Vulnerability Exploit IDS Signatures

From SCADApedia

The Vulnerability Exploit IDS Signatures are part of Digital Bond's SCADA IDS Signature research project. The signatures, or rules in Snort parlance, are written for Snort and some or all of the SCADA signatures have been integrated into most commercial IDS/IPS products.

This category of IDS signatures are written to identify exploit attacks related to disclosed vulnerabilities on control system applications or devices. The Vulnerability Exploit IDS Signatures currently available are listed in the table below.

SID	Message	Summary
1111601	CitectSCADA ODBC Overflow Attempt	Buffer overflow exploit attempt for the ODBC service of CitectSCADA
1111602	WonderWare SuiteLink DOS Attempt	Remote DOS attempt related to CVE-2008-2005
1111603	RealWin INFOTAG/SET_CONTROL Packet Processing Buffer Overflow	Buffer overflow exploit attempt for CVE-2008-4322

[edit]

External Links

Download SCADA IDS Signatures

Vulnerability Exploit Signatures Full Documentation Pages

Retrieved from "http://www.digitalbond.com/wiki/index.php/Vulnerability_Exploit_IDS_Signatures"

Vulnerability Exploit IDS Signatures

From SCADApedia

External Links

Views

Personal tools

Navigation

Search

Toolbox