#alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET EXPLOIT IIS FTP Exploit - NLST Globbing Exploit"; flow:established,to_server; content:"NLST "; nocase; content:"|2a 2f 2e 2e 2f|"; reference:url,www.milw0rm.com/exploits/9541; reference:url,doc.emergingthreats.net/2009860; reference:cve,2009-3023; classtype:attempted-admin; sid:2009860; rev:5;)

Added 2011-10-12 19:28:25 UTC


#alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET EXPLOIT IIS FTP Exploit - NLST Globbing Exploit"; flow:established,to_server; content:"NLST "; nocase; content:"|2a 2f 2e 2e 2f|"; classtype:attempted-admin; reference:url,www.milw0rm.com/exploits/9541; reference:url,doc.emergingthreats.net/2009860; reference:cve,2009-3023; sid:2009860; rev:5;)

Added 2011-09-14 22:41:43 UTC


#alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET EXPLOIT IIS FTP Exploit - NLST Globbing Exploit"; flow:established,to_server; content:"NLST "; nocase; content:"|2a 2f 2e 2e 2f|"; classtype:attempted-admin; reference:url,www.milw0rm.com/exploits/9541; reference:url,doc.emergingthreats.net/2009860; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_IISFTP; reference:cve,2009-3023; sid:2009860; rev:5;)

Added 2011-02-04 17:29:16 UTC


#alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET EXPLOIT IIS FTP Exploit - NLST Globbing Exploit"; flow:established,to_server; content:"NLST "; nocase; content:"|2a 2f 2e 2e 2f|"; classtype:attempted-admin; reference:url,www.milw0rm.com/exploits/9541; reference:url,doc.emergingthreats.net/2009860; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_IISFTP; reference:cve,2009-3023; sid:2009860; rev:5;)

Added 2010-07-29 15:02:20 UTC


#alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET EXPLOIT IIS FTP Exploit - NLST Globbing Exploit"; flow:established,to_server; content:"NLST "; nocase; content:"|2a 2f 2e 2e 2f|"; classtype:attempted-admin; reference:url,www.milw0rm.com/exploits/9541; reference:url,doc.emergingthreats.net/2009860; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_IISFTP; reference:cve,2009-3023; sid:2009860; rev:5;)

Added 2010-07-29 15:02:20 UTC


#alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET Exploit IIS FTP Exploit - NLST Globbing Exploit"; flow:established,to_server; content:"NLST "; nocase; content:"|2a 2f 2e 2e 2f|"; classtype:attempted-admin; reference:url,www.milw0rm.com/exploits/9541; reference:url,doc.emergingthreats.net/2009860; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_IISFTP; reference:cve,2009-3023; sid:2009860; rev:4;)

Added 2010-01-29 11:39:58 UTC


#alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET Exploit IIS FTP Exploit - NLST Globbing Exploit"; flow:established,to_server; content:"NLST "; nocase; content:"|2a 2f 2e 2e 2f|"; classtype:attempted-admin; reference:url,www.milw0rm.com/exploits/9541; reference:url,doc.emergingthreats.net/2009860; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_IISFTP; reference:cve,2009-3023; sid:2009860; rev:4;)

Added 2010-01-29 11:39:58 UTC


#alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET Exploit IIS FTP Exploit - NLST Globbing Exploit"; flow:established,to_server; content:"NLST "; nocase; content:"|2a 2f 2e 2e 2f|"; classtype:attempted-admin; reference:url,www.milw0rm.com/exploits/9541; reference:url,doc.emergingthreats.net/2009860; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_IISFTP; sid:2009860; rev:3;)

Added 2010-01-15 12:00:47 UTC


#alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET Exploit IIS FTP Exploit - NLST Globbing Exploit"; flow:established,to_server; content:"NLST "; nocase; content:"|2a 2f 2e 2e 2f|"; classtype:attempted-admin; reference:url,www.milw0rm.com/exploits/9541; reference:url,doc.emergingthreats.net/2009860; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_IISFTP; sid:2009860; rev:3;)

Added 2010-01-15 12:00:47 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET Exploit IIS FTP Exploit - NLST Globbing Exploit"; flow:established,to_server; content:"NLST "; nocase; content:"|2a 2f 2e 2e 2f|"; classtype:attempted-admin; reference:url,www.milw0rm.com/exploits/9541; reference:url,doc.emergingthreats.net/2009860; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_IISFTP; sid:2009860; rev:3;)

Added 2009-09-08 16:48:24 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET Exploit IIS FTP Exploit - NLST Globbing Exploit"; flow:established,to_server; content:"NLST "; nocase; content:"|2a 2f 2e 2e 2f|"; classtype:attempted-admin; reference:url,www.milw0rm.com/exploits/9541; reference:url,doc.emergingthreats.net/2009860; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_IISFTP; sid:2009860; rev:3;)

Added 2009-09-08 16:48:24 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET Exploit IIS FTP Exploit - NLST Globbing Exploit"; flow:established,to_server; content:"NLST "; nocase; content:"|2a 2f 2e 2e 2f|"; classtype:attempted-admin; reference:url,www.milw0rm.com/exploits/9541; reference:url,doc.emergingthreats.net/2009860; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_IISFTP; sid:2009860; rev:3;)

Added 2009-09-08 16:45:38 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET Exploit IIS FTP Exploit - NLST Globbing Exploit"; flow:established,to_server; content:"NLST "; nocase; content:"|2a 2f 2e 2e 2f|"; classtype:attempted-admin; reference:url,www.milw0rm.com/exploits/9541; reference:url,doc.emergingthreats.net/2009860; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_IISFTP; sid:2009860; rev:3;)

Added 2009-09-08 16:45:38 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET Exploit IIS FTP Exploit - NLST Globbing Exploit"; flow:established,to_server; content:"NLST "; nocase; content:"|2a 2f 2e 2e 2f|"; classtype:attempted-admin; reference:url,www.milw0rm.com/exploits/9541; sid:2009860; rev:2;)

Added 2009-09-05 15:15:36 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET Exploit IIS FTP Exploit - NLST Globbing Exploit"; flow:established,to_server; content:"NLST "; nocase; content:"|2a 2f 2e 2e 2f|"; classtype:attempted-admin; reference:url,www.milw0rm.com/exploits/9541; sid:2009860; rev:2;)

Added 2009-09-05 15:15:36 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET EXPLOIT IIS FTP Exploit - NLST Globbing Exploit"; flow:established,to_server; content:"NLST "; depth:5; content:"|2a 2f 2e 2e 2f|"; classtype:attempted-admin; reference:url,www.milw0rm.com/exploits/9541; sid:2009860; rev:1;)

Added 2009-09-03 22:30:39 UTC


Topic revision: r1 - 2011-10-12 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats