Executive Summary

Informations
Name CVE-2008-1447 First vendor Publication 2008-07-08
Vendor Cve Last vendor Modification 2013-05-14

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:P/A:P)
Cvss Base Score 6.4 Attack Range Network
Cvss Impact Score 4.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:9627
 
Oval ID: oval:org.mitre.oval:def:9627
Title: The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."
Description: The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."
Family: unix Class: vulnerability
Reference(s): CVE-2008-1447
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8092
 
Oval ID: oval:org.mitre.oval:def:8092
Title: DSA-1603 bind9 -- DNS cache poisoning
Description: Dan Kaminsky discovered that properties inherent to the DNS protocol lead to practical DNS cache poisoning attacks. Among other things, successful attacks can lead to misdirected web traffic and email rerouting. This update changes Debian's BIND 9 packages to implement the recommended countermeasure: UDP query source port randomization. This change increases the size of the space from which an attacker has to guess values in a backwards-compatible fashion and makes successful attacks significantly more difficult. Note that this security update changes BIND network behavior in a fundamental way, and the following steps are recommended to ensure a smooth upgrade. 1. Make sure that your network configuration is compatible with source port randomization. If you guard your resolver with a stateless packet filter, you may need to make sure that no non-DNS services listen on the 1024--65535 UDP port range and open it at the packet filter. For instance, packet filters based on etch's Linux 2.6.18 kernel only support stateless filtering of IPv6 packets, and therefore pose this additional difficulty. (If you use IPv4 with iptables and ESTABLISHED rules, networking changes are likely not required.) 2. Install the BIND 9 upgrade, using "apt-get update" followed by "apt-get install bind9". Verify that the named process has been restarted and answers recursive queries. (If all queries result in timeouts, this indicates that networking changes are necessary; see the first step.) 3. Verify that source port randomization is active. Check that the /var/log/daemon.log file does not contain messages of the following form right after the "listening on IPv6 interface" and "listening on IPv4 interface" messages logged by BIND upon startup. If these messages are present, you should remove the indicated lines from the configuration, or replace the port numbers contained within them with "*" sign (e.g., replace "port 53" with "port *"). For additional certainty, use tcpdump or some other network monitoring tool to check for varying UDP source ports. If there is a NAT device in front of your resolver, make sure that it does not defeat the effect of source port randomization. 4. If you cannot activate source port randomization, consider configuring BIND 9 to forward queries to a resolver which can, possibly over a VPN such as OpenVPN to create the necessary trusted network link. (Use BIND's forward-only mode in this case.) Other caching resolvers distributed by Debian (PowerDNS, MaraDNS, Unbound) already employ source port randomization, and no updated packages are needed. BIND 9.5 up to and including version 1:9.5.0.dfsg-4 only implements a weak form of source port randomization and needs to be updated as well. For information on BIND 8, see DSA-1604-1, and for the status of the libc stub resolver, see DSA-1605-1. The updated bind9 packages contain changes originally scheduled for the next stable point release, including the changed IP address of L.ROOT-SERVERS.NET (Debian bug #449148).
Family: unix Class: patch
Reference(s): DSA-1603
CVE-2008-1447
Version: 3
Platform(s): Debian GNU/Linux 4.0
Product(s): bind9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7660
 
Oval ID: oval:org.mitre.oval:def:7660
Title: DSA-1617 refpolicy -- incompatible policy
Description: In DSA-1603-1, Debian released an update to the BIND 9 domain name server, which introduced UDP source port randomization to mitigate the threat of DNS cache poisoning attacks (identified by the Common Vulnerabilities and Exposures project as CVE-2008-1447). The fix, while correct, was incompatible with the version of SELinux Reference Policy shipped with Debian Etch, which did not permit a process running in the named_t domain to bind sockets to UDP ports other than the standard "domain" port (53). The incompatibility affects both the "targeted" and "strict" policy packages supplied by this version of refpolicy. This update to the refpolicy packages grants the ability to bind to arbitrary UDP ports to named_t processes. When installed, the updated packages will attempt to update the bind policy module on systems where it had been previously loaded and where the previous version of refpolicy was 0.0.20061018-5 or below. Because the Debian refpolicy packages are not yet designed with policy module upgradeability in mind, and because SELinux-enabled Debian systems often have some degree of site-specific policy customization, it is difficult to assure that the new bind policy can be successfully upgraded. To this end, the package upgrade will not abort if the bind policy update fails. The new policy module can be found at /usr/share/selinux/refpolicy-targeted/bind.pp after installation. Administrators wishing to use the bind service policy can reconcile any policy incompatibilities and install the upgrade manually thereafter. A more detailed discussion of the corrective procedure may be found on http://wiki.debian.org/SELinux/Issues/BindPortRandomization. For the stable distribution (etch), this problem has been fixed in version 0.0.20061018-5.1+etch1. The unstable distribution (sid) is not affected, as subsequent refpolicy releases have incorporated an analogous change. We recommend that you upgrade your refpolicy packages.
Family: unix Class: patch
Reference(s): DSA-1617
CVE-2008-1447
Version: 3
Platform(s): Debian GNU/Linux 4.0
Product(s): refpolicy
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7531
 
Oval ID: oval:org.mitre.oval:def:7531
Title: DSA-1623 dnsmasq -- DNS cache poisoning
Description: Dan Kaminsky discovered that properties inherent to the DNS protocol lead to practical DNS cache poisoning attacks. Among other things, successful attacks can lead to misdirected web traffic and email rerouting. This update changes Debian's dnsmasq packages to implement the recommended countermeasure: UDP query source port randomization. This change increases the size of the space from which an attacker has to guess values in a backwards-compatible fashion and makes successful attacks significantly more difficult. This update also switches the random number generator to Dan Bernstein's SURF.
Family: unix Class: patch
Reference(s): DSA-1623
CVE-2008-1447
Version: 3
Platform(s): Debian GNU/Linux 4.0
Product(s): dnsmasq
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5917
 
Oval ID: oval:org.mitre.oval:def:5917
Title: Security Vulnerability in the DNS Protocol May Lead to DNS Cache Poisoning
Description: The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."
Family: unix Class: vulnerability
Reference(s): CVE-2008-1447
Version: 1
Platform(s): Sun Solaris 8
Sun Solaris 9
Sun Solaris 10
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5761
 
Oval ID: oval:org.mitre.oval:def:5761
Title: HP-UX Running BIND, Remote DNS Cache Poisoning
Description: The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."
Family: unix Class: vulnerability
Reference(s): CVE-2008-1447
Version: 4
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5725
 
Oval ID: oval:org.mitre.oval:def:5725
Title: DNS Insufficient Socket Entropy Vulnerability
Description: The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."
Family: windows Class: vulnerability
Reference(s): CVE-2008-1447
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19900
 
Oval ID: oval:org.mitre.oval:def:19900
Title: DSA-1603-1 bind9 - cache poisoning
Description: Dan Kaminsky discovered that properties inherent to the DNS protocol lead to practical DNS cache poisoning attacks. Among other things, successful attacks can lead to misdirected web traffic and email rerouting.
Family: unix Class: patch
Reference(s): DSA-1603-1
CVE-2008-1447
Version: 5
Platform(s): Debian GNU/Linux 4.0
Product(s): bind9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18724
 
Oval ID: oval:org.mitre.oval:def:18724
Title: DSA-1617-1 refpolicy - incompatible policy
Description: In DSA-1603-1, Debian released an update to the BIND 9 domain name server, which introduced UDP source port randomization to mitigate the threat of DNS cache poisoning attacks (identified by the Common Vulnerabilities and Exposures project as <a href="http://security-tracker.debian.org/tracker/CVE-2008-1447">CVE-2008-1447</a>). The fix, while correct, was incompatible with the version of SELinux Reference Policy shipped with Debian Etch, which did not permit a process running in the named_t domain to bind sockets to UDP ports other than the standard 'domain' port (53). The incompatibility affects both the 'targeted' and 'strict' policy packages supplied by this version of refpolicy.
Family: unix Class: patch
Reference(s): DSA-1617-1
CVE-2008-1447
Version: 7
Platform(s): Debian GNU/Linux 4.0
Product(s): refpolicy
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18704
 
Oval ID: oval:org.mitre.oval:def:18704
Title: DSA-1623-1 dnsmasq - cache poisoning
Description: Dan Kaminsky discovered that properties inherent to the DNS protocol lead to practical DNS cache poisoning attacks. Among other things, successful attacks can lead to misdirected web traffic and email rerouting.
Family: unix Class: patch
Reference(s): DSA-1623-1
CVE-2008-1447
Version: 7
Platform(s): Debian GNU/Linux 4.0
Product(s): dnsmasq
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17734
 
Oval ID: oval:org.mitre.oval:def:17734
Title: USN-622-1 -- bind9 vulnerability
Description: Dan Kaminsky discovered weaknesses in the DNS protocol as implemented by Bind.
Family: unix Class: patch
Reference(s): USN-622-1
CVE-2008-1447
Version: 5
Platform(s): Ubuntu 6.06
Ubuntu 7.04
Ubuntu 7.10
Ubuntu 8.04
Product(s): bind9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17512
 
Oval ID: oval:org.mitre.oval:def:17512
Title: USN-627-1 -- dnsmasq vulnerability
Description: Dan Kaminsky discovered weaknesses in the DNS protocol as implemented by Dnsmasq.
Family: unix Class: patch
Reference(s): USN-627-1
CVE-2008-1447
Version: 7
Platform(s): Ubuntu 8.04
Product(s): dnsmasq
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12117
 
Oval ID: oval:org.mitre.oval:def:12117
Title: HP-UX Running BIND, Remote DNS Cache Poisoning
Description: The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."
Family: unix Class: vulnerability
Reference(s): CVE-2008-1447
Version: 7
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22177
 
Oval ID: oval:org.mitre.oval:def:22177
Title: ELSA-2008:0789: dnsmasq security update (Moderate)
Description: The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."
Family: unix Class: patch
Reference(s): ELSA-2008:0789-01
CVE-2008-1447
Version: 6
Platform(s): Oracle Linux 5
Product(s): dnsmasq
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21970
 
Oval ID: oval:org.mitre.oval:def:21970
Title: ELSA-2008:0533: bind security update (Important)
Description: The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."
Family: unix Class: patch
Reference(s): ELSA-2008:0533-02
CVE-2008-1447
Version: 6
Platform(s): Oracle Linux 5
Product(s): bind
selinux-policy-targeted
selinux-policy
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application3

Milw0rm Exploits

idDescription
2008-07-25BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (c)
2008-07-24BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (py)
2008-07-23BIND 9.4.1-9.4.2 Remote DNS Cache Poisoning Flaw Exploit (meta)

ExploitDB Exploits

idDescription
2008-07-25BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (c)
2008-07-24BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (py)
2008-07-23BIND 9.4.1-9.4.2 Remote DNS Cache Poisoning Flaw Exploit (meta)

OpenVAS Exploits

DateDescription
2012-10-03Name : Gentoo Security Advisory GLSA 201209-25 (vmware-server vmware-player vmware-w...
File : nvt/glsa_201209_25.nasl
2010-05-12Name : Mac OS X Security Update 2008-005
File : nvt/macosx_secupd_2008-005.nasl
2010-05-12Name : Mac OS X 10.5.5 Update / Security Update 2008-006
File : nvt/macosx_upd_10_5_5_secupd_2008-006.nasl
2009-11-17Name : Mac OS X Version
File : nvt/macosx_version.nasl
2009-10-13Name : SLES10: Security update for bind
File : nvt/sles10_bind0.nasl
2009-10-10Name : SLES9: Security update for bind
File : nvt/sles9p5030189.nasl
2009-05-05Name : HP-UX Update for BIND HPSBUX02351
File : nvt/gb_hp_ux_HPSBUX02351.nasl
2009-04-09Name : Mandriva Update for bind MDVSA-2008:139 (bind)
File : nvt/gb_mandriva_MDVSA_2008_139.nasl
2009-03-23Name : Ubuntu Update for bind9 vulnerability USN-622-1
File : nvt/gb_ubuntu_USN_622_1.nasl
2009-03-23Name : Ubuntu Update for dnsmasq vulnerability USN-627-1
File : nvt/gb_ubuntu_USN_627_1.nasl
2009-03-23Name : Ubuntu Update for ruby1.8 vulnerabilities USN-651-1
File : nvt/gb_ubuntu_USN_651_1.nasl
2009-03-06Name : RedHat Update for bind RHSA-2008:0533-01
File : nvt/gb_RHSA-2008_0533-01_bind.nasl
2009-03-06Name : RedHat Update for dnsmasq RHSA-2008:0789-01
File : nvt/gb_RHSA-2008_0789-01_dnsmasq.nasl
2009-02-27Name : CentOS Update for bind CESA-2008:0533-03 centos2 i386
File : nvt/gb_CESA-2008_0533-03_bind_centos2_i386.nasl
2009-02-27Name : CentOS Update for bind CESA-2008:0533 centos3 i386
File : nvt/gb_CESA-2008_0533_bind_centos3_i386.nasl
2009-02-27Name : CentOS Update for bind CESA-2008:0533 centos3 x86_64
File : nvt/gb_CESA-2008_0533_bind_centos3_x86_64.nasl
2009-02-27Name : CentOS Update for bind CESA-2008:0533 centos4 i386
File : nvt/gb_CESA-2008_0533_bind_centos4_i386.nasl
2009-02-27Name : CentOS Update for bind CESA-2008:0533 centos4 x86_64
File : nvt/gb_CESA-2008_0533_bind_centos4_x86_64.nasl
2009-02-18Name : Fedora Core 9 FEDORA-2009-1069 (dnsmasq)
File : nvt/fcore_2009_1069.nasl
2009-02-17Name : Fedora Update for ruby FEDORA-2008-8736
File : nvt/gb_fedora_2008_8736_ruby_fc8.nasl
2009-02-17Name : Fedora Update for ruby FEDORA-2008-8738
File : nvt/gb_fedora_2008_8738_ruby_fc9.nasl
2009-02-17Name : Fedora Update for bind FEDORA-2008-6256
File : nvt/gb_fedora_2008_6256_bind_fc9.nasl
2009-02-17Name : Fedora Update for bind FEDORA-2008-6281
File : nvt/gb_fedora_2008_6281_bind_fc8.nasl
2009-01-23Name : SuSE Update for bind SUSE-SA:2008:033
File : nvt/gb_suse_2008_033.nasl
2009-01-23Name : SuSE Update for openwsman SUSE-SA:2008:041
File : nvt/gb_suse_2008_041.nasl
2009-01-20Name : Fedora Core 9 FEDORA-2009-0350 (bind)
File : nvt/fcore_2009_0350.nasl
2009-01-13Name : Gentoo Security Advisory GLSA 200901-03 (pdnsd)
File : nvt/glsa_200901_03.nasl
2008-12-23Name : Gentoo Security Advisory GLSA 200812-17 (ruby)
File : nvt/glsa_200812_17.nasl
2008-09-24Name : Gentoo Security Advisory GLSA 200807-08 (bind)
File : nvt/glsa_200807_08.nasl
2008-09-24Name : Gentoo Security Advisory GLSA 200809-02 (dnsmasq)
File : nvt/glsa_200809_02.nasl
2008-09-04Name : FreeBSD Security Advisory (FreeBSD-SA-08:06.bind.asc)
File : nvt/freebsdsa_bind5.nasl
2008-09-04Name : FreeBSD Ports: ruby, ruby+pthreads, ruby+pthreads+oniguruma, ruby+oniguruma
File : nvt/freebsd_ruby9.nasl
2008-08-22Name : Vulnerabilities in DNS Could Allow Spoofing (953230)
File : nvt/secpod_ms08-037_900005.nasl
2008-08-15Name : Debian Security Advisory DSA 1617-1 (refpolicy)
File : nvt/deb_1617_1.nasl
2008-08-15Name : Debian Security Advisory DSA 1619-1 (python-dns)
File : nvt/deb_1619_1.nasl
2008-08-15Name : Debian Security Advisory DSA 1623-1 (dnsmasq)
File : nvt/deb_1623_1.nasl
2008-07-15Name : Debian Security Advisory DSA 1603-1 (bind9)
File : nvt/deb_1603_1.nasl
0000-00-00Name : Slackware Advisory SSA:2008-191-02 bind
File : nvt/esoft_slk_ssa_2008_191_02.nasl
0000-00-00Name : Slackware Advisory SSA:2008-205-01 dnsmasq
File : nvt/esoft_slk_ssa_2008_205_01.nasl
0000-00-00Name : Slackware Advisory SSA:2008-334-01 ruby
File : nvt/esoft_slk_ssa_2008_334_01.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
53917HP Multiple Products DNS Query ID Field Prediction Cache Poisoning
53530Check Point DNS Query ID Field Prediction Cache Poisoning
48256Ingate Firewall/SIParator DNS Query ID Field Prediction Cache Poisoning
48244pdnsd DNS Query ID Field Prediction Cache Poisoning
48186Apple Mac OS X DNS Query ID Field Prediction Cache Poisoning
47927Nortel Business Communications Manager DNS Query ID Field Prediction Cache Po...
47926Astaro Security Gateway DNS Query ID Field Prediction Cache Poisoning
47916Citrix Access Gateway DNS Query ID Field Prediction Cache Poisoning
47660VitalQIP DNS Query ID Field Prediction Cache Poisoning
47588Yamaha RT Series Routers DNS Query ID Field Prediction Cache Poisoning
47546Astaro Security Gateway DNS Proxy DNS Query ID Field Prediction Cache Poisoning
47510Dnsmasq DNS Query ID Field Prediction Cache Poisoning
47233Secure Computing Sidewinder / CyberGuard DNS Query ID Field Prediction Cache ...
47232F5 Multiple Product DNS Query ID Field Prediction Cache Poisoning
46916Juniper Networks Multiple Products DNS Query ID Field Prediction Cache Poisoning
46837Solaris named(1M) DNS Query ID Field Prediction Cache Poisoning
46836Nominum CNS / Vantio DNS Query ID Field Prediction Cache Poisoning
46786Cisco Multiple Products DNS Query ID Field Prediction Cache Poisoning
46777Microsoft Windows DNS Socket Entropy Weakness Cache Poisoning
46776ISC BIND DNS Query ID Field Prediction Cache Poisoning

Information Assurance Vulnerability Management (IAVM)

DateDescription
2008-09-11IAVM : 2008-B-0061 - Multiple Vulnerabilities in VMWare
Severity : Category I - VMSKEY : V0017346
2008-07-17IAVM : 2008-A-0045 - DNS Protocol Cache Poisoning Vulnerability
Severity : Category I - VMSKEY : V0016170

Snort® IPS/IDS

DateDescription
2014-01-10VMware Server ISAPI Extension remote denial of service attempt
RuleID : 16384 - Revision : 7 - Type : SERVER-OTHER
2014-01-10Microsoft Windows DNS server spoofing attempt
RuleID : 16206 - Revision : 7 - Type : OS-WINDOWS
2014-01-10VhdCvtCom.DiskLibHelper ActiveX function call unicode access
RuleID : 14593 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VhdCvtCom.DiskLibHelper ActiveX function call access
RuleID : 14592 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VhdCvtCom.DiskLibHelper ActiveX clsid unicode access
RuleID : 14591 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VhdCvtCom.DiskLibHelper ActiveX clsid access
RuleID : 14590 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10CurrentVMCtl Class ActiveX function call unicode access
RuleID : 14589 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10CurrentVMCtl Class ActiveX function call access
RuleID : 14588 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10CurrentVMCtl Class ActiveX clsid unicode access
RuleID : 14587 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10CurrentVMCtl Class ActiveX clsid access
RuleID : 14586 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMWare unspecified 26 ActiveX clsid unicode access
RuleID : 14585 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMWare unspecified 26 ActiveX clsid access
RuleID : 14584 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMWare unspecified 25 ActiveX clsid unicode access
RuleID : 14583 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMWare unspecified 25 ActiveX clsid access
RuleID : 14582 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMList Class ActiveX function call unicode access
RuleID : 14581 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMList Class ActiveX function call access
RuleID : 14580 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VMList Class ActiveX clsid unicode access
RuleID : 14579 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMList Class ActiveX clsid access
RuleID : 14578 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10NavigationCtl Class ActiveX function call unicode access
RuleID : 14577 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10NavigationCtl Class ActiveX function call access
RuleID : 14576 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10NavigationCtl Class ActiveX clsid unicode access
RuleID : 14575 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10NavigationCtl Class ActiveX clsid access
RuleID : 14574 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VmdbParseError Class ActiveX function call unicode access
RuleID : 14573 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VmdbParseError Class ActiveX function call access
RuleID : 14572 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VmdbParseError Class ActiveX clsid unicode access
RuleID : 14571 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VmdbParseError Class ActiveX clsid access
RuleID : 14570 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10PolicyCtl Class ActiveX function call unicode access
RuleID : 14569 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10PolicyCtl Class ActiveX function call access
RuleID : 14568 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10PolicyCtl Class ActiveX clsid unicode access
RuleID : 14567 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10PolicyCtl Class ActiveX clsid access
RuleID : 14566 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMWare unspecified 24 ActiveX clsid unicode access
RuleID : 14565 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMWare unspecified 24 ActiveX clsid access
RuleID : 14564 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VmappPropPath Class ActiveX function call unicode access
RuleID : 14563 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VmappPropPath Class ActiveX function call access
RuleID : 14562 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VmappPropPath Class ActiveX clsid unicode access
RuleID : 14561 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VmappPropPath Class ActiveX clsid access
RuleID : 14560 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10MksCtl Class ActiveX function call unicode access
RuleID : 14559 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10MksCtl Class ActiveX function call access
RuleID : 14558 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10MksCtl Class ActiveX clsid unicode access
RuleID : 14557 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10MksCtl Class ActiveX clsid access
RuleID : 14556 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10Vmc2vmx.CoVPCDrives ActiveX function call unicode access
RuleID : 14555 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10Vmc2vmx.CoVPCDrives ActiveX function call access
RuleID : 14554 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10Vmc2vmx.CoVPCDrives ActiveX clsid unicode access
RuleID : 14553 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10Vmc2vmx.CoVPCDrives ActiveX clsid access
RuleID : 14552 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10Nwz Class ActiveX function call unicode access
RuleID : 14551 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10Nwz Class ActiveX function call access
RuleID : 14550 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10Nwz Class ActiveX clsid unicode access
RuleID : 14549 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10Nwz Class ActiveX clsid access
RuleID : 14548 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VmdbTreeCtl Class ActiveX function call unicode access
RuleID : 14547 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VmdbTreeCtl Class ActiveX function call access
RuleID : 14546 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VmdbTreeCtl Class ActiveX clsid unicode access
RuleID : 14545 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VmdbTreeCtl Class ActiveX clsid access
RuleID : 14544 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMWare unspecified 23 ActiveX clsid unicode access
RuleID : 14543 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMWare unspecified 23 ActiveX clsid access
RuleID : 14542 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10CheckedListViewWnd Class ActiveX function call unicode access
RuleID : 14541 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10CheckedListViewWnd Class ActiveX function call access
RuleID : 14540 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10CheckedListViewWnd Class ActiveX clsid unicode access
RuleID : 14539 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10CheckedListViewWnd Class ActiveX clsid access
RuleID : 14538 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMListCtl Class ActiveX function call unicode access
RuleID : 14537 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMListCtl Class ActiveX function call access
RuleID : 14536 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VMListCtl Class ActiveX clsid unicode access
RuleID : 14535 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMListCtl Class ActiveX clsid access
RuleID : 14534 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VmdbUpdates Class ActiveX function call unicode access
RuleID : 14533 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VmdbUpdates Class ActiveX function call access
RuleID : 14532 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VmdbUpdates Class ActiveX clsid unicode access
RuleID : 14531 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VmdbUpdates Class ActiveX clsid access
RuleID : 14530 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10HotfixWz Class ActiveX function call unicode access
RuleID : 14529 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10HotfixWz Class ActiveX function call access
RuleID : 14528 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10HotfixWz Class ActiveX clsid unicode access
RuleID : 14527 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10HotfixWz Class ActiveX clsid access
RuleID : 14526 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMWare unspecified 22 ActiveX clsid unicode access
RuleID : 14525 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMWare unspecified 22 ActiveX clsid access
RuleID : 14524 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10Elevated.VMXCreator ActiveX function call unicode access
RuleID : 14523 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10Elevated.VMXCreator ActiveX function call access
RuleID : 14522 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10Elevated.VMXCreator ActiveX clsid unicode access
RuleID : 14521 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10Elevated.VMXCreator ActiveX clsid access
RuleID : 14520 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMWare unspecified 21 ActiveX clsid unicode access
RuleID : 14519 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMWare unspecified 21 ActiveX clsid access
RuleID : 14518 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMClientVM Class ActiveX function call unicode access
RuleID : 14517 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMClientVM Class ActiveX function call access
RuleID : 14516 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VMClientVM Class ActiveX clsid unicode access
RuleID : 14515 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMClientVM Class ActiveX clsid access
RuleID : 14514 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMWare unspecified 20 ActiveX clsid unicode access
RuleID : 14513 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMWare unspecified 20 ActiveX clsid access
RuleID : 14512 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10Vmc2vmx.CoVPCDrive ActiveX function call unicode access
RuleID : 14511 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10Vmc2vmx.CoVPCDrive ActiveX function call access
RuleID : 14510 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10Vmc2vmx.CoVPCDrive ActiveX clsid unicode access
RuleID : 14509 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10Vmc2vmx.CoVPCDrive ActiveX clsid access
RuleID : 14508 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VmdbCnxUtil Class ActiveX function call unicode access
RuleID : 14507 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VmdbCnxUtil Class ActiveX function call access
RuleID : 14506 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VmdbCnxUtil Class ActiveX clsid unicode access
RuleID : 14505 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VmdbCnxUtil Class ActiveX clsid access
RuleID : 14504 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMwareVpcCvt.VpcC ActiveX function call unicode access
RuleID : 14503 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMwareVpcCvt.VpcC ActiveX function call access
RuleID : 14502 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VMwareVpcCvt.VpcC ActiveX clsid unicode access
RuleID : 14501 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMwareVpcCvt.VpcC ActiveX clsid access
RuleID : 14500 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMWare unspecified 19 ActiveX clsid unicode access
RuleID : 14499 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMWare unspecified 19 ActiveX clsid access
RuleID : 14498 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VmdbUtil Class ActiveX function call unicode access
RuleID : 14497 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VmdbUtil Class ActiveX function call access
RuleID : 14496 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VmdbUtil Class ActiveX clsid unicode access
RuleID : 14495 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VmdbUtil Class ActiveX clsid access
RuleID : 14494 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMWare unspecified 18 ActiveX clsid unicode access
RuleID : 14493 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMWare unspecified 18 ActiveX clsid access
RuleID : 14492 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMSwitchCtl Class ActiveX function call unicode access
RuleID : 14491 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMSwitchCtl Class ActiveX function call access
RuleID : 14490 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VMSwitchCtl Class ActiveX clsid unicode access
RuleID : 14489 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMSwitchCtl Class ActiveX clsid access
RuleID : 14488 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VhdCvtCom.VhdConverter ActiveX function call unicode access
RuleID : 14487 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VhdCvtCom.VhdConverter ActiveX function call access
RuleID : 14486 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VhdCvtCom.VhdConverter ActiveX clsid unicode access
RuleID : 14485 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VhdCvtCom.VhdConverter ActiveX clsid access
RuleID : 14484 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VmappPropFrame Class ActiveX function call unicode access
RuleID : 14483 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VmappPropFrame Class ActiveX function call access
RuleID : 14482 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VmappPropFrame Class ActiveX clsid unicode access
RuleID : 14481 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VmappPropFrame Class ActiveX clsid access
RuleID : 14480 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10reconfig.GuestInfo ActiveX function call unicode access
RuleID : 14479 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10reconfig.GuestInfo ActiveX function call access
RuleID : 14478 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10reconfig.GuestInfo ActiveX clsid unicode access
RuleID : 14477 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10reconfig.GuestInfo ActiveX clsid access
RuleID : 14476 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMWare unspecified 17 ActiveX clsid unicode access
RuleID : 14475 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMWare unspecified 17 ActiveX clsid access
RuleID : 14474 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMWare unspecified 16 ActiveX clsid unicode access
RuleID : 14473 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMWare unspecified 16 ActiveX clsid access
RuleID : 14472 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10Elevated.HostDeviceInfos ActiveX function call unicode access
RuleID : 14471 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10Elevated.HostDeviceInfos ActiveX function call access
RuleID : 14470 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10Elevated.HostDeviceInfos ActiveX clsid unicode access
RuleID : 14469 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10Elevated.HostDeviceInfos ActiveX clsid access
RuleID : 14468 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMWare unspecified 15 ActiveX clsid unicode access
RuleID : 14467 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMWare unspecified 15 ActiveX clsid access
RuleID : 14466 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10IntraProcessLogging.Logger ActiveX function call unicode access
RuleID : 14465 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10IntraProcessLogging.Logger ActiveX function call access
RuleID : 14464 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10IntraProcessLogging.Logger ActiveX clsid unicode access
RuleID : 14463 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10IntraProcessLogging.Logger ActiveX clsid access
RuleID : 14462 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10VMWare unspecified 14 ActiveX clsid unicode access
RuleID : 14461 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMWare unspecified 14 ActiveX clsid access
RuleID : 14460 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10MksCompatCtl Class ActiveX function call unicode access
RuleID : 14459 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10MksCompatCtl Class ActiveX function call access
RuleID : 14458 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10MksCompatCtl Class ActiveX clsid unicode access
RuleID : 14457 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10MksCompatCtl Class ActiveX clsid access
RuleID : 14456 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10vmhwcfg.NwzCompleted ActiveX function call unicode access
RuleID : 14455 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10vmhwcfg.NwzCompleted ActiveX function call access
RuleID : 14454 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10vmhwcfg.NwzCompleted ActiveX clsid unicode access
RuleID : 14453 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10vmhwcfg.NwzCompleted ActiveX clsid access
RuleID : 14452 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10reconfig.SystemReconfigur ActiveX function call unicode access
RuleID : 14451 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10reconfig.SystemReconfigur ActiveX function call access
RuleID : 14450 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10reconfig.SystemReconfigur ActiveX clsid unicode access
RuleID : 14449 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10reconfig.SystemReconfigur ActiveX clsid access
RuleID : 14448 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMWare unspecified 13 ActiveX clsid unicode access
RuleID : 14447 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMWare unspecified 13 ActiveX clsid access
RuleID : 14446 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMWare unspecified 12 ActiveX clsid unicode access
RuleID : 14445 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMWare unspecified 12 ActiveX clsid access
RuleID : 14444 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMWare unspecified 11 ActiveX clsid unicode access
RuleID : 14443 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMWare unspecified 11 ActiveX clsid access
RuleID : 14442 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMWare unspecified 10 ActiveX clsid unicode access
RuleID : 14441 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMWare unspecified 10 ActiveX clsid access
RuleID : 14440 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMClientHost Class ActiveX function call unicode access
RuleID : 14439 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMClientHost Class ActiveX function call access
RuleID : 14438 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VMClientHost Class ActiveX clsid unicode access
RuleID : 14437 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMClientHost Class ActiveX clsid access
RuleID : 14436 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMWare unspecified 9 ActiveX clsid unicode access
RuleID : 14435 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMWare unspecified 9 ActiveX clsid access
RuleID : 14434 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMEnumStrings Class ActiveX function call unicode access
RuleID : 14433 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMEnumStrings Class ActiveX function call access
RuleID : 14432 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VMEnumStrings Class ActiveX clsid unicode access
RuleID : 14431 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMEnumStrings Class ActiveX clsid access
RuleID : 14430 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMWare unspecified 8 ActiveX clsid unicode access
RuleID : 14429 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMWare unspecified 8 ActiveX clsid access
RuleID : 14428 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMAppSdkUtil Class ActiveX function call unicode access
RuleID : 14427 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMAppSdkUtil Class ActiveX function call access
RuleID : 14426 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VMAppSdkUtil Class ActiveX clsid unicode access
RuleID : 14425 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMAppSdkUtil Class ActiveX clsid access
RuleID : 14424 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VmdbDatabase Class ActiveX function call unicode access
RuleID : 14423 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VmdbDatabase Class ActiveX function call access
RuleID : 14422 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VmdbDatabase Class ActiveX clsid unicode access
RuleID : 14421 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VmdbDatabase Class ActiveX clsid access
RuleID : 14420 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VieLib2.Vie2Process ActiveX function call unicode access
RuleID : 14419 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10VieLib2.Vie2Process ActiveX function call access
RuleID : 14418 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10VieLib2.Vie2Process ActiveX clsid unicode access
RuleID : 14417 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10VieLib2.Vie2Process ActiveX clsid access
RuleID : 14416 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10VMWare unspecified 7 ActiveX clsid unicode access
RuleID : 14415 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMWare unspecified 7 ActiveX clsid access
RuleID : 14414 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VmdbEnumTags Class ActiveX function call unicode access
RuleID : 14413 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VmdbEnumTags Class ActiveX function call access
RuleID : 14412 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VmdbEnumTags Class ActiveX clsid unicode access
RuleID : 14411 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VmdbEnumTags Class ActiveX clsid access
RuleID : 14410 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10RegVmsCtl Class ActiveX function call unicode access
RuleID : 14409 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10RegVmsCtl Class ActiveX function call access
RuleID : 14408 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10RegVmsCtl Class ActiveX clsid unicode access
RuleID : 14407 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10RegVmsCtl Class ActiveX clsid access
RuleID : 14406 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10RemoteBrowseDlg Class ActiveX function call unicode access
RuleID : 14405 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10RemoteBrowseDlg Class ActiveX function call access
RuleID : 14404 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10RemoteBrowseDlg Class ActiveX clsid unicode access
RuleID : 14403 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10RemoteBrowseDlg Class ActiveX clsid access
RuleID : 14402 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10vmappsdk.CuiObj ActiveX function call unicode access
RuleID : 14401 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10vmappsdk.CuiObj ActiveX function call access
RuleID : 14400 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10vmappsdk.CuiObj ActiveX clsid unicode access
RuleID : 14399 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10vmappsdk.CuiObj ActiveX clsid access
RuleID : 14398 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VixCOM.VixLib ActiveX function call unicode access
RuleID : 14397 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VixCOM.VixLib ActiveX function call access
RuleID : 14396 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VixCOM.VixLib ActiveX clsid unicode access
RuleID : 14395 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VixCOM.VixLib ActiveX clsid access
RuleID : 14394 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10Vie2Lib.Vie2LinuxVolume ActiveX function call unicode access
RuleID : 14393 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Vie2Lib.Vie2LinuxVolume ActiveX function call access
RuleID : 14392 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Vie2Lib.Vie2LinuxVolume ActiveX clsid unicode access
RuleID : 14391 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10Vie2Lib.Vie2LinuxVolume ActiveX clsid access
RuleID : 14390 - Revision : 8 - Type : WEB-ACTIVEX
2014-01-10VmdbSchema Class ActiveX function call unicode access
RuleID : 14389 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VmdbSchema Class ActiveX function call access
RuleID : 14388 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VmdbSchema Class ActiveX clsid unicode access
RuleID : 14387 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VmdbSchema Class ActiveX clsid access
RuleID : 14386 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10Pq2vcom.Pq2v ActiveX function call unicode access
RuleID : 14385 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10Pq2vcom.Pq2v ActiveX function call access
RuleID : 14384 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10Pq2vcom.Pq2v ActiveX clsid unicode access
RuleID : 14383 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10Pq2vcom.Pq2v ActiveX clsid access
RuleID : 14382 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMClient Class ActiveX function call unicode access
RuleID : 14381 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMClient Class ActiveX function call access
RuleID : 14380 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VMClient Class ActiveX clsid unicode access
RuleID : 14379 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMClient Class ActiveX clsid access
RuleID : 14378 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VmappPoll Class ActiveX function call unicode access
RuleID : 14377 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VmappPoll Class ActiveX function call access
RuleID : 14376 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VmappPoll Class ActiveX clsid unicode access
RuleID : 14375 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VmappPoll Class ActiveX clsid access
RuleID : 14374 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10vmappPropObj2 Class ActiveX function call unicode access
RuleID : 14373 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10vmappPropObj2 Class ActiveX function call access
RuleID : 14372 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10vmappPropObj2 Class ActiveX clsid unicode access
RuleID : 14371 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10vmappPropObj2 Class ActiveX clsid access
RuleID : 14370 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VmdbQuery Class ActiveX function call unicode access
RuleID : 14369 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VmdbQuery Class ActiveX function call access
RuleID : 14368 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VmdbQuery Class ActiveX clsid unicode access
RuleID : 14367 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VmdbQuery Class ActiveX clsid access
RuleID : 14366 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMWare unspecified 6 ActiveX clsid unicode access
RuleID : 14365 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMWare unspecified 6 ActiveX clsid access
RuleID : 14364 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10HardwareCtl Class ActiveX function call unicode access
RuleID : 14363 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10HardwareCtl Class ActiveX function call access
RuleID : 14362 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10HardwareCtl Class ActiveX clsid unicode access
RuleID : 14361 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10HardwareCtl Class ActiveX clsid access
RuleID : 14360 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMWare unspecified 5 ActiveX clsid unicode access
RuleID : 14359 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMWare unspecified 5 ActiveX clsid access
RuleID : 14358 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10Elevated.ElevMgr ActiveX function call unicode access
RuleID : 14357 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10Elevated.ElevMgr ActiveX function call access
RuleID : 14356 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10Elevated.ElevMgr ActiveX clsid unicode access
RuleID : 14355 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10Elevated.ElevMgr ActiveX clsid access
RuleID : 14354 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10reconfig.PopulatedDi ActiveX function call unicode access
RuleID : 14353 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10reconfig.PopulatedDi ActiveX function call access
RuleID : 14352 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10reconfig.PopulatedDi ActiveX clsid unicode access
RuleID : 14351 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10reconfig.PopulatedDi ActiveX clsid access
RuleID : 14350 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMWare unspecified 4 ActiveX clsid unicode access
RuleID : 14349 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMWare unspecified 4 ActiveX clsid access
RuleID : 14348 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMMsg Class ActiveX function call unicode access
RuleID : 14347 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMMsg Class ActiveX function call access
RuleID : 14346 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VMMsg Class ActiveX clsid unicode access
RuleID : 14345 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMMsg Class ActiveX clsid access
RuleID : 14344 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMWare unspecified 3 ActiveX clsid unicode access
RuleID : 14343 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMWare unspecified 3 ActiveX clsid access
RuleID : 14342 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10vmappPropObj Class ActiveX function call unicode access
RuleID : 14341 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10vmappPropObj Class ActiveX function call access
RuleID : 14340 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10vmappPropObj Class ActiveX clsid unicode access
RuleID : 14339 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10vmappPropObj Class ActiveX clsid access
RuleID : 14338 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMClientVMs Class ActiveX function call unicode access
RuleID : 14337 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMClientVMs Class ActiveX function call access
RuleID : 14336 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VMClientVMs Class ActiveX clsid unicode access
RuleID : 14335 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMClientVMs Class ActiveX clsid access
RuleID : 14334 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VmdbContext Class ActiveX function call unicode access
RuleID : 14333 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VmdbContext Class ActiveX function call access
RuleID : 14332 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VmdbContext Class ActiveX clsid unicode access
RuleID : 14331 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VmdbContext Class ActiveX clsid access
RuleID : 14330 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Visual Database Tools Query Designer V7.0 ActiveX function call uni...
RuleID : 14329 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10Microsoft Visual Database Tools Query Designer V7.0 ActiveX function call access
RuleID : 14328 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Visual Database Tools Query Designer V7.0 ActiveX clsid unicode access
RuleID : 14327 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10Microsoft Visual Database Tools Query Designer V7.0 ActiveX clsid access
RuleID : 14326 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10reconfig.SysImageUti ActiveX function call unicode access
RuleID : 14325 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10reconfig.SysImageUti ActiveX function call access
RuleID : 14324 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10reconfig.SysImageUti ActiveX clsid unicode access
RuleID : 14323 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10reconfig.SysImageUti ActiveX clsid access
RuleID : 14322 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMWare unspecified 2 ActiveX clsid unicode access
RuleID : 14321 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMWare unspecified 2 ActiveX clsid access
RuleID : 14320 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VmdbExecuteError Class ActiveX function call unicode access
RuleID : 14319 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VmdbExecuteError Class ActiveX function call access
RuleID : 14318 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VmdbExecuteError Class ActiveX clsid unicode access
RuleID : 14317 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VmdbExecuteError Class ActiveX clsid access
RuleID : 14316 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMWare unspecified 1 ActiveX clsid unicode access
RuleID : 14315 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMWare unspecified 1 ActiveX clsid access
RuleID : 14314 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VmdbUpdate Class ActiveX function call unicode access
RuleID : 14313 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VmdbUpdate Class ActiveX function call access
RuleID : 14312 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VmdbUpdate Class ActiveX clsid unicode access
RuleID : 14311 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VmdbUpdate Class ActiveX clsid access
RuleID : 14310 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10Vmc2vmx.CoVPCConfiguration ActiveX function call unicode access
RuleID : 14309 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10Vmc2vmx.CoVPCConfiguration ActiveX function call access
RuleID : 14308 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10Vmc2vmx.CoVPCConfiguration ActiveX clsid unicode access
RuleID : 14307 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10Vmc2vmx.CoVPCConfiguration ActiveX clsid access
RuleID : 14306 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMStatusbarCtl Class ActiveX function call unicode access
RuleID : 14305 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMStatusbarCtl Class ActiveX function call access
RuleID : 14304 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VMStatusbarCtl Class ActiveX clsid unicode access
RuleID : 14303 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMStatusbarCtl Class ActiveX clsid access
RuleID : 14302 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10TeamListViewWnd Class ActiveX function call unicode access
RuleID : 14301 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10TeamListViewWnd Class ActiveX function call access
RuleID : 14300 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10TeamListViewWnd Class ActiveX clsid unicode access
RuleID : 14299 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10TeamListViewWnd Class ActiveX clsid access
RuleID : 14298 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10RemoteDirDlg Class ActiveX function call unicode access
RuleID : 14297 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10RemoteDirDlg Class ActiveX function call access
RuleID : 14296 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10RemoteDirDlg Class ActiveX clsid unicode access
RuleID : 14295 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10RemoteDirDlg Class ActiveX clsid access
RuleID : 14294 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VhdCvtCom.DiskLibCreateParamObj ActiveX function call unicode access
RuleID : 14293 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VhdCvtCom.DiskLibCreateParamObj ActiveX function call access
RuleID : 14292 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VhdCvtCom.DiskLibCreateParamObj ActiveX clsid unicode access
RuleID : 14291 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VhdCvtCom.DiskLibCreateParamObj ActiveX clsid access
RuleID : 14290 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VMClientHosts Class ActiveX function call unicode access
RuleID : 14289 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMClientHosts Class ActiveX function call access
RuleID : 14288 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VMClientHosts Class ActiveX clsid unicode access
RuleID : 14287 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VMClientHosts Class ActiveX clsid access
RuleID : 14286 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10IntraProcessLogging.Logger ActiveX function call unicode access
RuleID : 14285 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10IntraProcessLogging.Logger ActiveX function call access
RuleID : 14284 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10IntraProcessLogging.Logger ActiveX clsid unicode access
RuleID : 14283 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10IntraProcessLogging.Logger ActiveX clsid access
RuleID : 14282 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VieLib2.Vie2Process ActiveX function call unicode access
RuleID : 14281 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VieLib2.Vie2Process ActiveX function call access
RuleID : 14280 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VieLib2.Vie2Process ActiveX clsid unicode access
RuleID : 14279 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VieLib2.Vie2Process ActiveX clsid access
RuleID : 14278 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10Vie2Lib.Vie2LinuxVolume ActiveX function call unicode access
RuleID : 14277 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10Vie2Lib.Vie2LinuxVolume ActiveX function call access
RuleID : 14276 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10Vie2Lib.Vie2LinuxVolume ActiveX clsid unicode access
RuleID : 14275 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10Vie2Lib.Vie2LinuxVolume ActiveX clsid access
RuleID : 14274 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10VieLib2.Vie2Locator ActiveX function call unicode access
RuleID : 14273 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VieLib2.Vie2Locator ActiveX function call access
RuleID : 14272 - Revision : 10 - Type : BROWSER-PLUGINS
2014-01-10VieLib2.Vie2Locator ActiveX clsid unicode access
RuleID : 14271 - Revision : 7 - Type : WEB-ACTIVEX
2014-01-10VieLib2.Vie2Locator ActiveX clsid access
RuleID : 14270 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10excessive outbound NXDOMAIN replies - possible spoof of domain run by local D...
RuleID : 13949 - Revision : 12 - Type : PROTOCOL-DNS
2014-01-10large number of NXDOMAIN replies - possible DNS cache poisoning
RuleID : 13948 - Revision : 11 - Type : PROTOCOL-DNS
2014-01-10dns root nameserver poisoning attempt
RuleID : 13887 - Revision : 10 - Type : BAD-TRAFFIC
2014-01-10dns cache poisoning attempt
RuleID : 13667 - Revision : 15 - Type : BAD-TRAFFIC

Metasploit Database

idDescription
2008-07-21 DNS BailiWicked Host Attack
2008-07-21 DNS BailiWicked Domain Attack

Nessus® Vulnerability Scanner

DateDescription
2014-03-05Name : The DNS server running on the remote host is vulnerable to DNS spoofing attacks.
File : ms_dns_kb951746.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2008-0533.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2008-0789.nasl - Type : ACT_GATHER_INFO
2012-10-01Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201209-25.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing a security update.
File : sl_20080811_dnsmasq_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20080711_bind_on_SL_3_0_x.nasl - Type : ACT_GATHER_INFO
2011-05-28Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2008-191-02.nasl - Type : ACT_GATHER_INFO
2010-09-01Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20080708-dnshttp.nasl - Type : ACT_GATHER_INFO
2010-09-01Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20080924-iosipshttp.nasl - Type : ACT_GATHER_INFO
2009-09-24Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12197.nasl - Type : ACT_GATHER_INFO
2009-07-27Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2008-0014.nasl - Type : ACT_GATHER_INFO
2009-07-21Name : The remote openSUSE host is missing a security update.
File : suse_11_0_bind-080708.nasl - Type : ACT_GATHER_INFO
2009-07-21Name : The remote openSUSE host is missing a security update.
File : suse_11_0_dnsmasq-080813.nasl - Type : ACT_GATHER_INFO
2009-04-23Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-651-1.nasl - Type : ACT_GATHER_INFO
2009-04-23Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2008-139.nasl - Type : ACT_GATHER_INFO
2009-02-17Name : The remote Fedora host is missing a security update.
File : fedora_2009-1069.nasl - Type : ACT_GATHER_INFO
2009-01-12Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200901-03.nasl - Type : ACT_GATHER_INFO
2008-12-17Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200812-17.nasl - Type : ACT_GATHER_INFO
2008-12-01Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2008-334-01.nasl - Type : ACT_GATHER_INFO
2008-10-10Name : The remote Fedora host is missing a security update.
File : fedora_2008-8738.nasl - Type : ACT_GATHER_INFO
2008-09-16Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_10_5_5.nasl - Type : ACT_GATHER_INFO
2008-09-16Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_SecUpd2008-006.nasl - Type : ACT_GATHER_INFO
2008-09-10Name : The remote Windows host has an application that is affected by multiple issues.
File : vmware_multiple_vmsa_2008_0014.nasl - Type : ACT_GATHER_INFO
2008-09-05Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200809-02.nasl - Type : ACT_GATHER_INFO
2008-08-17Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_959d384d6b5911dd9d79001fc61c2a55.nasl - Type : ACT_GATHER_INFO
2008-08-15Name : The remote openSUSE host is missing a security update.
File : suse_dnsmasq-5512.nasl - Type : ACT_GATHER_INFO
2008-08-12Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2008-0789.nasl - Type : ACT_GATHER_INFO
2008-08-12Name : The remote HP-UX host is missing a security-related patch.
File : hpux_PHNE_37865.nasl - Type : ACT_GATHER_INFO
2008-08-01Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1623.nasl - Type : ACT_GATHER_INFO
2008-08-01Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_SecUpd2008-005.nasl - Type : ACT_GATHER_INFO
2008-07-28Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1617.nasl - Type : ACT_GATHER_INFO
2008-07-28Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1619.nasl - Type : ACT_GATHER_INFO
2008-07-24Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2008-205-01.nasl - Type : ACT_GATHER_INFO
2008-07-23Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-627-1.nasl - Type : ACT_GATHER_INFO
2008-07-15Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_bind-5409.nasl - Type : ACT_GATHER_INFO
2008-07-15Name : The remote openSUSE host is missing a security update.
File : suse_bind-5410.nasl - Type : ACT_GATHER_INFO
2008-07-15Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200807-08.nasl - Type : ACT_GATHER_INFO
2008-07-10Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2008-0533.nasl - Type : ACT_GATHER_INFO
2008-07-10Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-622-1.nasl - Type : ACT_GATHER_INFO
2008-07-10Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1603.nasl - Type : ACT_GATHER_INFO
2008-07-10Name : The remote Fedora host is missing a security update.
File : fedora_2008-6256.nasl - Type : ACT_GATHER_INFO
2008-07-10Name : The remote Fedora host is missing a security update.
File : fedora_2008-6281.nasl - Type : ACT_GATHER_INFO
2008-07-10Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0533.nasl - Type : ACT_GATHER_INFO
2008-07-09Name : The remote name resolver (or the server it uses upstream) may be vulnerable t...
File : dns_non_random_source_ports.nasl - Type : ACT_GATHER_INFO
2008-07-08Name : The remote host is vulnerable to DNS spoofing attacks.
File : smb_nt_ms08-037.nasl - Type : ACT_GATHER_INFO
2007-10-17Name : The remote host is missing Sun Security Patch number 114265-23
File : solaris9_x86_114265.nasl - Type : ACT_GATHER_INFO
2007-09-25Name : The remote host is missing Sun Security Patch number 112837-24
File : solaris9_112837.nasl - Type : ACT_GATHER_INFO
2007-09-25Name : The remote HP-UX host is missing a security-related patch.
File : hpux_PHNE_36973.nasl - Type : ACT_GATHER_INFO
2004-07-12Name : The remote host is missing Sun Security Patch number 109326-24
File : solaris8_109326.nasl - Type : ACT_GATHER_INFO
2004-07-12Name : The remote host is missing Sun Security Patch number 109327-24
File : solaris8_x86_109327.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
AIXAPAR http://www.ibm.com/support/docview.wss?uid=isg1IZ26667
http://www.ibm.com/support/docview.wss?uid=isg1IZ26668
http://www.ibm.com/support/docview.wss?uid=isg1IZ26669
http://www.ibm.com/support/docview.wss?uid=isg1IZ26670
http://www.ibm.com/support/docview.wss?uid=isg1IZ26671
http://www.ibm.com/support/docview.wss?uid=isg1IZ26672
APPLE http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html
http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html
http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html
http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html
BID http://www.securityfocus.com/bid/30131
BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/495289/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/495869/100/0/threaded
CERT http://www.us-cert.gov/cas/techalerts/TA08-190A.html
http://www.us-cert.gov/cas/techalerts/TA08-190B.html
http://www.us-cert.gov/cas/techalerts/TA08-260A.html
CERT-VN http://www.kb.cert.org/vuls/id/800113
CISCO http://www.cisco.com/en/US/products/products_security_advisory09186a00809c216...
CONFIRM http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401
http://support.apple.com/kb/HT3026
http://support.apple.com/kb/HT3129
http://support.citrix.com/article/CTX117991
http://support.citrix.com/article/CTX118183
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152
http://up2date.astaro.com/2008/08/up2date_7202_released.html
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231
http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018
http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning
http://www.ipcop.org/index.php?name=News&file=article&sid=40
http://www.isc.org/index.pl?/sw/bind/bind-security.php
http://www.kb.cert.org/vuls/id/MIMG-7DWR4J
http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q
http://www.novell.com/support/viewContent.do?externalId=7000912
http://www.phys.uu.nl/~rombouts/pdnsd.html
http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog
http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html
http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
http://www.vmware.com/security/advisories/VMSA-2008-0014.html
DEBIAN http://www.debian.org/security/2008/dsa-1603
http://www.debian.org/security/2008/dsa-1604
http://www.debian.org/security/2008/dsa-1605
http://www.debian.org/security/2008/dsa-1619
http://www.debian.org/security/2008/dsa-1623
FEDORA https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html
FREEBSD http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc
FULLDISC http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html
GENTOO http://security.gentoo.org/glsa/glsa-200807-08.xml
http://security.gentoo.org/glsa/glsa-200812-17.xml
http://security.gentoo.org/glsa/glsa-201209-25.xml
HP http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368
http://marc.info/?l=bugtraq&m=121630706004256&w=2
http://marc.info/?l=bugtraq&m=121866517322103&w=2
http://marc.info/?l=bugtraq&m=123324863916385&w=2
MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:139
MILW0RM http://www.milw0rm.com/exploits/6122
http://www.milw0rm.com/exploits/6123
http://www.milw0rm.com/exploits/6130
MISC http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-lea...
http://www.caughq.org/exploits/CAU-EX-2008-0002.txt
http://www.caughq.org/exploits/CAU-EX-2008-0003.txt
http://www.doxpara.com/?p=1176
http://www.doxpara.com/DMK_BO2K8.ppt
http://www.nominum.com/asset_upload_file741_2661.pdf
http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html
MS http://www.microsoft.com/technet/security/bulletin/ms08-037.mspx
NETBSD ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc
OPENBSD http://www.openbsd.org/errata42.html#013_bind
http://www.openbsd.org/errata43.html#004_bind
REDHAT http://rhn.redhat.com/errata/RHSA-2008-0533.html
http://www.redhat.com/support/errata/RHSA-2008-0789.html
SECTRACK http://www.securitytracker.com/id?1020437
http://www.securitytracker.com/id?1020438
http://www.securitytracker.com/id?1020440
http://www.securitytracker.com/id?1020448
http://www.securitytracker.com/id?1020449
http://www.securitytracker.com/id?1020548
http://www.securitytracker.com/id?1020558
http://www.securitytracker.com/id?1020560
http://www.securitytracker.com/id?1020561
http://www.securitytracker.com/id?1020575
http://www.securitytracker.com/id?1020576
http://www.securitytracker.com/id?1020577
http://www.securitytracker.com/id?1020578
http://www.securitytracker.com/id?1020579
http://www.securitytracker.com/id?1020651
http://www.securitytracker.com/id?1020653
http://www.securitytracker.com/id?1020702
http://www.securitytracker.com/id?1020802
http://www.securitytracker.com/id?1020804
SECUNIA http://secunia.com/advisories/30925
http://secunia.com/advisories/30973
http://secunia.com/advisories/30977
http://secunia.com/advisories/30979
http://secunia.com/advisories/30980
http://secunia.com/advisories/30988
http://secunia.com/advisories/30989
http://secunia.com/advisories/30998
http://secunia.com/advisories/31011
http://secunia.com/advisories/31012
http://secunia.com/advisories/31014
http://secunia.com/advisories/31019
http://secunia.com/advisories/31022
http://secunia.com/advisories/31030
http://secunia.com/advisories/31031
http://secunia.com/advisories/31033
http://secunia.com/advisories/31052
http://secunia.com/advisories/31065
http://secunia.com/advisories/31072
http://secunia.com/advisories/31093
http://secunia.com/advisories/31094
http://secunia.com/advisories/31137
http://secunia.com/advisories/31143
http://secunia.com/advisories/31151
http://secunia.com/advisories/31152
http://secunia.com/advisories/31153
http://secunia.com/advisories/31169
http://secunia.com/advisories/31197
http://secunia.com/advisories/31199
http://secunia.com/advisories/31204
http://secunia.com/advisories/31207
http://secunia.com/advisories/31209
http://secunia.com/advisories/31212
http://secunia.com/advisories/31213
http://secunia.com/advisories/31221
http://secunia.com/advisories/31236
http://secunia.com/advisories/31237
http://secunia.com/advisories/31254
http://secunia.com/advisories/31326
http://secunia.com/advisories/31354
http://secunia.com/advisories/31422
http://secunia.com/advisories/31430
http://secunia.com/advisories/31451
http://secunia.com/advisories/31482
http://secunia.com/advisories/31495
http://secunia.com/advisories/31588
http://secunia.com/advisories/31687
http://secunia.com/advisories/31823
http://secunia.com/advisories/31882
http://secunia.com/advisories/31900
http://secunia.com/advisories/33178
http://secunia.com/advisories/33714
http://secunia.com/advisories/33786
SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2008&...
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&...
SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1
SUSE http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
UBUNTU http://www.ubuntu.com/usn/usn-622-1
http://www.ubuntu.com/usn/usn-627-1
VUPEN http://www.vupen.com/english/advisories/2008/2019/references
http://www.vupen.com/english/advisories/2008/2023/references
http://www.vupen.com/english/advisories/2008/2025/references
http://www.vupen.com/english/advisories/2008/2029/references
http://www.vupen.com/english/advisories/2008/2030/references
http://www.vupen.com/english/advisories/2008/2050/references
http://www.vupen.com/english/advisories/2008/2051/references
http://www.vupen.com/english/advisories/2008/2052/references
http://www.vupen.com/english/advisories/2008/2055/references
http://www.vupen.com/english/advisories/2008/2092/references
http://www.vupen.com/english/advisories/2008/2113/references
http://www.vupen.com/english/advisories/2008/2114/references
http://www.vupen.com/english/advisories/2008/2123/references
http://www.vupen.com/english/advisories/2008/2139/references
http://www.vupen.com/english/advisories/2008/2166/references
http://www.vupen.com/english/advisories/2008/2195/references
http://www.vupen.com/english/advisories/2008/2196/references
http://www.vupen.com/english/advisories/2008/2197/references
http://www.vupen.com/english/advisories/2008/2268
http://www.vupen.com/english/advisories/2008/2291
http://www.vupen.com/english/advisories/2008/2334
http://www.vupen.com/english/advisories/2008/2342
http://www.vupen.com/english/advisories/2008/2377
http://www.vupen.com/english/advisories/2008/2383
http://www.vupen.com/english/advisories/2008/2384
http://www.vupen.com/english/advisories/2008/2466
http://www.vupen.com/english/advisories/2008/2467
http://www.vupen.com/english/advisories/2008/2482
http://www.vupen.com/english/advisories/2008/2525
http://www.vupen.com/english/advisories/2008/2549
http://www.vupen.com/english/advisories/2008/2558
http://www.vupen.com/english/advisories/2008/2582
http://www.vupen.com/english/advisories/2008/2584
http://www.vupen.com/english/advisories/2009/0297
http://www.vupen.com/english/advisories/2009/0311
http://www.vupen.com/english/advisories/2010/0622
XF http://xforce.iss.net/xforce/xfdb/43334
http://xforce.iss.net/xforce/xfdb/43637

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
DateInformations
2014-03-06 13:21:22
  • Multiple Updates
2014-02-17 10:44:22
  • Multiple Updates
2014-01-19 21:24:54
  • Multiple Updates
2013-11-11 12:37:52
  • Multiple Updates
2013-05-16 17:02:28
  • Multiple Updates
2013-05-11 00:13:17
  • Multiple Updates
2012-11-27 13:27:57
  • Multiple Updates