Oracle
These signatures detect unusual and potentually malicous oracle traffic.

These signatures may generate false positive alarms on networks that do oracle development. If you use an Oracle based web application, you should set the destination port to 80 to catch attackers attempting to exploit your web application.