alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB Chilkat FTP ActiveX? 2.0 ChilkatCert?.dll Insecure Method Vulnerability"; flow:to_client,established; content:"CLSID"; nocase; content:"A934AEE3-8896-485F-8A55-ACF2A87BD010"; nocase; pcre:"/.*\.(ini|exe|dll|bat|com|cab|txt)/i"; content:"SavePkcs8File"; nocase; distance:0; within:40; classtype:web-application-attack; reference:bugtraq,27540; reference:url,www.milw0rm.com/exploits/5028; sid:2007818; rev:2;)

Added 2008-05-18 20:33:02 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB Chilkat FTP ActiveX? 2.0 ChilkatCert?.dll Insecure Method Vulnerability"; flow:to_client,established; content:"CLSID"; nocase; content:"A934AEE3-8896-485F-8A55-ACF2A87BD010"; nocase; pcre:"/.*\.(ini|exe|dll|bat|com|cab|txt)/i"; content:"SavePkcs8File"; nocase; distance:0; within:40; classtype:web-application-attack; reference:bugtraq,27540; reference:url,www.milw0rm.com/exploits/5028; sid:2007818; rev:2;)

Added 2008-05-18 20:33:02 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Chilkat FTP ActiveX? 2.0 ChilkatCert?.dll Insecure Method Vulnerability"; flow:to_client,established; content:"CLSID"; nocase; content:"A934AEE3-8896-485F-8A55-ACF2A87BD010"; nocase; pcre:"/.*\.(ini|exe|dll|bat|com|cab|txt)/i"; content:"SavePkcs8File"; nocase; distance:0; within:40; classtype:web-application-attack; reference:bugtraq,27540; reference:url,www.milw0rm.com/exploits/5028; sid:2007818; rev:1;)

Added 2008-02-06 10:24:10 UTC


Topic revision: r1 - 2008-05-19 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats