EditAttachPrintable
r1 - 18 May 2008 - 23:52:13 - TWikiGuestYou are here: TWiki >  Main Web > 2000005

alert tcp $EXTERNAL_NET any -> $HOME_NET 23 (msg:"ET EXPLOIT Cisco Telnet Buffer Overflow"; flow: to_server,established; content:"|3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 61 7e 20 25 25 25 25 25 58 58|"; threshold: type limit, track by_src, count 1, seconds 120; reference:url,www.cisco.com/warp/public/707/cisco-sn-20040326-exploits.shtml; classtype: attempted-dos; sid: 2000005; rev:6;)

Added 2008-05-18 19:52:13 UTC

 

alert tcp $EXTERNAL_NET any -> $HOME_NET 23 (msg:"ET EXPLOIT Cisco Telnet Buffer Overflow"; flow: to_server,established; content:"|3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 61 7e 20 25 25 25 25 25 58 58|"; threshold: type limit, track by_src, count 1, seconds 120; reference:url,www.cisco.com/warp/public/707/cisco-sn-20040326-exploits.shtml; classtype: attempted-dos; sid: 2000005; rev:6;)

Added 2008-05-18 19:52:13 UTC

alert tcp any any -> $HOME_NET 23 (msg:"ET EXPLOIT Cisco Telnet Buffer Overflow"; flow: to_server,established; content:"|3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 61 7e 20 25 25 25 25 25 58 58|"; threshold: type limit, track by_src, count 1, seconds 120; reference:url,www.cisco.com/warp/public/707/cisco-sn-20040326-exploits.shtml; classtype: attempted-dos; sid: 2000005; rev:5;)

Added 2008-01-25 10:56:37 UTC

alert tcp any any -> $HOME_NET 23 (msg:"ET EXPLOIT Cisco Telnet Buffer Overflow"; flow: to_server,established; content:"|3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 61 7e 20 25 25 25 25 25 58 58|"; threshold: type limit, track by_src, count 1, seconds 120; reference:url,www.cisco.com/warp/public/707/cisco-sn-20040326-exploits.shtml; classtype: attempted-dos; sid: 2000005; rev:5;)

Added 2008-01-25 10:56:37 UTC

alert tcp any any -> $HOME_NET 23 (msg: "BLEEDING-EDGE EXPLOIT Cisco Telnet Buffer Overflow"; flow: to_server,established; content:"|3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 61 7e 20 25 25 25 25 25 58 58|"; threshold: type limit, track by_src, count 1, seconds 120; reference:url,www.cisco.com/warp/public/707/cisco-sn-20040326-exploits.shtml; classtype: attempted-dos; sid: 2000005; rev:4; )

Edit | Attach | Printable | Raw View | Backlinks: Web, All Webs | History: r1 | More topic actions
 
Emerging Threats
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback