alert tcp $EXTERNAL_NET any -> $HOME_NET 8888 (msg:"ET EXPLOIT CloudMe? Sync Buffer Overflow"; flow:established,to_server; content:"|fe e7 d1 61 a8 98 03 69 10 06 e7 6f 6f 0a c4 61 5a ea c8 68 e1 52 d6 68 a2 7c fa 68 ff fd ff ff|"; fast_pattern; distance:0; content:"|92 70 b4 6e 47 27 d5 68 ff ff ff ff bc 48 f9 68|"; distance:0; content:"|3c 06 f8 68 72 a4 f9 68 c0 ff ff ff 92 70 b4 6e|"; distance:0; content:"|ab 57 f0 61 a3 ef b5 6e d1 14 dc 61 0c ed b4 64 45 62 ba 61|"; distance:0; content:"|90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90|"; distance:0; reference:url,exploit-db.com/exploits/44784/; reference:cve,2018-6892; classtype:attempted-admin; sid:2025766; rev:2; metadata:attack_target Server, created_at 2018_06_29, cve CVE_2018_6892, deployment Perimeter, former_category EXPLOIT, performance_impact Low, signature_severity Major, updated_at 2018_07_18;)

Added 2021-07-22 19:11:34 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET 8888 (msg:"ET EXPLOIT CloudMe? Sync Buffer Overflow"; flow:established,to_server; content:"|fe e7 d1 61 a8 98 03 69 10 06 e7 6f 6f 0a c4 61 5a ea c8 68 e1 52 d6 68 a2 7c fa 68 ff fd ff ff|"; fast_pattern; distance:0; content:"|92 70 b4 6e 47 27 d5 68 ff ff ff ff bc 48 f9 68|"; distance:0; content:"|3c 06 f8 68 72 a4 f9 68 c0 ff ff ff 92 70 b4 6e|"; distance:0; content:"|ab 57 f0 61 a3 ef b5 6e d1 14 dc 61 0c ed b4 64 45 62 ba 61|"; distance:0; content:"|90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90|"; distance:0; reference:url,exploit-db.com/exploits/44784/; reference:cve,2018-6892; classtype:attempted-admin; sid:2025766; rev:2; metadata:attack_target Server, created_at 2018_06_29, deployment Perimeter, former_category EXPLOIT, performance_impact Low, signature_severity Major, updated_at 2018_07_18;)

Added 2020-08-05 19:14:52 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET 8888 (msg:"ET EXPLOIT CloudMe? Sync Buffer Overflow"; flow:established,to_server; content:"|fe e7 d1 61 a8 98 03 69 10 06 e7 6f 6f 0a c4 61 5a ea c8 68 e1 52 d6 68 a2 7c fa 68 ff fd ff ff|"; fast_pattern; distance:0; content:"|92 70 b4 6e 47 27 d5 68 ff ff ff ff bc 48 f9 68|"; distance:0; content:"|3c 06 f8 68 72 a4 f9 68 c0 ff ff ff 92 70 b4 6e|"; distance:0; content:"|ab 57 f0 61 a3 ef b5 6e d1 14 dc 61 0c ed b4 64 45 62 ba 61|"; distance:0; content:"|90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90|"; distance:0; metadata: former_category EXPLOIT; reference:url,exploit-db.com/exploits/44784/; reference:cve,2018-6892; classtype:attempted-admin; sid:2025766; rev:2; metadata:attack_target Server, deployment Perimeter, signature_severity Major, created_at 2018_06_29, performance_impact Low, updated_at 2018_07_18;)

Added 2018-09-13 19:54:50 UTC


Added 2018-09-13 18:02:15 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET 8888 (msg:"ET EXPLOIT CloudMe? Sync Buffer Overflow"; flow:established,to_server; content:"|fe e7 d1 61 a8 98 03 69 10 06 e7 6f 6f 0a c4 61 5a ea c8 68 e1 52 d6 68 a2 7c fa 68 ff fd ff ff|"; fast_pattern; distance:0; content:"|92 70 b4 6e 47 27 d5 68 ff ff ff ff bc 48 f9 68|"; distance:0; content:"|3c 06 f8 68 72 a4 f9 68 c0 ff ff ff 92 70 b4 6e|"; distance:0; content:"|ab 57 f0 61 a3 ef b5 6e d1 14 dc 61 0c ed b4 64 45 62 ba 61|"; distance:0; content:"|90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90|"; distance:0; metadata: former_category EXPLOIT; reference:url,exploit-db.com/exploits/44784/; reference:cve,2018-6892; classtype:attempted-admin; sid:2025766; rev:2; metadata:attack_target Server, deployment Perimeter, signature_severity Major, created_at 2018_06_29, performance_impact Low, updated_at 2018_07_18;)

Added 2018-07-18 17:37:09 UTC



This topic: Main > 2025766
Topic revision: r1 - 2021-07-22 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats