alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET EXPLOIT FTP Serv-U directory traversal vulnerability (1)"; flow: to_server,established; pcre:"/\\[\.]+%20/Bi"; reference:url,www.securiteam.com/windowsntfocus/6C0041F0KO.html; classtype: misc-activity; reference:url,doc.emergingthreats.net/bin/view/Main/2001211; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Serv-U_Ftp; sid: 2001211; rev:9;)

Added 2009-02-07 22:00:26 UTC

alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET EXPLOIT FTP Serv-U directory traversal vulnerability (1)"; flow: to_server,established; pcre:"/\\[\.]+%20/Bi"; reference:url,www.securiteam.com/windowsntfocus/6C0041F0KO.html; classtype: misc-activity; reference:url,doc.emergingthreats.net/bin/view/Main/2001211; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Serv-U_Ftp; sid: 2001211; rev:9;)

Added 2009-02-07 22:00:26 UTC

alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET EXPLOIT FTP Serv-U directory traversal vulnerability (1)"; flow: to_server,established; pcre:"/\\[\.]+%20/Bi"; reference:url,www.securiteam.com/windowsntfocus/6C0041F0KO.html; classtype: misc-activity; sid: 2001211; rev:8;)

Added 2008-01-25 10:56:38 UTC

alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET EXPLOIT FTP Serv-U directory traversal vulnerability (1)"; flow: to_server,established; pcre:"/\\[\.]+%20/Bi"; reference:url,www.securiteam.com/windowsntfocus/6C0041F0KO.html; classtype: misc-activity; sid: 2001211; rev:8;)

Added 2008-01-25 10:56:38 UTC

alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg: "BLEEDING-EDGE EXPLOIT FTP Serv-U directory traversal vulnerability (1)"; flow: to_server,established; pcre:"/\\[\.]+%20/Bi"; reference:url,www.securiteam.com/windowsntfocus/6C0041F0KO.html; classtype: misc-activity; sid: 2001211; rev:7; )