#alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_CLIENT Flash Player Flash6.ocx AllowScriptAccess? Denial of Service"; flow:established,to_client; content:"clsid"; nocase; content:"D27CDB6E-AE6D-11cf-96B8-444553540000"; nocase; content:"AllowScriptAccess"; distance:0; pcre:"/<object\s*[^>]*\s*classid\s*=\s*(\x22|\x27)\s*clsid\s*\x3a\s*{?\s*D27CDB6E-AE6D-11cf-96B8-444553540000\s*}?(.*)\>/si"; reference:url,www.exploit-db.com/exploits/15698/; classtype:attempted-dos; sid:2012056; rev:2; metadata:affected_product Web_Browsers, affected_product Web_Browser_Plugins, attack_target Client_Endpoint, deployment Perimeter, tag Web_Client_Attacks, signature_severity Major, created_at 2010_12_15, updated_at 2016_07_01;)

Added 2017-08-07 21:05:08 UTC


#alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_CLIENT Flash Player Flash6.ocx AllowScriptAccess? Denial of Service"; flow:established,to_client; content:"clsid"; nocase; content:"D27CDB6E-AE6D-11cf-96B8-444553540000"; nocase; content:"AllowScriptAccess"; distance:0; pcre:"/<object\s*[^>]*\s*classid\s*=\s*(\x22|\x27)\s*clsid\s*\x3a\s*{?\s*D27CDB6E-AE6D-11cf-96B8-444553540000\s*}?(.*)\>/si"; reference:url,www.exploit-db.com/exploits/15698/; classtype:attempted-dos; sid:2012056; rev:1;)

Added 2011-10-12 19:33:22 UTC


#alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_CLIENT Flash Player Flash6.ocx AllowScriptAccess? Denial of Service"; flow:established,to_client; content:"clsid"; nocase; content:"D27CDB6E-AE6D-11cf-96B8-444553540000"; nocase; content:"AllowScriptAccess"; distance:0; pcre:"/<object\s*[^>]*\s*classid\s*=\s*(\x22|\x27)\s*clsid\s*\x3a\s*{?\s*D27CDB6E-AE6D-11cf-96B8-444553540000\s*}?(.*)\>/si"; classtype:attempted-dos; reference:url,www.exploit-db.com/exploits/15698/; sid:2012056; rev:1;)

Added 2011-04-04 13:43:20 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_CLIENT Flash Player Flash6.ocx AllowScriptAccess? Denial of Service"; flow:established,to_client; content:"clsid"; nocase; content:"D27CDB6E-AE6D-11cf-96B8-444553540000"; nocase; content:"AllowScriptAccess"; distance:0; pcre:"/<object\s*[^>]*\s*classid\s*=\s*(\x22|\x27)\s*clsid\s*\x3a\s*{?\s*D27CDB6E-AE6D-11cf-96B8-444553540000\s*}?(.*)\>/si"; classtype:attempted-dos; reference:url,www.exploit-db.com/exploits/15698/; sid:2012056; rev:1;)

Added 2011-04-02 15:59:21 UTC


Topic revision: r1 - 2017-08-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats