSS Attempt -- week.asp curYear (web_specific_apps.rules)
2800507 - ETPRO ACTIVEX EMC Captiva QuickScan Pro KeyHelp ActiveX Control Buffer Overflow (activex.rules)
2800508 - ETPRO ACTIVEX HP LoadRunner XUpload.ocx ActiveX Control Arbitrary File Download (activex.rules)
2800509 - ETPRO ACTIVEX HP LoadRunner XUpload.ocx ActiveX Control Arbitrary File Download (activex.rules)
2800510 - ETPRO EXPLOIT Novell NetWare NFS Portmapper RPC Module Stack Overflow (exploit.rules)
2800511 - ETPRO EXPLOIT Novell NetWare NFS Portmapper RPC Module Stack Overflow UDP (exploit.rules)
2800512 - ETPRO ACTIVEX EMC Captiva PixTools Distributed Imaging ActiveX Control File Creation (activex.rules)
2800513 - ETPRO ACTIVEX EMC Captiva PixTools Distributed Imaging ActiveX Control File Creation (activex.rules)
2800514 - ETPRO WEB_CLIENT IBM Informix Client SDK NFX File Processing Stack Buffer Overflow (web_client.rules)
2800515 - ETPRO WEB_CLIENT IBM Informix Client SDK NFX File Processing Stack Buffer Overflow (web_client.rules)
2800516 - ETPRO WEB_CLIENT Adobe Acrobat and Adobe Reader Deflate Parameter Integer Overflow 1 (web_client.rules)
2800517 - ETPRO WEB_CLIENT Adobe Acrobat and Adobe Reader Deflate Parameter Integer Overflow 2 (web_client.rules)
2800518 - ETPRO NETBIOS Microsoft Windows SMBv2 Infinite Loop Denial of Service (netbios.rules)
2800519 - ETPRO NETBIOS Microsoft Windows SMBv2 Infinite Loop Denial of Service (netbios.rules)
2800523 - ETPRO WEB_CLIENT Xpdf Splash DrawImage Integer Overflow (web_client.rules)
2800524 - ETPRO WEB_CLIENT Xpdf Splash DrawImage Integer Overflow (web_client.rules)
2800525 - ETPRO DOS EMC RepliStor rep_srv and ctrlservice Denial of Service 1 (dos.rules)
2800526 - ETPRO DOS EMC RepliStor rep_srv and ctrlservice Denial of Service 2 (dos.rules)
2800527 - ETPRO ACTIVEX Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow 1 (activex.rules)
2800528 - ETPRO ACTIVEX Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow 2 (activex.rules)
2800529 - ETPRO EXPLOIT HP Operations Manager Server Unauthorized File Upload (exploit.rules)
2800530 - ETPRO ACTIVEX Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow 1 (activex.rules)
2800531 - ETPRO ACTIVEX Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow 2 (activex.rules)
2800532 - ETPRO EXPLOIT Novell eDirectory NDS Verb 0x01 Integer Overflow (exploit.rules)
2800533 - ETPRO EXPLOIT Novell eDirectory NDS Verb 0x01 Integer Overflow UDP (exploit.rules)
2800534 - ETPRO DOS Multiple Vendors NTP Mode 7 Denial of Service (dos.rules)
2800535 - ETPRO EXPLOIT HP OpenView Network Node Manager snmp.exe Oid Variable Buffer Overflow (exploit.rules)
2800537 - ETPRO WEB_SERVER Sun Java System Web Server WEBDAV Stack Buffer Overflow PROPFIND (web_server.rules)
2800539 - ETPRO WEB_SERVER Sun Java System Web Server WEBDAV Stack Buffer Overflow PROPPATCH (web_server.rules)
2800540 - ETPRO SQL Oracle TimesTen In-Memory Database HTTP Request Denial of Service (sql.rules)
2800541 - ETPRO WEB_SERVER Sun Java System Web Server Digest Authorization Buffer Overflow (web_server.rules)
2800550 - ETPRO EXPLOIT IBM Cognos Server Backdoor Account Remote Code Execution (exploit.rules)
2800552 - ETPRO EXPLOIT Microsoft Windows2000 Media Services Stack Buffer Overflow 1 (exploit.rules)
2800553 - ETPRO EXPLOIT Microsoft Windows2000 Media Services Stack Buffer Overflow 2 (exploit.rules)
2800554 - ETPRO DOS Microsoft Windows SMTP Service MX Record Denial Of Service (dos.rules)
2800559 - ETPRO EXPLOIT RealVNC VNC Server ClientCutText Message Memory Corruption (exploit.rules)
2800563 - ETPRO EXPLOIT HP OpenView Network Node Manager ovet_demandpoll.exe Format String Code Execution (exploit.rules)
2800564 - ETPRO EXPLOIT HP OpenView Network Node Manager netmon.exe Stack Buffer Overflow (exploit.rules)
2800568 - ETPRO WEB_SERVER HP Performance Manager Apache Tomcat Policy Bypass (web_server.rules)
2800573 - ETPRO WEB_SERVER Microsoft IIS Directory Authentication Security Bypass (web_server.rules)
2800574 - ETPRO ACTIVEX Microsoft Access ActiveX Control Code Execution1  (activex.rules)
2800575 - ETPRO ACTIVEX Microsoft Access ActiveX Control Code Execution 2 (activex.rules)
2800578 - ETPRO SMTP Ipswitch IMail Server List Mailer Reply-To Address Buffer Overflow (smtp.rules)
2800579 - ETPRO SMTP Ipswitch IMail Server Mailing List Message Subject Buffer Overflow (smtp.rules)
2800580 - ETPRO IMAP Novell GroupWise Internet Agent IMAP Service Stack Buffer Overflow (imap.rules)
2800581 - ETPRO EXPLOIT HP OpenView Network Node Manager webappmon.exe execvp_nc Buffer Overflow (exploit.rules)
2800582 - ETPRO WEB_SERVER Novell Teaming ajaxUploadImageFile Remote Code Execution (web_server.rules)
2800583 - ETPRO ACTIVEX Yahoo Messenger ActiveX Control Command Execution (activex.rules)
2800585 - ETPRO EXPLOIT Symantec Alert Management System HNDLRSVC Arbitrary Command Execution (exploit.rules)
2800587 - ETPRO SQL Oracle WebLogic Server Node Manager Command Execution (sql.rules)
2800589 - ETPRO EXPLOIT IBM Informix Dynamic Server librpc.dll Multiple Buffer Overflow 1 (exploit.rules)
2800590 - ETPRO EXPLOIT IBM Informix Dynamic Server librpc.dll Multiple Buffer Overflow 2 (exploit.rules)
2800591 - ETPRO EXPLOIT IBM Informix Dynamic Server librpc.dll Multiple Buffer Overflow 3 (exploit.rules)
2800592 - ETPRO EXPLOIT Multiple Vendors librpc.dll Stack Buffer Overflow (exploit.rules)
2800593 - ETPRO EXPLOIT Multiple Vendors librpc.dll Stack Buffer Overflow (exploit.rules)
2800594 - ETPRO FTP Novell Netware FTP Server Remote Stack Buffer Overflow 1 (ftp.rules)
2800595 - ETPRO FTP Novell Netware FTP Server Remote Stack Buffer Overflow 2 (ftp.rules)
2800597 - ETPRO WEB_CLIENT Apple QuickTime FlashPix Movie File Integer Overflow (web_client.rules)
2800599 - ETPRO TROJAN Win32.Conficker.C Activity (FTP download) (trojan.rules)
2800655 - ETPRO DOS Microsoft Windows Active Directory LDAP SearchRequest Denial of Service Attempt 1 (dos.rules)
2800656 - ETPRO DOS Microsoft Windows Active Directory LDAP SearchRequest Denial of Service Attempt 2 (dos.rules)
2800657 - ETPRO DOS Microsoft Windows Active Directory LDAP SearchRequest Denial of Service Attempt 3 (dos.rules)
2800658 - ETPRO DOS Oracle Internet Directory Pre-Authentication LDAP Denial of Service Attempt (dos.rules)
2800663 - ETPRO WEB_CLIENT IBM Lotus Expeditor cai URI Handler Command Execution (web_client.rules)
2800664 - ETPRO WEB_CLIENT VideoLAN VLC Media Player WAV Processing Integer Overflow (web_client.rules)
2800665 - ETPRO EXPLOIT CA BrightStor ARCserve Backup caloggerd Opcode 79 Stack Buffer Overflow (exploit.rules)
2800666 - ETPRO EXPLOIT Borland Software InterBase ibserver.exe Service Attach Request Buffer Overflow (exploit.rules)
2800669 - ETPRO EXPLOIT HP StorageWorks Storage Mirroring Double Take Service Code Execution 1 (exploit.rules)
2800670 - ETPRO EXPLOIT HP StorageWorks Storage Mirroring Double Take Service Code Execution 2 (exploit.rules)
2800671 - ETPRO EXPLOIT HP StorageWorks Storage Mirroring Double Take Service Code Execution 3 (exploit.rules)
2800672 - ETPRO EXPLOIT HP StorageWorks Storage Mirroring Double Take Service Code Execution 4 (exploit.rules)
2800673 - ETPRO EXPLOIT HP StorageWorks Storage Mirroring Double Take Service Code Execution 5 (exploit.rules)
2800674 - ETPRO EXPLOIT HP StorageWorks Storage Mirroring Double Take Service Code Execution 6 (exploit.rules)
2800675 - ETPRO EXPLOIT HP StorageWorks Storage Mirroring Double Take Service Code Execution 7 (exploit.rules)
2800676 - ETPRO EXPLOIT HP StorageWorks Storage Mirroring Double Take Service Code Execution 8 (exploit.rules)
2800677 - ETPRO EXPLOIT HP StorageWorks Storage Mirroring Double Take Service Code Execution 9 (exploit.rules)
2800678 - ETPRO EXPLOIT HP StorageWorks Storage Mirroring Double Take Service Code Execution 10 (exploit.rules)
2800679 - ETPRO EXPLOIT HP StorageWorks Storage Mirroring Double Take Service Code Execution 11 (exploit.rules)
2800680 - ETPRO EXPLOIT HP StorageWorks Storage Mirroring Double Take Service Code Execution 12 (exploit.rules)
2800686 - ETPRO EXPLOIT Sun Directory Server LDAP Denial of Service or Known Exploit Trigger (exploit.rules)
2800692 - ETPRO EXPLOIT Trend Micro ServerProtect RPC ENG_SetRealTimeScanConfigInfo Buffer Overflow (exploit.rules)
2800693 - ETPRO EXPLOIT Trend Micro ServerProtect RPC ENG_SetRealTimeScanConfigInfo Buffer Overflow (exploit.rules)
2800695 - ETPRO EXPLOIT Microsoft Excel Embedded Shockwave Flash Object Code Execution within xls (exploit.rules)
2800697 - ETPRO EXPLOIT Microsoft Word mso.dll LsCreateLine Memory Corruption (Published Exploit) (exploit.rules)
2800700 - ETPRO EXPLOIT avast! Antivirus ACE File Handling Buffer Overflow (exploit.rules)
2800702 - ETPRO EXPLOIT Nullsoft Winamp Midi File Header Handling Buffer Overflow (Published Exploit) (exploit.rules)
2800705 - ETPRO EXPLOIT Microsoft Outlook iCal Meeting Request Malformed VEVENT Record Dereference Memory Corruption (exploit.rules)
2800707 - ETPRO EXPLOIT Oracle Database Server Login Access Control Bypass (exploit.rules)
2800709 - ETPRO WEB_CLIENT Apple QuickTime RTSP URL Buffer Overflow (web_client.rules)
2800711 - ETPRO WEB_CLIENT Apple QuickTime RTSP URL Buffer Overflow (web_client.rules)
2800716 - ETPRO EXPLOIT IBM Tivoli Directory Server LDAP Buffer Overflow (exploit.rules)
2800717 - ETPRO EXPLOIT HP Mercury Multiple Products Agent Command Processing Buffer Overflow (exploit.rules)
2800718 - ETPRO EXPLOIT CA BrightStor ARCserve Backup Media Server SUN RPC Denial of Service (exploit.rules)
2800719 - ETPRO EXPLOIT Apache HTTP Server mod_rewrite Module LDAP Scheme Handling Buffer Overflow (exploit.rules)
2800730 - ETPRO EXPLOIT Trend Micro ServerProtect Crafted RPC Call CMON_NetTestConnection Buffer Overflow (exploit.rules)
2800731 - ETPRO EXPLOIT Trend Micro ServerProtect Crafted RPC Call CMON_NetTestConnection Buffer Overflow (exploit.rules)
2800739 - ETPRO WEB_CLIENT Microsoft Internet Explorer 7 Navigation Canceled Page Cross-Site Scripting (web_client.rules)
2800740 - ETPRO EXPLOIT CA BrightStor ARCserve Backup Media Server SUN-RPC Procedure 191 Code Execution (Published Exploit) (exploit.rules)
2800741 - ETPRO EXPLOIT CA BrightStor ARCserve Backup Media Server SUN-RPC Procedure 191 Code Execution (Published Exploit) (exploit.rules)
2800742 - ETPRO EXPLOIT Symantec pcAnywhere Buffer Overflow (exploit.rules)
2800743 - ETPRO ACTIVEX Microsoft Internet Explorer daxctle.ocx KeyFrame Method Memory Corruption (activex.rules)
2800745 - ETPRO ACTIVEX Citrix Presentation Server Client ActiveX Control Buffer Overflow (activex.rules)
2800746 - ETPRO ACTIVEX Citrix Presentation Server Client ActiveX Control (via Citrix.ICAClient) Buffer Overflow (activex.rules)
2800789 - ETPRO WEB_CLIENT VideoLAN VLC Media Player RealText File Buffer Overflow 2 (web_client.rules)
2800791 - ETPRO EXPLOIT Atrium Mercur IMAP Remote Buffer Overflow (exploit.rules)
2800792 - ETPRO EXPLOIT MailEnable IMAP STATUS Command Buffer Overflow (exploit.rules)

Date: 
Wednesday, July 12, 2017 - 00:00