#alert http $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET ACTIVEX Possible Novell iPrint Client Browser Plugin ExecuteRequest? debug Parameter Stack Overflow Attempt"; flow:established,to_client; content:"clsid"; nocase; content:"36723f97-7aa0-11d4-8919-ff2d71d0d32c"; nocase; distance:0; content:"ExecuteRequest"; nocase; pcre:"/<OBJECT\s+[^>]*classid\s*=\s*[\x22\x27]?\s*clsid\s*\x3a\s*\x7B?\s*36723f97-7aa0-11d4-8919-ff2d71d0d32c/si"; reference:url,www.exploit-db.com/moaub-14-novell-iprint-client-browser-plugin-executerequest-debug-parameter-stack-overflow/; reference:bid,42100; reference:url,doc.emergingthreats.net/2011509; classtype:attempted-user; sid:2011509; rev:2; metadata:created_at 2010_09_28, updated_at 2010_09_28;)

Added 2017-08-07 21:04:39 UTC


#alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET ACTIVEX Possible Novell iPrint Client Browser Plugin ExecuteRequest? debug Parameter Stack Overflow Attempt"; flow:established,to_client; content:"clsid"; nocase; content:"36723f97-7aa0-11d4-8919-ff2d71d0d32c"; nocase; distance:0; content:"ExecuteRequest"; nocase; pcre:"/<OBJECT\s+[^>]*classid\s*=\s*[\x22\x27]?\s*clsid\s*\x3a\s*\x7B?\s*36723f97-7aa0-11d4-8919-ff2d71d0d32c/si"; reference:url,www.exploit-db.com/moaub-14-novell-iprint-client-browser-plugin-executerequest-debug-parameter-stack-overflow/; reference:bid,42100; reference:url,doc.emergingthreats.net/2011509; classtype:attempted-user; sid:2011509; rev:1;)

Added 2011-10-12 19:32:09 UTC


#alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET ACTIVEX Possible Novell iPrint Client Browser Plugin ExecuteRequest? debug Parameter Stack Overflow Attempt"; flow:established,to_client; content:"clsid"; nocase; content:"36723f97-7aa0-11d4-8919-ff2d71d0d32c"; nocase; distance:0; content:"ExecuteRequest"; nocase; pcre:"/<OBJECT\s+[^>]*classid\s*=\s*[\x22\x27]?\s*clsid\s*\x3a\s*\x7B?\s*36723f97-7aa0-11d4-8919-ff2d71d0d32c/si"; classtype:attempted-user; reference:url,www.exploit-db.com/moaub-14-novell-iprint-client-browser-plugin-executerequest-debug-parameter-stack-overflow/; reference:bid,42100; reference:url,doc.emergingthreats.net/2011509; sid:2011509; rev:1;)

Added 2011-09-14 22:45:10 UTC


#alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET ACTIVEX Possible Novell iPrint Client Browser Plugin ExecuteRequest? debug Parameter Stack Overflow Attempt"; flow:established,to_client; content:"clsid"; nocase; content:"36723f97-7aa0-11d4-8919-ff2d71d0d32c"; nocase; distance:0; content:"ExecuteRequest"; nocase; pcre:"/<OBJECT\s+[^>]*classid\s*=\s*[\x22\x27]?\s*clsid\s*\x3a\s*\x7B?\s*36723f97-7aa0-11d4-8919-ff2d71d0d32c/si"; classtype:attempted-user; reference:url,www.exploit-db.com/moaub-14-novell-iprint-client-browser-plugin-executerequest-debug-parameter-stack-overflow/; reference:bid,42100; reference:url,doc.emergingthreats.net/2011509; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_Novell; sid:2011509; rev:1;)

Added 2011-08-01 23:05:47 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET ACTIVEX Possible Novell iPrint Client Browser Plugin ExecuteRequest? debug Parameter Stack Overflow Attempt"; flow:established,to_client; content:"clsid"; nocase; content:"36723f97-7aa0-11d4-8919-ff2d71d0d32c"; nocase; distance:0; content:"ExecuteRequest"; nocase; pcre:"/<OBJECT\s+[^>]*classid\s*=\s*[\x22\x27]?\s*clsid\s*\x3a\s*\x7B?\s*36723f97-7aa0-11d4-8919-ff2d71d0d32c/si"; classtype:attempted-user; reference:url,www.exploit-db.com/moaub-14-novell-iprint-client-browser-plugin-executerequest-debug-parameter-stack-overflow/; reference:bid,42100; reference:url,doc.emergingthreats.net/2011509; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_Novell; sid:2011509; rev:1;)

Added 2011-02-04 17:31:19 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_CLIENT Possible Novell iPrint Client Browser Plugin ExecuteRequest? debug Parameter Stack Overflow Attempt"; flow:established,to_client; content:"clsid"; nocase; content:"36723f97-7aa0-11d4-8919-ff2d71d0d32c"; nocase; distance:0; content:"ExecuteRequest"; nocase; pcre:"/<OBJECT\s+[^>]*classid\s*=\s*[\x22\x27]?\s*clsid\s*\x3a\s*\x7B?\s*36723f97-7aa0-11d4-8919-ff2d71d0d32c/si"; classtype:attempted-user; reference:url,www.exploit-db.com/moaub-14-novell-iprint-client-browser-plugin-executerequest-debug-parameter-stack-overflow/; reference:url,doc.emergingthreats.net/2011509; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_Novell; sid:2011509; rev:2;)

Added 2010-09-15 09:34:04 UTC


Topic revision: r1 - 2017-08-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats