alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX Sony DRM Related - CodeSupport? ActiveX? Attempt"; flow:from_server,established; content:"CLSID"; nocase; content:"4EA7C4C5-C5C0-4F5C-A008-8293505F71CC"; nocase; distance:0; reference:url,www.frsirt.com/english/advisories/2005/2454; reference:url,www.hack.fi/~muzzy/sony-drm/; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2002679; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Sony_DRM; sid:2002679; rev:7;)

Added 2009-02-16 21:46:09 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX Sony DRM Related - CodeSupport? ActiveX? Attempt"; flow:from_server,established; content:"CLSID"; nocase; content:"4EA7C4C5-C5C0-4F5C-A008-8293505F71CC"; nocase; distance:0; reference:url,www.frsirt.com/english/advisories/2005/2454; reference:url,www.hack.fi/~muzzy/sony-drm/; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2002679; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Sony_DRM; sid:2002679; rev:7;)

Added 2009-02-16 21:46:09 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX Sony DRM Related - CodeSupport? ActiveX? Attempt"; flow:from_server,established; content:"CLSID"; nocase; content:"4EA7C4C5-C5C0-4F5C-A008-8293505F71CC"; nocase; distance:0; reference:url,www.frsirt.com/english/advisories/2005/2454; reference:url,www.hack.fi/~muzzy/sony-drm/; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2002679; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Sony_DRM; sid:2002679; rev:7;)

Added 2009-02-16 21:45:24 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX Sony DRM Related - CodeSupport? ActiveX? Attempt"; flow:from_server,established; content:"CLSID"; nocase; content:"4EA7C4C5-C5C0-4F5C-A008-8293505F71CC"; nocase; distance:0; reference:url,www.frsirt.com/english/advisories/2005/2454; reference:url,www.hack.fi/~muzzy/sony-drm/; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2002679; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Sony_DRM; sid:2002679; rev:7;)

Added 2009-02-16 21:45:24 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX Sony DRM Related - CodeSupport? ActiveX? Attempt"; flow:from_server,established; content:"CLSID"; nocase; content:"4EA7C4C5-C5C0-4F5C-A008-8293505F71CC"; nocase; distance:0; reference:url,www.frsirt.com/english/advisories/2005/2454; reference:url,www.hack.fi/~muzzy/sony-drm/; classtype:web-application-attack; sid:2002679; rev:6;)

Added 2008-11-25 09:49:36 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX Sony DRM Related - CodeSupport? ActiveX? Attempt"; flow:from_server,established; content:"CLSID"; nocase; content:"4EA7C4C5-C5C0-4F5C-A008-8293505F71CC"; nocase; distance:0; reference:url,www.frsirt.com/english/advisories/2005/2454; reference:url,www.hack.fi/~muzzy/sony-drm/; classtype:web-application-attack; sid:2002679; rev:6;)

Added 2008-11-25 09:49:36 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX Sony DRM Related - CodeSupport? ActiveX? Attempt"; flow:from_server,established; content:"CLSID"; nocase; content:"4EA7C4C5-C5C0-4F5C-A008-8293505F71CC"; nocase; distance:0; reference:url,www.frsirt.com/english/advisories/2005/2454; reference:url,www.hack.fi/~muzzy/sony-drm/; classtype:web-application-attack; sid:2002679; rev:6;)

Added 2008-11-25 09:45:22 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX Sony DRM Related - CodeSupport? ActiveX? Attempt"; flow:from_server,established; content:"CLSID"; nocase; content:"4EA7C4C5-C5C0-4F5C-A008-8293505F71CC"; nocase; distance:0; reference:url,www.frsirt.com/english/advisories/2005/2454; reference:url,www.hack.fi/~muzzy/sony-drm/; classtype:web-application-attack; sid:2002679; rev:6;)

Added 2008-11-25 09:45:22 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET MALWARE Sony DRM Related - CodeSupport? ActiveX? Attempt"; flow:from_server,established; content:"CLSID"; nocase; content:"4EA7C4C5-C5C0-4F5C-A008-8293505F71CC"; nocase; distance:0; reference:url,www.frsirt.com/english/advisories/2005/2454; reference:url,www.hack.fi/~muzzy/sony-drm/; classtype:web-application-attack; sid:2002679; rev:5;)

Added 2008-01-28 17:24:19 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET MALWARE Sony DRM Related - CodeSupport? ActiveX? Attempt"; flow:from_server,established; content:"CLSID"; nocase; content:"4EA7C4C5-C5C0-4F5C-A008-8293505F71CC"; nocase; distance:0; reference:url,www.frsirt.com/english/advisories/2005/2454; reference:url,www.hack.fi/~muzzy/sony-drm/; classtype:web-application-attack; sid:2002679; rev:5;)

Added 2008-01-28 17:24:18 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"BLEEDING-EDGE Malware Sony DRM Related - CodeSupport? ActiveX? Attempt"; flow:from_server,established; content:"CLSID"; nocase; content:"4EA7C4C5-C5C0-4F5C-A008-8293505F71CC"; nocase; distance:0; reference:url,www.frsirt.com/english/advisories/2005/2454; reference:url,www.hack.fi/~muzzy/sony-drm/; classtype:web-application-attack; sid:2002679; rev:4;)



Topic revision: r1 - 2009-02-17 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats