alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET POLICY SSL MiTM? Vulnerable iOS 4.x CDMA iPhone device"; flow:established,to_server; content:"Mozilla/5.0 |28|iPhone"; http_header; content:" OS 4_"; http_header; distance:0; content:!"OS 4_2_1 like"; http_header; pcre:"/OS 4_2_[0-9] like/H"; threshold:type limit, count 1, seconds 600, track by_src; reference:url,support.apple.com/kb/HT1222; reference:url,support.apple.com/kb/HT4825; reference:url,en.wikipedia.org/wiki/IOS_version_history; reference:url,github.com/jan0/isslfix; reference:cve,CVE-2011-0228; classtype:not-suspicious; sid:2013408; rev:5;)

Added 2011-10-12 19:36:47 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET POLICY SSL MiTM? Vulnerable iOS 4.x CDMA iPhone device"; flow:established,to_server; content:"Mozilla/5.0 |28|iPhone"; http_header; content:" OS 4_"; http_header; distance:0; content:!"OS 4_2_1 like"; http_header; pcre:"/OS 4_2_[0-9] like/H"; threshold:type limit, count 1, seconds 600, track by_src; classtype:not-suspicious; reference:url,support.apple.com/kb/HT1222; reference:url,support.apple.com/kb/HT4825; reference:url,en.wikipedia.org/wiki/IOS_version_history; reference:url,github.com/jan0/isslfix; reference:cve,CVE-2011-0228; sid:2013408; rev:5;)

Added 2011-09-27 22:24:17 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET POLICY SSL MiTM? Vulnerable iOS 4.x CDMA iPhone device"; flow:established,to_server; content:"Mozilla/5.0 |28|iPhone"; http_header; content:" OS 4_"; http_header; distance:0; content:!"OS 4_2_1 like"; http_header; pcre:"/OS 4_2_[0-9] like/H"; threshold:type limit, count 5, seconds 60, track by_src; classtype:not-suspicious; reference:url,support.apple.com/kb/HT1222; reference:url,support.apple.com/kb/HT4825; reference:url,en.wikipedia.org/wiki/IOS_version_history; reference:url,github.com/jan0/isslfix; reference:cve,CVE-2011-0228; sid:2013408; rev:4;)

Added 2011-08-13 01:18:14 UTC


Topic revision: r1 - 2011-10-12 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats