alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET GAMES Ourgame GLWorld 2.x hgs_startNotify()/hgs_startGame() ActiveX? BoF?"; flow:to_client,established; content:"ActiveXObject"; nocase; distance:0; content:"HanGamePluginCn18.HanGamePluginCn18.1"; nocase; content:"0x40000"; pcre:"/(hgs_startNotify|hgs_startGame)/i"; classtype:web-application-attack; reference:url,www.milw0rm.com/exploits/5153; reference:bugtraq,27626; reference:cve,CVE-2008-0647; reference:url,www.symantec.com/enterprise/security_response/weblog/2008/02/zeroday_exploit_for_lianzong_g.html; reference:url,doc.emergingthreats.net/bin/view/Main/2007906; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/GAMES/GAMES_Ourgame; sid:2007906; rev:3;)

Added 2009-02-07 21:45:22 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET GAMES Ourgame GLWorld 2.x hgs_startNotify()/hgs_startGame() ActiveX? BoF?"; flow:to_client,established; content:"ActiveXObject"; nocase; distance:0; content:"HanGamePluginCn18.HanGamePluginCn18.1"; nocase; content:"0x40000"; pcre:"/(hgs_startNotify|hgs_startGame)/i"; classtype:web-application-attack; reference:url,www.milw0rm.com/exploits/5153; reference:bugtraq,27626; reference:cve,CVE-2008-0647; reference:url,www.symantec.com/enterprise/security_response/weblog/2008/02/zeroday_exploit_for_lianzong_g.html; reference:url,doc.emergingthreats.net/bin/view/Main/2007906; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/GAMES/GAMES_Ourgame; sid:2007906; rev:3;)

Added 2009-02-07 21:45:22 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET GAMES Ourgame GLWorld 2.x hgs_startNotify()/hgs_startGame() ActiveX? BoF?"; flow:to_client,established; content:"ActiveXObject"; nocase; distance:0; content:"HanGamePluginCn18.HanGamePluginCn18.1"; nocase; content:"0x40000"; pcre:"/(hgs_startNotify|hgs_startGame)/i"; classtype:web-application-attack; reference:url,www.milw0rm.com/exploits/5153; reference:bugtraq,27626; reference:cve,CVE-2008-0647; reference:url,www.symantec.com/enterprise/security_response/weblog/2008/02/zeroday_exploit_for_lianzong_g.html; sid:2007906; rev:2;)

Added 2008-03-08 21:16:18 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET GAMES Ourgame GLWorld 2.x hgs_startNotify()/hgs_startGame() ActiveX? BoF?"; flow:to_client,established; content:"ActiveXObject"; nocase; distance:0; content:"HanGamePluginCn18.HanGamePluginCn18.1"; nocase; content:"0x40000"; pcre:"/(hgs_startNotify|hgs_startGame)/i"; classtype:web-application-attack; reference:url,www.milw0rm.com/exploits/5153; reference:bugtraq,27626; reference:cve,CVE-2008-0647; reference:url,www.symantec.com/enterprise/security_response/weblog/2008/02/zeroday_exploit_for_lianzong_g.html; sid:2007906; rev:2;)

Added 2008-03-08 21:16:18 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET GAMES Ourgame GLWorld 2.x hgs_startNotify()/hgs_startGame() ActiveX? BoF?"; flow:to_client,established; content:"ActiveXObject"; nocase; distance:0; content:"HanGamePluginCn18.HanGamePluginCn18.1"; nocase; content:"0x40000"; pcre:"/(hgs_startNotify|hgs_startGame)/i"; classtype:web-application-attack; reference:url,www.milw0rm.com/exploits/5153; reference:bugtraq,27626; reference:cve,CVE-2008-0647; reference:url,www.symantec.com/enterprise/security_response/weblog/2008/02/zeroday_exploit_for_lianzong_g.html; sid:2007906; rev:2;)

Added 2008-03-08 21:11:53 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET GAMES Ourgame GLWorld 2.x hgs_startNotify()/hgs_startGame() ActiveX? BoF?"; flow:to_client,established; content:"ActiveXObject"; nocase; distance:0; content:"HanGamePluginCn18.HanGamePluginCn18.1"; nocase; content:"0x40000"; pcre:"/(hgs_startNotify|hgs_startGame)/i"; classtype:web-application-attack; reference:url,www.milw0rm.com/exploits/5153; reference:bugtraq,27626; reference:cve,CVE-2008-0647; reference:url,www.symantec.com/enterprise/security_response/weblog/2008/02/zeroday_exploit_for_lianzong_g.html; sid:2007906; rev:2;)

Added 2008-03-08 21:11:53 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET GAME Ourgame GLWorld 2.x hgs_startNotify()/hgs_startGame() ActiveX? BoF?"; flow:to_client,established; content:"ActiveXObject"; nocase; distance:0; content:"HanGamePluginCn18.HanGamePluginCn18.1"; nocase; content:"0x40000"; pcre:"/(hgs_startNotify|hgs_startGame)/i"; classtype:web-application-attack; reference:url,www.milw0rm.com/exploits/5153; reference:bugtraq,27626; reference:cve,CVE-2008-0647; reference:url,www.symantec.com/enterprise/security_response/weblog/2008/02/zeroday_exploit_for_lianzong_g.html; sid:2007906; rev:1;)

Added 2008-03-03 05:08:36 UTC


Topic revision: r1 - 2009-02-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats