#alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB Adobe PDF JBIG2 buffer overflow CVE-2009-0658 remote code execution attempt HTTP inbound"; flow:to_client,established; content:"JBIG2Decode"; nocase; content:"stream|0D 0A 00 00 00 01|"; distance:0; byte_test:1,&,64,0,relative; byte_test:1,<,32,1,relative; byte_test:4,>,35256,2,relative,little; reference:bugtraq,33751; classtype:attempted-user; reference:url,doc.emergingthreats.net/2009112; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe; sid:2009112; rev:2;)

Added 2009-09-17 11:30:40 UTC


#alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB Adobe PDF JBIG2 buffer overflow CVE-2009-0658 remote code execution attempt HTTP inbound"; flow:to_client,established; content:"JBIG2Decode"; nocase; content:"stream|0D 0A 00 00 00 01|"; distance:0; byte_test:1,&,64,0,relative; byte_test:1,<,32,1,relative; byte_test:4,>,35256,2,relative,little; reference:bugtraq,33751; classtype:attempted-user; reference:url,doc.emergingthreats.net/2009112; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe; sid:2009112; rev:2;)

Added 2009-09-17 11:30:40 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB Adobe PDF JBIG2 buffer overflow CVE-2009-0658 remote code execution attempt HTTP inbound"; flow:to_client,established; content:"JBIG2Decode"; nocase; content:"stream|0D 0A 00 00 00 01|"; distance:0; byte_test:1,&,64,0,relative; byte_test:1,<,32,1,relative; byte_test:4,>,35256,2,relative,little; reference:bugtraq,33751; classtype:attempted-user; reference:url,doc.emergingthreats.net/2009112; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe; sid:2009112; rev:2;)

Added 2009-02-26 20:15:24 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB Adobe PDF JBIG2 buffer overflow CVE-2009-0658 remote code execution attempt HTTP inbound"; flow:to_client,established; content:"JBIG2Decode"; nocase; content:"stream|0D 0A 00 00 00 01|"; distance:0; byte_test:1,&,64,0,relative; byte_test:1,<,32,1,relative; byte_test:4,>,35256,2,relative,little; reference:bugtraq,33751; classtype:attempted-user; reference:url,doc.emergingthreats.net/2009112; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe; sid:2009112; rev:2;)

Added 2009-02-26 20:15:24 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB Adobe PDF JBIG2 buffer overflow CVE-2009-0658 remote code execution attempt HTTP inbound"; flow:to_client,established; content:"JBIG2Decode"; nocase; content:"stream|0D 0A 00 00 00 01|"; distance:0; byte_test:1,&,64,0,relative; byte_test:1,<,32,1,relative; byte_test:4,>,35256,2,relative,little; reference:bugtraq,33751; classtype:attempted-user; sid:2009112; rev:1;)

Added 2009-02-26 10:00:24 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB Adobe PDF JBIG2 buffer overflow CVE-2009-0658 remote code execution attempt HTTP inbound"; flow:to_client,established; content:"JBIG2Decode"; nocase; content:"stream|0D 0A 00 00 00 01|"; distance:0; byte_test:1,&,64,0,relative; byte_test:1,<,32,1,relative; byte_test:4,>,35256,2,relative,little; reference:bugtraq,33751; classtype:attempted-user; sid:2009112; rev:1;)

Added 2009-02-26 09:59:29 UTC


Topic revision: r1 - 2009-09-17 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats