#alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET DELETED MALWARE Potential exploit redirect, in.cgi pepsi"; flow:established,to_server; content:"ts/in.cgi?pepsi"; nocase; http_uri; pcre:"/ts\/in\.cgi\?pepsi\d+/Ui"; reference:url,malwareurl.com; reference:url,doc.emergingthreats.net/2010222; classtype:bad-unknown; sid:2010222; rev:5;)

Added 2011-10-12 19:29:15 UTC


#alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET DELETED MALWARE Potential exploit redirect, in.cgi pepsi"; flow:established,to_server; content:"ts/in.cgi?pepsi"; nocase; http_uri; pcre:"/ts\/in\.cgi\?pepsi\d+/Ui"; classtype:bad-unknown; reference:url,malwareurl.com; reference:url,doc.emergingthreats.net/2010222; sid:2010222; rev:5;)

Added 2011-09-14 22:42:29 UTC


#alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET DELETED MALWARE Potential exploit redirect, in.cgi pepsi"; flow:established,to_server; content:"ts/in.cgi?pepsi"; nocase; http_uri; pcre:"/ts\/in\.cgi\?pepsi\d+/Ui"; classtype:bad-unknown; reference:url,malwareurl.com; reference:url,doc.emergingthreats.net/2010222; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Malwareurl_top_downloads; sid:2010222; rev:5;)

Added 2011-02-04 17:29:41 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET CURRENT_EVENTS MALWARE Potential exploit redirect, in.cgi pepsi"; flow:established,to_server; uricontent:"ts/in.cgi?pepsi"; pcre:"/ts\/in\.cgi\?pepsi\d+/U"; classtype:bad-unknown; reference:url,malwareurl.com; reference:url,doc.emergingthreats.net/2010222; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Malwareurl_top_downloads; sid:2010222; rev:2;)

Added 2009-11-02 20:30:41 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET CURRENT_EVENTS MALWARE Potential exploit redirect, in.cgi pepsi"; flow:established,to_server; uricontent:"ts/in.cgi?pepsi"; pcre:"/ts\/in\.cgi\?pepsi\d+/U"; classtype:bad-unknown; reference:url,malwareurl.com; reference:url,doc.emergingthreats.net/2010222; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Malwareurl_top_downloads; sid:2010222; rev:2;)

Added 2009-11-02 20:30:41 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET CURRENT_EVENTS MALWARE Potential exploit redirect, in.cgi pepsi"; flow:established,to_server; uricontent:"ts/in.cgi?pepsi"; pcre:"/ts\/in\.cgi\?pepsi\d+/U"; classtype:bad-unknown; reference:url,malwareurl.com; reference:url,doc.emergingthreats.net/2010222; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Malwareurl_top_downloads; sid:2010222; rev:2;)

Added 2009-11-02 20:26:37 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET CURRENT_EVENTS MALWARE Potential exploit redirect, in.cgi pepsi"; flow:established,to_server; uricontent:"ts/in.cgi?pepsi"; pcre:"/ts\/in\.cgi\?pepsi\d+/U"; classtype:bad-unknown; reference:url,malwareurl.com; reference:url,doc.emergingthreats.net/2010222; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Malwareurl_top_downloads; sid:2010222; rev:2;)

Added 2009-11-02 20:26:37 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET CURRENT_EVENTS MALWARE Potential exploit redirect, in.cgi pepsi"; flow:established,to_server; uricontent:"ts/in.cgi?pepsi"; pcre:"/ts\/in\.cgi\?pepsi\d+/U"; classtype:bad-unknown; reference:url,malwareurl.com; sid:2010222; rev:1;)

Added 2009-11-02 16:45:47 UTC


Topic revision: r1 - 2011-10-12 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats