alert tcp $EXTERNAL_NET any -> $HOME_NET 9100 (msg:"ET EXPLOIT Xerox WorkCentre? PJL Daemon Buffer Overflow Attempt"; flow:established,to_server; content:"ENTER LANGUAGE ="; depth:50; nocase; isdataat:55,relative; content:!"|0A|"; within:55; pcre:"/ENTER\x20LANGUAGE\x20\x3D.{55}/smi"; reference:url,www.securityfocus.com/bid/38010; reference:url,doc.emergingthreats.net/2010759; classtype:attempted-admin; sid:2010759; rev:2;)

Added 2011-10-12 19:30:31 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET 9100 (msg:"ET EXPLOIT Xerox WorkCentre? PJL Daemon Buffer Overflow Attempt"; flow:established,to_server; content:"ENTER LANGUAGE ="; depth:50; nocase; isdataat:55,relative; content:!"|0A|"; within:55; pcre:"/ENTER\x20LANGUAGE\x20\x3D.{55}/smi"; classtype:attempted-admin; reference:url,www.securityfocus.com/bid/38010; reference:url,doc.emergingthreats.net/2010759; sid:2010759; rev:2;)

Added 2011-09-14 22:43:42 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET 9100 (msg:"ET EXPLOIT Xerox WorkCentre? PJL Daemon Buffer Overflow Attempt"; flow:established,to_server; content:"ENTER LANGUAGE ="; depth:50; nocase; isdataat:55,relative; content:!"|0A|"; within:55; pcre:"/ENTER\x20LANGUAGE\x20\x3D.{55}/smi"; classtype:attempted-admin; reference:url,www.securityfocus.com/bid/38010; reference:url,doc.emergingthreats.net/2010759; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Xerox; sid:2010759; rev:2;)

Added 2011-02-04 17:30:24 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET 9100 (msg:"ET EXPLOIT Xerox WorkCentre? PJL Daemon Buffer Overflow Attempt"; flow:established,to_server; content:"ENTER LANGUAGE ="; depth:50; nocase; isdataat:55,relative; content:!"|0A|"; within:55; pcre:"/ENTER\x20LANGUAGE\x20\x3D.{55}/smi"; classtype:attempted-admin; reference:url,www.securityfocus.com/bid/38010; reference:url,doc.emergingthreats.net/2010759; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Xerox; sid:2010759; rev:2;)

Added 2010-02-03 13:07:52 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET 9100 (msg:"ET EXPLOIT Xerox WorkCentre? PJL Daemon Buffer Overflow Attempt"; flow:established,to_server; content:"ENTER LANGUAGE ="; depth:50; nocase; isdataat:55,relative; content:!"|0A|"; within:55; pcre:"/ENTER\x20LANGUAGE\x20\x3D.{55}/smi"; classtype:attempted-admin; reference:url,www.securityfocus.com/bid/38010; reference:url,doc.emergingthreats.net/2010759; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Xerox; sid:2010759; rev:2;)

Added 2010-02-03 13:07:52 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET 9100 (msg:"ET EXPLOIT Xerox WorkCentre? PJL Daemon Buffer Overflow Attempt"; flow:established,to_server; content:"ENTER LANGUAGE ="; depth:50; nocase; isdataat:55,relative; content:!"|0A|"; within:55; pcre:"/ENTER\x20LANGUAGE\x20\x3D.{55}/smi"; classtype:attempted-admin; reference:url,www.securityfocus.com/bid/38010; sid:2010759; rev:1;)

Added 2010-02-03 11:32:01 UTC


Topic revision: r1 - 2011-10-12 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats