#alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET DELETED Adobe Flash 0Day Exploit Attempt"; flow:established,from_server; content:"CWS|09|"; content:"|BA D5 19 5D 86 67 D5 8E 7F BC D0 3C 6E D8 E2 17 16 E8 3A 9F CF 59 B8 7B F6|"; distance:16; reference:url,www.exploit-db.com/exploits/13787/; reference:url,doc.emergingthreats.net/2011672; classtype:misc-attack; sid:2011672; rev:4;)

Added 2012-03-13 14:42:38 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Adobe Flash 0Day Exploit Attempt"; flow:established,from_server; content:"CWS|09|"; content:"|BA D5 19 5D 86 67 D5 8E 7F BC D0 3C 6E D8 E2 17 16 E8 3A 9F CF 59 B8 7B F6|"; distance:16; reference:url,www.exploit-db.com/exploits/13787/; reference:url,doc.emergingthreats.net/2011672; classtype:misc-attack; sid:2011672; rev:4;)

Added 2011-10-12 19:32:22 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Adobe Flash 0Day Exploit Attempt"; flow:established,from_server; content:"CWS|09|"; content:"|BA D5 19 5D 86 67 D5 8E 7F BC D0 3C 6E D8 E2 17 16 E8 3A 9F CF 59 B8 7B F6|"; distance:16; classtype:misc-attack; reference:url,www.exploit-db.com/exploits/13787/; reference:url,doc.emergingthreats.net/2011672; sid:2011672; rev:4;)

Added 2011-09-14 22:45:11 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Adobe Flash 0Day Exploit Attempt"; flow:established,from_server; content:"CWS|09|"; content:"|BA D5 19 5D 86 67 D5 8E 7F BC D0 3C 6E D8 E2 17 16 E8 3A 9F CF 59 B8 7B F6|"; distance:16; classtype:misc-attack; reference:url,www.exploit-db.com/exploits/13787/; reference:url,doc.emergingthreats.net/2011672; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe; sid:2011672; rev:4;)

Added 2011-02-04 17:31:26 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Adobe Flash 0Day Exploit Attempt"; flow:established,from_server; content:"CWS|09|"; content:"|BA D5 19 5D 86 67 D5 8E 7F BC D0 3C 6E D8 E2 17 16 E8 3A 9F CF 59 B8 7B F6|"; distance:16; classtype:misc-attack; reference:url,www.exploit-db.com/exploits/13787/; reference:url,doc.emergingthreats.net/2011672; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe; sid:2011672; rev:2;)

Added 2010-06-14 14:30:59 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Adobe Flash 0Day Exploit Attempt"; flow:established,from_server; content:"CWS|09|"; content:"|BA D5 19 5D 86 67 D5 8E 7F BC D0 3C 6E D8 E2 17 16 E8 3A 9F CF 59 B8 7B F6|"; distance:16; classtype:misc-attack; reference:url,www.exploit-db.com/exploits/13787/; reference:url,doc.emergingthreats.net/2011672; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe; sid:2011672; rev:2;)

Added 2010-06-14 14:30:59 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Adobe Flash 0Day Exploit Attempt"; flow:established,from_server; content:"CWS|09|"; content:"|BA D5 19 5D 86 67 D5 8E 7F BC D0 3C 6E D8 E2 17 16 E8 3A 9F CF 59 B8 7B F6|"; distance:16; classtype:misc-attack; reference:url,www.exploit-db.com/exploits/13787/; sid:2011672; rev:1;)

Added 2010-06-14 14:15:58 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET CURRENT_EVENTS MALWARE Fake AV Web Page Related Request"; flow:established,to_server; uricontent:"&UL="; nocase; uricontent:"&ACT="; nocase; uricontent:"&BUILD="; nocase; uricontent:"&STRMVER="; nocase; uricontent:"&CAPREQ="; nocase; classtype:trojan-activity; sid:2011672; rev:1;)

Added 2010-06-10 16:31:01 UTC


Topic revision: r1 - 2012-03-13 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats