alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX Sony DRM - Uninstaller CLSID"; flow:from_server,established; content:"CLSID"; nocase; pcre:"/1F1EB85B-0FE9-401D-BC53-10803CF880A7|7965A6FD-B383-4658-A8E0-C78DCF2D0E63|9A60A782-282B-4D69-9B2A-0945D588A125|80E8743E-8AC5-46F1-96A0-59FA30740C51/Ri"; reference:url,www.freedom-to-tinker.com/?p=931; reference:url,www.frsirt.com/english/advisories/2005/2493; reference:url,www.microsoft.com/technet/security/bulletin/ms05-054.mspx; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2002680; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Sony_DRM; sid:2002680; rev:7;)

Added 2009-02-16 21:46:09 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX Sony DRM - Uninstaller CLSID"; flow:from_server,established; content:"CLSID"; nocase; pcre:"/1F1EB85B-0FE9-401D-BC53-10803CF880A7|7965A6FD-B383-4658-A8E0-C78DCF2D0E63|9A60A782-282B-4D69-9B2A-0945D588A125|80E8743E-8AC5-46F1-96A0-59FA30740C51/Ri"; reference:url,www.freedom-to-tinker.com/?p=931; reference:url,www.frsirt.com/english/advisories/2005/2493; reference:url,www.microsoft.com/technet/security/bulletin/ms05-054.mspx; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2002680; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Sony_DRM; sid:2002680; rev:7;)

Added 2009-02-16 21:46:09 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX Sony DRM - Uninstaller CLSID"; flow:from_server,established; content:"CLSID"; nocase; pcre:"/1F1EB85B-0FE9-401D-BC53-10803CF880A7|7965A6FD-B383-4658-A8E0-C78DCF2D0E63|9A60A782-282B-4D69-9B2A-0945D588A125|80E8743E-8AC5-46F1-96A0-59FA30740C51/Ri"; reference:url,www.freedom-to-tinker.com/?p=931; reference:url,www.frsirt.com/english/advisories/2005/2493; reference:url,www.microsoft.com/technet/security/bulletin/ms05-054.mspx; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2002680; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Sony_DRM; sid:2002680; rev:7;)

Added 2009-02-16 21:45:24 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX Sony DRM - Uninstaller CLSID"; flow:from_server,established; content:"CLSID"; nocase; pcre:"/1F1EB85B-0FE9-401D-BC53-10803CF880A7|7965A6FD-B383-4658-A8E0-C78DCF2D0E63|9A60A782-282B-4D69-9B2A-0945D588A125|80E8743E-8AC5-46F1-96A0-59FA30740C51/Ri"; reference:url,www.freedom-to-tinker.com/?p=931; reference:url,www.frsirt.com/english/advisories/2005/2493; reference:url,www.microsoft.com/technet/security/bulletin/ms05-054.mspx; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2002680; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Sony_DRM; sid:2002680; rev:7;)

Added 2009-02-16 21:45:24 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX Sony DRM - Uninstaller CLSID"; flow:from_server,established; content:"CLSID"; nocase; pcre:"/1F1EB85B-0FE9-401D-BC53-10803CF880A7|7965A6FD-B383-4658-A8E0-C78DCF2D0E63|9A60A782-282B-4D69-9B2A-0945D588A125|80E8743E-8AC5-46F1-96A0-59FA30740C51/Ri"; reference:url,www.freedom-to-tinker.com/?p=931; reference:url,www.frsirt.com/english/advisories/2005/2493; reference:url,www.microsoft.com/technet/security/bulletin/ms05-054.mspx; classtype:web-application-attack; sid:2002680; rev:6;)

Added 2008-11-25 09:49:36 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX Sony DRM - Uninstaller CLSID"; flow:from_server,established; content:"CLSID"; nocase; pcre:"/1F1EB85B-0FE9-401D-BC53-10803CF880A7|7965A6FD-B383-4658-A8E0-C78DCF2D0E63|9A60A782-282B-4D69-9B2A-0945D588A125|80E8743E-8AC5-46F1-96A0-59FA30740C51/Ri"; reference:url,www.freedom-to-tinker.com/?p=931; reference:url,www.frsirt.com/english/advisories/2005/2493; reference:url,www.microsoft.com/technet/security/bulletin/ms05-054.mspx; classtype:web-application-attack; sid:2002680; rev:6;)

Added 2008-11-25 09:49:36 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX Sony DRM - Uninstaller CLSID"; flow:from_server,established; content:"CLSID"; nocase; pcre:"/1F1EB85B-0FE9-401D-BC53-10803CF880A7|7965A6FD-B383-4658-A8E0-C78DCF2D0E63|9A60A782-282B-4D69-9B2A-0945D588A125|80E8743E-8AC5-46F1-96A0-59FA30740C51/Ri"; reference:url,www.freedom-to-tinker.com/?p=931; reference:url,www.frsirt.com/english/advisories/2005/2493; reference:url,www.microsoft.com/technet/security/bulletin/ms05-054.mspx; classtype:web-application-attack; sid:2002680; rev:6;)

Added 2008-11-25 09:45:22 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX Sony DRM - Uninstaller CLSID"; flow:from_server,established; content:"CLSID"; nocase; pcre:"/1F1EB85B-0FE9-401D-BC53-10803CF880A7|7965A6FD-B383-4658-A8E0-C78DCF2D0E63|9A60A782-282B-4D69-9B2A-0945D588A125|80E8743E-8AC5-46F1-96A0-59FA30740C51/Ri"; reference:url,www.freedom-to-tinker.com/?p=931; reference:url,www.frsirt.com/english/advisories/2005/2493; reference:url,www.microsoft.com/technet/security/bulletin/ms05-054.mspx; classtype:web-application-attack; sid:2002680; rev:6;)

Added 2008-11-25 09:45:22 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET MALWARE Sony DRM - Uninstaller CLSID"; flow:from_server,established; content:"CLSID"; nocase; pcre:"/1F1EB85B-0FE9-401D-BC53-10803CF880A7|7965A6FD-B383-4658-A8E0-C78DCF2D0E63|9A60A782-282B-4D69-9B2A-0945D588A125|80E8743E-8AC5-46F1-96A0-59FA30740C51/Ri"; reference:url,www.freedom-to-tinker.com/?p=931; reference:url,www.frsirt.com/english/advisories/2005/2493; reference:url,www.microsoft.com/technet/security/bulletin/ms05-054.mspx; classtype:web-application-attack; sid:2002680; rev:5;)

Added 2008-01-28 17:24:19 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET MALWARE Sony DRM - Uninstaller CLSID"; flow:from_server,established; content:"CLSID"; nocase; pcre:"/1F1EB85B-0FE9-401D-BC53-10803CF880A7|7965A6FD-B383-4658-A8E0-C78DCF2D0E63|9A60A782-282B-4D69-9B2A-0945D588A125|80E8743E-8AC5-46F1-96A0-59FA30740C51/Ri"; reference:url,www.freedom-to-tinker.com/?p=931; reference:url,www.frsirt.com/english/advisories/2005/2493; reference:url,www.microsoft.com/technet/security/bulletin/ms05-054.mspx; classtype:web-application-attack; sid:2002680; rev:5;)

Added 2008-01-28 17:24:19 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"BLEEDING-EDGE Malware Sony DRM - Uninstaller CLSID"; flow:from_server,established; content:"CLSID"; nocase; pcre:"/1F1EB85B-0FE9-401D-BC53-10803CF880A7|7965A6FD-B383-4658-A8E0-C78DCF2D0E63|9A60A782-282B-4D69-9B2A-0945D588A125|80E8743E-8AC5-46F1-96A0-59FA30740C51/Ri"; reference:url,www.freedom-to-tinker.com/?p=931; reference:url,www.frsirt.com/english/advisories/2005/2493; reference:url,www.microsoft.com/technet/security/bulletin/ms05-054.mspx; classtype:web-application-attack; sid:2002680; rev:4;)



Topic revision: r1 - 2009-02-17 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats