#alert tcp any any -> $HOME_NET [139,445] (msg:"ET EXPLOIT GsecDump? executed"; flow:to_server,established; content:"|67 00 73 00 65 00 63 00 64 00 75 00 6d 00 70 00 2e 00 65 00 78 00 65|"; reference:url,xinn.org/Snort-gsecdump.html; reference:url,doc.emergingthreats.net/2010783; classtype:suspicious-filename-detect; sid:2010783; rev:3; metadata:created_at 2010_07_30, updated_at 2010_07_30;)

Added 2017-10-30 18:17:37 UTC


#alert tcp any any -> $HOME_NET [139,445] (msg:"ET EXPLOIT GsecDump? executed"; flow:to_server,established; content:"|67 00 73 00 65 00 63 00 64 00 75 00 6d 00 70 00 2e 00 65 00 78 00 65|"; reference:url,xinn.org/Snort-gsecdump.html; reference:url,doc.emergingthreats.net/2010783; classtype:suspicious-filename-detect; sid:2010783; rev:3; metadata:created_at 2010_07_30, updated_at 2010_07_30;)

Added 2017-10-30 16:39:46 UTC


alert tcp any any -> $HOME_NET [139,445] (msg:"ET EXPLOIT GsecDump? executed"; flow:to_server,established; content:"|67 00 73 00 65 00 63 00 64 00 75 00 6d 00 70 00 2e 00 65 00 78 00 65|"; reference:url,xinn.org/Snort-gsecdump.html; reference:url,doc.emergingthreats.net/2010783; classtype:suspicious-filename-detect; sid:2010783; rev:3; metadata:created_at 2010_07_30, updated_at 2010_07_30;)

Added 2017-08-07 21:03:55 UTC


alert tcp any any -> $HOME_NET [139,445] (msg:"ET EXPLOIT GsecDump? executed"; flow:to_server,established; content:"|67 00 73 00 65 00 63 00 64 00 75 00 6d 00 70 00 2e 00 65 00 78 00 65|"; reference:url,xinn.org/Snort-gsecdump.html; reference:url,doc.emergingthreats.net/2010783; classtype:suspicious-filename-detect; sid:2010783; rev:3;)

Added 2011-10-12 19:30:36 UTC


alert tcp any any -> $HOME_NET [139,445] (msg:"ET EXPLOIT GsecDump? executed"; flow:to_server,established; content:"|67 00 73 00 65 00 63 00 64 00 75 00 6d 00 70 00 2e 00 65 00 78 00 65|"; classtype:suspicious-filename-detect; reference:url,xinn.org/Snort-gsecdump.html; reference:url,doc.emergingthreats.net/2010783; sid:2010783; rev:3;)

Added 2011-09-14 22:43:45 UTC


alert tcp any any -> $HOME_NET [139,445] (msg:"ET EXPLOIT GsecDump? executed"; flow:to_server,established; content:"|67 00 73 00 65 00 63 00 64 00 75 00 6d 00 70 00 2e 00 65 00 78 00 65|"; classtype:suspicious-filename-detect; reference:url,xinn.org/Snort-gsecdump.html; reference:url,doc.emergingthreats.net/2010783; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Gsecdump; sid:2010783; rev:3;)

Added 2011-02-04 17:30:26 UTC


alert tcp any any -> $HOME_NET 139:445 (msg:"ET EXPLOIT GsecDump? executed"; flow:to_server,established; content:"|67 00 73 00 65 00 63 00 64 00 75 00 6d 00 70 00 2e 00 65 00 78 00 65|"; reference:url,xinn.org/Snort-gsecdump.html;classtype:suspicious-filename-detect; reference:url,doc.emergingthreats.net/2010783; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Gsecdump; sid:2010783; rev:2;)

Added 2010-02-08 10:25:55 UTC


Topic revision: r1 - 2017-10-30 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats