Main Web#alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET DELETED Microsoft DirectShow? ActiveX? Exploit Attempt"; flow:to_client,established; file_data; content:"clsid"; nocase; content:"0955AC62-BF2E-4CBA-A2B9-A63F772D46CF"; nocase; distance:0; content:"omybro"; nocase; distance:0; content:"logo.gif"; nocase; distance:0; reference:url,csis.dk/dk/nyheder/nyheder.asp?tekstID=799; reference:url,tools.cisco.com/security/center/viewAlert.x?alertId=18595; reference:url,doc.emergingthreats.net/2009491; classtype:web-application-attack; sid:2009491; rev:5;) Added 2011-10-12 19:27:29 UTC
#alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET DELETED Microsoft DirectShow? ActiveX? Exploit Attempt"; flow:to_client,established; file_data; content:"clsid"; nocase; content:"0955AC62-BF2E-4CBA-A2B9-A63F772D46CF"; nocase; distance:0; content:"omybro"; nocase; distance:0; content:"logo.gif"; nocase; distance:0; classtype:web-application-attack; reference:url,csis.dk/dk/nyheder/nyheder.asp?tekstID=799; reference:url,tools.cisco.com/security/center/viewAlert.x?alertId=18595; reference:url,doc.emergingthreats.net/2009491; sid:2009491; rev:5;) Added 2011-09-14 22:40:51 UTC
#alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET DELETED Microsoft DirectShow? ActiveX? Exploit Attempt"; flow:to_client,established; file_data; content:"clsid"; nocase; content:"0955AC62-BF2E-4CBA-A2B9-A63F772D46CF"; nocase; distance:0; content:"omybro"; nocase; distance:0; content:"logo.gif"; nocase; distance:0; classtype:web-application-attack; reference:url,csis.dk/dk/nyheder/nyheder.asp?tekstID=799; reference:url,tools.cisco.com/security/center/viewAlert.x?alertId=18595; reference:url,doc.emergingthreats.net/2009491; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_MSVidCtl; sid:2009491; rev:5;) Added 2011-02-04 17:28:50 UTC
alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Microsoft DirectShow? ActiveX? Exploit Attempt"; flow:to_client,established; content:"clsid"; nocase; content:"0955AC62-BF2E-4CBA-A2B9-A63F772D46CF"; nocase; content:"omybro"; nocase; content:"logo.gif"; nocase; reference:url,csis.dk/dk/nyheder/nyheder.asp?tekstID=799; reference:url,tools.cisco.com/security/center/viewAlert.x?alertId=18595; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2009491; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_MSVidCtl; sid:2009491; rev:3;) Added 2009-07-08 19:45:40 UTC
alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Microsoft DirectShow? ActiveX? Exploit Attempt"; flow:to_client,established; content:"clsid"; nocase; content:"0955AC62-BF2E-4CBA-A2B9-A63F772D46CF"; nocase; content:"omybro"; nocase; content:"logo.gif"; nocase; reference:url,csis.dk/dk/nyheder/nyheder.asp?tekstID=799; reference:url,tools.cisco.com/security/center/viewAlert.x?alertId=18595; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2009491; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_MSVidCtl; sid:2009491; rev:3;) Added 2009-07-08 19:45:40 UTC
alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Microsoft DirectShow? ActiveX? Exploit Attempt"; flow:to_client,established; content:"clsid"; nocase; content:"0955AC62-BF2E-4CBA-A2B9-A63F772D46CF"; nocase; content:"omybro"; nocase; content:"logo.gif"; nocase; reference:url,csis.dk/dk/nyheder/nyheder.asp?tekstID=799; reference:url,tools.cisco.com/security/center/viewAlert.x?alertId=18595; classtype:web-application-attack; sid:2009491; rev:2;) Added 2009-07-06 11:00:35 UTC
alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Microsoft DirectShow? ActiveX? Exploit Attempt"; flow:to_client,established; content:"clsid"; nocase; content:"0955AC62-BF2E-4CBA-A2B9-A63F772D46CF"; nocase; content:"omybro"; nocase; content:"logo.gif"; nocase; reference:url,csis.dk/dk/nyheder/nyheder.asp?tekstID=799; reference:url,tools.cisco.com/security/center/viewAlert.x?alertId=18595; classtype:web-application-attack; sid:2009491; rev:2;) Added 2009-07-06 11:00:35 UTC
alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Microsoft DirectShow? ActiveX? Exploit Attempt"; flow:to_client,established; content:"clsid"; nocase; content:"0955AC62-BF2E-4CBA-A2B9-A63F772D46CF"; nocase; content:"omybro"; nocase; content:"logo.gif"; nocase; reference:url,csis.dk/dk/nyheder/nyheder.asp?tekstID=799; classtype:web-application-attack; sid:2009491; rev:1;) Added 2009-07-06 10:00:35 UTC
Main Web
Create New Topic
Index
Search
Changes
Preferences- User Reference
- ATasteOfTWiki
- TextFormattingRules
- Signature Reference
- WebRss Feed
- EmergingFAQ
 |
|
Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding TWiki? Send feedback