alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET EXPLOIT FTP Serv-U Local Privilege Escalation Vulnerability"; flow: to_server,established; content:"site exec"; nocase; rawbytes; reference:url,www.securiteam.com/windowsntfocus/5YP0F1FDPO.html; classtype: misc-activity; reference:url,doc.emergingthreats.net/bin/view/Main/2001210; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Serv-U_Ftp; sid: 2001210; rev:9;)

Added 2009-02-07 22:00:26 UTC

alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET EXPLOIT FTP Serv-U Local Privilege Escalation Vulnerability"; flow: to_server,established; content:"site exec"; nocase; rawbytes; reference:url,www.securiteam.com/windowsntfocus/5YP0F1FDPO.html; classtype: misc-activity; reference:url,doc.emergingthreats.net/bin/view/Main/2001210; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Serv-U_Ftp; sid: 2001210; rev:9;)

Added 2009-02-07 22:00:26 UTC

alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET EXPLOIT FTP Serv-U Local Privilege Escalation Vulnerability"; flow: to_server,established; content:"site exec"; nocase; rawbytes; reference:url,www.securiteam.com/windowsntfocus/5YP0F1FDPO.html; classtype: misc-activity; sid: 2001210; rev:8;)

Added 2008-01-25 10:56:38 UTC

alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET EXPLOIT FTP Serv-U Local Privilege Escalation Vulnerability"; flow: to_server,established; content:"site exec"; nocase; rawbytes; reference:url,www.securiteam.com/windowsntfocus/5YP0F1FDPO.html; classtype: misc-activity; sid: 2001210; rev:8;)

Added 2008-01-25 10:56:38 UTC

alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg: "BLEEDING-EDGE EXPLOIT FTP Serv-U Local Privilege Escalation Vulnerability"; flow: to_server,established; content:"site exec"; nocase; rawbytes; reference:url,www.securiteam.com/windowsntfocus/5YP0F1FDPO.html; classtype: misc-activity; sid: 2001210; rev:7; )