#alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT RealVNC? Authentication Bypass Attempt"; flowbits:isset,BSvnc.auth.offered; flow:established; dsize:1; content:"|01|"; depth:1; flowbits:set,BSvnc.null.auth.sent; reference:url,secunia.com/advisories/20107/; reference:url,archives.neohapsis.com/archives/fulldisclosure/2006-05/0356.html; reference:cve,2006-2369; reference:url,doc.emergingthreats.net/bin/view/Main/2002916; classtype:attempted-admin; sid:2002916; rev:6;)

Added 2011-10-12 19:12:30 UTC


#alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT RealVNC? Authentication Bypass Attempt"; flowbits:isset,BSvnc.auth.offered; flow:established; dsize:1; content:"|01|"; depth:1; flowbits:set,BSvnc.null.auth.sent; classtype:attempted-admin; reference:url,secunia.com/advisories/20107/; reference:url,archives.neohapsis.com/archives/fulldisclosure/2006-05/0356.html; reference:cve,2006-2369; reference:url,doc.emergingthreats.net/bin/view/Main/2002916; sid:2002916; rev:6;)

Added 2011-09-14 22:25:27 UTC


#alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT RealVNC? Authentication Bypass Attempt"; flowbits:isset,BSvnc.auth.offered; flow:established; dsize:1; content:"|01|"; depth:1; flowbits:set,BSvnc.null.auth.sent; classtype:attempted-admin; reference:url,secunia.com/advisories/20107/; reference:url,archives.neohapsis.com/archives/fulldisclosure/2006-05/0356.html; reference:cve,2006-2369; reference:url,doc.emergingthreats.net/bin/view/Main/2002916; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC; sid:2002916; rev:6;)

Added 2011-02-04 17:22:08 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT RealVNC? Authentication Bypass Attempt"; flowbits:isset,BSvnc.auth.offered; flow:established; dsize:1; content:"|01|"; depth:1; flowbits:set,BSvnc.null.auth.sent; classtype:attempted-admin; reference:url,secunia.com/advisories/20107/; reference:url,archives.neohapsis.com/archives/fulldisclosure/2006-05/0356.html; reference:cve,2006-2369; reference:url,doc.emergingthreats.net/bin/view/Main/2002916; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC; sid:2002916; rev:6;)

Added 2009-02-07 22:00:26 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT RealVNC? Authentication Bypass Attempt"; flowbits:isset,BSvnc.auth.offered; flow:established; dsize:1; content:"|01|"; depth:1; flowbits:set,BSvnc.null.auth.sent; classtype:attempted-admin; reference:url,secunia.com/advisories/20107/; reference:url,archives.neohapsis.com/archives/fulldisclosure/2006-05/0356.html; reference:cve,2006-2369; reference:url,doc.emergingthreats.net/bin/view/Main/2002916; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_RealVNC; sid:2002916; rev:6;)

Added 2009-02-07 22:00:26 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT RealVNC? Authentication Bypass Attempt"; flowbits:isset,BSvnc.auth.offered; flow:established; dsize:1; content:"|01|"; depth:1; flowbits:set,BSvnc.null.auth.sent; classtype:attempted-admin; reference:url,secunia.com/advisories/20107/; reference:url,archives.neohapsis.com/archives/fulldisclosure/2006-05/0356.html; reference:cve,2006-2369; sid:2002916; rev:5;)

Added 2008-10-06 17:00:21 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT RealVNC? Authentication Bypass Attempt"; flowbits:isset,BSvnc.auth.offered; flow:established; dsize:1; content:"|01|"; depth:1; flowbits:set,BSvnc.null.auth.sent; classtype:attempted-admin; reference:url,secunia.com/advisories/20107/; reference:url,archives.neohapsis.com/archives/fulldisclosure/2006-05/0356.html; reference:cve,2006-2369; sid:2002916; rev:5;)

Added 2008-10-06 17:00:21 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT RealVNC? Authentication Bypass Attempt"; flowbits:isset,BSvnc.auth.offered; flow:established; dsize:1; content:"|01|"; depth:1; flowbits:set,BSvnc.null.auth.sent; classtype:attempted-admin; reference:url,secunia.com/advisories/20107/; reference:url,archives.neohapsis.com/archives/fulldisclosure/2006-05/0356.html; reference:url,www.cl.cam.ac.uk/Research/DTG/attarchive/vnc/rfbproto.pdf; reference:cve,2006-2369; sid:2002916; rev:4;)

Added 2008-05-18 19:52:13 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT RealVNC? Authentication Bypass Attempt"; flowbits:isset,BSvnc.auth.offered; flow:established; dsize:1; content:"|01|"; depth:1; flowbits:set,BSvnc.null.auth.sent; classtype:attempted-admin; reference:url,secunia.com/advisories/20107/; reference:url,archives.neohapsis.com/archives/fulldisclosure/2006-05/0356.html; reference:url,www.cl.cam.ac.uk/Research/DTG/attarchive/vnc/rfbproto.pdf; reference:cve,2006-2369; sid:2002916; rev:4;)

Added 2008-05-18 19:52:13 UTC


alert tcp any any -> $HOME_NET any (msg:"ET EXPLOIT RealVNC? Authentication Bypass Attempt"; flowbits:isset,BSvnc.auth.offered; flow:established; dsize:1; content:"|01|"; depth:1; flowbits:set,BSvnc.null.auth.sent; classtype:attempted-admin; reference:url,secunia.com/advisories/20107/; reference:url,archives.neohapsis.com/archives/fulldisclosure/2006-05/0356.html; reference:url,www.cl.cam.ac.uk/Research/DTG/attarchive/vnc/rfbproto.pdf; reference:cve,2006-2369; sid:2002916; rev:3;)

Added 2008-01-25 10:56:38 UTC


alert tcp any any -> $HOME_NET any (msg:"ET EXPLOIT RealVNC? Authentication Bypass Attempt"; flowbits:isset,BSvnc.auth.offered; flow:established; dsize:1; content:"|01|"; depth:1; flowbits:set,BSvnc.null.auth.sent; classtype:attempted-admin; reference:url,secunia.com/advisories/20107/; reference:url,archives.neohapsis.com/archives/fulldisclosure/2006-05/0356.html; reference:url,www.cl.cam.ac.uk/Research/DTG/attarchive/vnc/rfbproto.pdf; reference:cve,2006-2369; sid:2002916; rev:3;)

Added 2008-01-25 10:56:38 UTC


alert tcp any any -> $HOME_NET any (msg:"BLEEDING-EDGE EXPLOIT RealVNC? Authentication Bypass Attempt"; flowbits:isset,BSvnc.auth.offered; flow:established; dsize:1; content:"|01|"; depth:1; flowbits:set,BSvnc.null.auth.sent; classtype:attempted-admin; reference:url,secunia.com/advisories/20107/; reference:url,archives.neohapsis.com/archives/fulldisclosure/2006-05/0356.html; reference:url,www.cl.cam.ac.uk/Research/DTG/attarchive/vnc/rfbproto.pdf; reference:cve,2006-2369; sid:2002916; rev:2;)



Topic revision: r1 - 2011-10-12 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats