alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET EXPLOIT Metasploit CVE-2012-4792 EIP in URI IE 8"; flow:established,to_server; content:"/%E0%AC%B0%E0%B0%8C"; http_raw_uri; fast_pattern; content:"MSIE 8.0|3b|"; http_header; metadata: former_category CURRENT_EVENTS; reference:cve,2012-4792; reference:url,github.com/rapid7/metasploit-framework/commit/6cb9106218bde56fc5e8d72c66fbba9f11c24449; reference:url,eromang.zataz.com/2012/12/29/attack-and-ie-0day-informations-used-against-council-on-foreign-relations/; classtype:attempted-user; sid:2016136; rev:4; metadata:affected_product Any, attack_target Client_and_Server, deployment Perimeter, deployment Internet, deployment Internal, deployment Datacenter, tag Metasploit, signature_severity Critical, created_at 2012_12_31, updated_at 2016_07_01;)

Added 2019-08-15 20:33:16 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET CURRENT_EVENTS Metasploit CVE-2012-4792 EIP in URI IE 8"; flow:established,to_server; content:"/%E0%AC%B0%E0%B0%8C"; http_raw_uri; fast_pattern; content:"MSIE 8.0|3b|"; http_header; reference:cve,2012-4792; reference:url,github.com/rapid7/metasploit-framework/commit/6cb9106218bde56fc5e8d72c66fbba9f11c24449; reference:url,eromang.zataz.com/2012/12/29/attack-and-ie-0day-informations-used-against-council-on-foreign-relations/; classtype:attempted-user; sid:2016136; rev:3; metadata:affected_product Any, attack_target Client_and_Server, deployment Perimeter, deployment Internet, deployment Internal, deployment Datacenter, tag Metasploit, signature_severity Critical, created_at 2012_12_31, updated_at 2016_07_01;)

Added 2019-03-26 18:09:15 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET CURRENT_EVENTS Metasploit CVE-2012-4792 EIP in URI IE 8"; flow:established,to_server; content:"/%E0%AC%B0%E0%B0%8C"; http_raw_uri; fast_pattern; content:"MSIE 8.0|3b|"; http_header; reference:cve,2012-4792; reference:url,github.com/rapid7/metasploit-framework/commit/6cb9106218bde56fc5e8d72c66fbba9f11c24449; reference:url,eromang.zataz.com/2012/12/29/attack-and-ie-0day-informations-used-against-council-on-foreign-relations/; classtype:attempted-user; sid:2016136; rev:3; metadata:affected_product Any, attack_target Client_and_Server, deployment Perimeter, deployment Internet, deployment Internal, deployment Datacenter, tag Metasploit, signature_severity Critical, created_at 2013_12_31, updated_at 2016_07_01;)

Added 2017-08-07 21:09:48 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET CURRENT_EVENTS Metasploit CVE-2012-4792 EIP in URI IE 8"; flow:established,to_server; content:"/%E0%AC%B0%E0%B0%8C"; fast_pattern:only; content:"/%E0%AC%B0%E0%B0%8C"; http_raw_uri; content:"MSIE 8.0|3b|"; http_header; reference:cve,2012-4792; reference:url,github.com/rapid7/metasploit-framework/commit/6cb9106218bde56fc5e8d72c66fbba9f11c24449; reference:url,eromang.zataz.com/2012/12/29/attack-and-ie-0day-informations-used-against-council-on-foreign-relations/; classtype:attempted-user; sid:2016136; rev:1;)

Added 2012-12-31 01:52:33 UTC


Topic revision: r1 - 2019-08-16 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats