#alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET EXPLOIT libpng CAN-2004-1244 overflow attempt"; flow: to_client,established; content:"|89|PNG|0D 0A 1A 0A 00 00 00 0D|IHDR"; byte_test:1,=,3,10,relative;content:"tRNS"; byte_test:4,>,256,-8,relative;pcre:"/IHDR(?!.*?PLTE).*?tRNS/s"; reference:cve,2004-0597; reference:bugtraq,10872; classtype: attempted-admin; reference:url,doc.emergingthreats.net/bin/view/Main/2001724; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_MS_PNG; sid: 2001724; rev:6;)

Added 2009-02-07 22:00:25 UTC


#alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET EXPLOIT libpng CAN-2004-1244 overflow attempt"; flow: to_client,established; content:"|89|PNG|0D 0A 1A 0A 00 00 00 0D|IHDR"; byte_test:1,=,3,10,relative;content:"tRNS"; byte_test:4,>,256,-8,relative;pcre:"/IHDR(?!.*?PLTE).*?tRNS/s"; reference:cve,2004-0597; reference:bugtraq,10872; classtype: attempted-admin; reference:url,doc.emergingthreats.net/bin/view/Main/2001724; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_MS_PNG; sid: 2001724; rev:6;)

Added 2009-02-07 22:00:25 UTC


#alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET EXPLOIT libpng CAN-2004-1244 overflow attempt"; flow: to_client,established; content:"|89|PNG|0D 0A 1A 0A 00 00 00 0D|IHDR"; byte_test:1,=,3,10,relative;content:"tRNS"; byte_test:4,>,256,-8,relative;pcre:"/IHDR(?!.*?PLTE).*?tRNS/s"; reference:cve,2004-0597; reference:bugtraq,10872; classtype: attempted-admin; sid: 2001724; rev:5;)

Added 2008-01-25 10:56:38 UTC


#alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET EXPLOIT libpng CAN-2004-1244 overflow attempt"; flow: to_client,established; content:"|89|PNG|0D 0A 1A 0A 00 00 00 0D|IHDR"; byte_test:1,=,3,10,relative;content:"tRNS"; byte_test:4,>,256,-8,relative;pcre:"/IHDR(?!.*?PLTE).*?tRNS/s"; reference:cve,2004-0597; reference:bugtraq,10872; classtype: attempted-admin; sid: 2001724; rev:5;)

Added 2008-01-25 10:56:38 UTC


#alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg: "BLEEDING-EDGE EXPLOIT libpng CAN-2004-1244 overflow attempt"; flow: to_client,established; content:"|89|PNG|0D 0A 1A 0A 00 00 00 0D|IHDR"; byte_test:1,=,3,10,relative;content:"tRNS"; byte_test:4,>,256,-8,relative;pcre:"/IHDR(?!.*?PLTE).*?tRNS/s"; reference:cve,2004-0597; reference:bugtraq,10872; classtype: attempted-admin; sid: 2001724; rev:4; )



Topic revision: r1 - 2009-02-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats