#alert tcp any any -> $HOME_NET 88 (msg:"ET EXPLOIT Possible PYKEK Priv Esc in-use"; flow:established,to_server; content:"|a4 11 18 0f|19700101000000Z|a5 11 18 0f|19700101000000Z|a6 11 18 0f|19700101000000Z"; content:"|a8 05 30 03 02 01 17|"; distance:8; within:7; threshold: type limit, track by_src, seconds 60, count 1; reference:url,github.com/bidord/pykek; reference:cve,2014-6324; classtype:attempted-admin; sid:2019897; rev:3; metadata:created_at 2014_12_09, deprecation_reason Age, former_category EXPLOIT, confidence Medium, updated_at 2014_12_09;)

Added 2023-01-19 17:27:18 UTC


alert tcp any any -> $HOME_NET 88 (msg:"ET EXPLOIT Possible PYKEK Priv Esc in-use"; flow:established,to_server; content:"|a4 11 18 0f|19700101000000Z|a5 11 18 0f|19700101000000Z|a6 11 18 0f|19700101000000Z"; content:"|a8 05 30 03 02 01 17|"; distance:8; within:7; threshold: type limit, track by_src, seconds 60, count 1; reference:url,github.com/bidord/pykek; reference:cve,CVE-2014-6324; classtype:attempted-admin; sid:2019897; rev:2; metadata:created_at 2014_12_09, updated_at 2014_12_09;)

Added 2018-09-13 19:50:01 UTC


Added 2018-09-13 17:59:24 UTC


alert tcp any any -> $HOME_NET 88 (msg:"ET EXPLOIT Possible PYKEK Priv Esc in-use"; flow:established,to_server; content:"|a4 11 18 0f|19700101000000Z|a5 11 18 0f|19700101000000Z|a6 11 18 0f|19700101000000Z"; content:"|a8 05 30 03 02 01 17|"; distance:8; within:7; threshold: type limit, track by_src, seconds 60, count 1; reference:url,github.com/bidord/pykek; reference:cve,CVE-2014-6324; classtype:attempted-admin; sid:2019897; rev:2; metadata:created_at 2014_12_09, updated_at 2014_12_09;)

Added 2017-08-07 21:14:15 UTC


alert tcp any any -> $HOME_NET 88 (msg:"ET EXPLOIT Possible PYKEK Priv Esc in-use"; flow:established,to_server; content:"|a4 11 18 0f|19700101000000Z|a5 11 18 0f|19700101000000Z|a6 11 18 0f|19700101000000Z"; content:"|a8 05 30 03 02 01 17|"; distance:8; within:7; threshold: type limit, track by_src, seconds 60, count 1; reference:url,github.com/bidord/pykek; reference:cve,CVE-2014-6324; classtype:attempted-admin; sid:2019897; rev:2;)

Added 2014-12-09 18:05:59 UTC


Topic revision: r1 - 2023-01-19 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats