#alert tcp any $HTTP_PORTS -> $HOME_NET any (msg:"ET EXPLOIT CAN-2004-1244 PNG with bad width"; flow: to_client, established; content:"|8950 4e47 0d0a 1a0a 0000 000d 4948 4452|"; byte_test:4,>,10000,0,relative;classtype: misc-attack; reference:cve,2004-1214; reference:url,doc.emergingthreats.net/bin/view/Main/2001718; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_MS_PNG; sid: 2001718; rev:7;)

Added 2009-02-07 22:00:25 UTC

#alert tcp any $HTTP_PORTS -> $HOME_NET any (msg:"ET EXPLOIT CAN-2004-1244 PNG with bad width"; flow: to_client, established; content:"|8950 4e47 0d0a 1a0a 0000 000d 4948 4452|"; byte_test:4,>,10000,0,relative;classtype: misc-attack; reference:cve,2004-1214; reference:url,doc.emergingthreats.net/bin/view/Main/2001718; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_MS_PNG; sid: 2001718; rev:7;)

Added 2009-02-07 22:00:25 UTC

#alert tcp any $HTTP_PORTS -> $HOME_NET any (msg:"ET EXPLOIT CAN-2004-1244 PNG with bad width"; flow: to_client, established; content:"|8950 4e47 0d0a 1a0a 0000 000d 4948 4452|"; byte_test:4,>,10000,0,relative;classtype: misc-attack; reference:cve,2004-1214; sid: 2001718; rev:6;)

Added 2008-01-25 10:56:38 UTC

#alert tcp any $HTTP_PORTS -> $HOME_NET any (msg:"ET EXPLOIT CAN-2004-1244 PNG with bad width"; flow: to_client, established; content:"|8950 4e47 0d0a 1a0a 0000 000d 4948 4452|"; byte_test:4,>,10000,0,relative;classtype: misc-attack; reference:cve,2004-1214; sid: 2001718; rev:6;)

Added 2008-01-25 10:56:38 UTC

#alert tcp any $HTTP_PORTS -> $HOME_NET any (msg: "BLEEDING-EDGE EXPLOIT CAN-2004-1244 PNG with bad width"; flow: to_client, established; content:"|8950 4e47 0d0a 1a0a 0000 000d 4948 4452|"; byte_test:4,>,10000,0,relative;classtype: misc-attack; reference:cve,2004-1214; sid: 2001718; rev:5; )