alert tcp $EXTERNAL_NET any -> $HOME_NET 3306 (msg:"ET EXPLOIT MySQL? Stack based buffer overrun Exploit Specific"; flow:to_server,established; content:"grant"; nocase; content:"file"; nocase; distance:0; content:"on"; distance:0; nocase; pcre:"/^\s+A{500}/R"; reference:url,seclists.org/fulldisclosure/2012/Dec/4; classtype:attempted-user; sid:2015975; rev:5; metadata:created_at 2012_12_03, updated_at 2012_12_03;)

Added 2017-08-07 21:09:36 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET 3306 (msg:"ET EXPLOIT MySQL? Stack based buffer overrun Exploit Specific"; flow:to_server,established; content:"grant"; nocase; content:"file"; nocase; distance:0; content:"on"; distance:0; nocase; pcre:"/^\s+A{500}/R"; reference:url,seclists.org/fulldisclosure/2012/Dec/4; classtype:attempted-user; sid:2015975; rev:5;)

Added 2013-05-02 22:17:01 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET 3306 (msg:"ET EXPLOIT MySQL? Stack based buffer overrun Exploit Specific"; flow:to_server,established; content:"grant"; nocase; content:"file"; nocase; distance:0; content:"on"; distance:0; nocase; pcre:"/grant\s+(file|all)\s+on\s+A{500,}/"; reference:url,seclists.org/fulldisclosure/2012/Dec/4; classtype:attempted-user; sid:2015975; rev:3;)

Added 2012-12-04 19:55:45 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET 3306 (msg:"ET EXPLOIT MySQL? Stack based buffer overrun Exploit Specific"; flow:to_server,established; content:"grant"; nocase; content:"file"; nocase; distance:0; content:"on"; distance:0; nocase; pcre:"/grant\s+file\s+on\s+A{500,}/"; reference:url,seclists.org/fulldisclosure/2012/Dec/4; classtype:attempted-user; sid:2015975; rev:2;)

Added 2012-12-03 21:50:52 UTC


Topic revision: r1 - 2017-08-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats