#alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"BLEEDING-EDGE CURRENT EVENTS FireFox? Remote Command EXE Nntp Link Detected"; flow: from_server,established; content:"nntp\:%"; nocase; content: "/../../"; within:30; nocase; pcre:"/(\.exe|\.bat|\.com)/i"; reference:url,xs-sniper.com/blog/remote-command-exec-firefox-2005/; classtype:web-application-attack; sid:2006438; rev:2;) Added 2008-01-09 20:38:27 UTC
#alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"BLEEDING-EDGE CURRENT EVENTS FireFox? Remote Command EXE Nntp Link Detected"; flow: from_server,established; content:"nntp\:%"; nocase; content: "/../../"; within:30; nocase; pcre:"/(\.exe|\.bat|\.com)/i"; reference:url,xs-sniper.com/blog/remote-command-exec-firefox-2005/; classtype:web-application-attack; sid:2006438; rev:2;) Added 2008-01-09 20:38:27 UTC
#alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"BLEEDING-EDGE CURRENT EVENTS FireFox? Remote Command EXE Nntp Link Detected"; flow: from_server,established; content:"nntp\:%"; nocase; content: "/../../"; within:30; nocase; pcre:"/(\.exe|\.bat|\.com)/i"; reference:url,xs-sniper.com/blog/remote-command-exec-firefox-2005/; classtype:web-application-attack; sid:2006438; rev:2;) Added 2008-01-09 20:37:51 UTC
#alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"BLEEDING-EDGE CURRENT EVENTS FireFox? Remote Command EXE Nntp Link Detected"; flow: from_server,established; content:"nntp\:%"; nocase; content: "/../../"; within:30; nocase; pcre:"/(\.exe|\.bat|\.com)/i"; reference:url,xs-sniper.com/blog/remote-command-exec-firefox-2005/; classtype:web-application-attack; sid:2006438; rev:2;) Added 2008-01-09 20:37:51 UTC
#alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"BLEEDING-EDGE CURRENT EVENTS FireFox? Remote Command EXE Nntp Link Detected"; flow: from_server,established; content:"nntp\:%"; nocase; content: "/../../"; within:30; nocase; pcre:"/(\.exe|\.bat|\.com)/i"; reference:url,xs-sniper.com/blog/remote-command-exec-firefox-2005/; classtype:web-application-attack; sid:2006438; rev:2;) Added 2008-01-09 20:00:19 UTC
#alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"BLEEDING-EDGE CURRENT EVENTS FireFox? Remote Command EXE Nntp Link Detected"; flow: from_server,established; content:"nntp\:%"; nocase; content: "/../../"; within:30; nocase; pcre:"/(\.exe|\.bat|\.com)/i"; reference:url,xs-sniper.com/blog/remote-command-exec-firefox-2005/; classtype:web-application-attack; sid:2006438; rev:2;) Added 2008-01-09 20:00:19 UTC
#alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"BLEEDING-EDGE CURRENT EVENTS FireFox? Remote Command EXE Nntp Link Detected"; flow: from_server,established; content:"nntp\:%"; nocase; content: "/../../"; within:30; nocase; pcre:"/(\.exe|\.bat|\.com)/i"; reference:url,xs-sniper.com/blog/remote-command-exec-firefox-2005/; classtype:web-application-attack; sid:2006438; rev:2;) Added 2008-01-09 18:30:19 UTC
#alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"BLEEDING-EDGE CURRENT EVENTS FireFox? Remote Command EXE Nntp Link Detected"; flow: from_server,established; content:"nntp\:%"; nocase; content: "/../../"; within:30; nocase; pcre:"/(\.exe|\.bat|\.com)/i"; reference:url,xs-sniper.com/blog/remote-command-exec-firefox-2005/; classtype:web-application-attack; sid:2006438; rev:2;) Added 2008-01-09 18:30:19 UTC
#alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"BLEEDING-EDGE CURRENT_EVENTS FireFox? Remote Command EXE Nntp Link Detected"; flow: from_server,established; content:"nntp\:%"; nocase; content: "/../../"; within:30; nocase; pcre:"/(\.exe|\.bat|\.com)/i"; reference:url,xs-sniper.com/blog/remote-command-exec-firefox-2005/; classtype:web-application-attack; sid:2006438; rev:1;) Added 2007-10-28 03:16:03 UTC
#alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"BLEEDING-EDGE CURRENT_EVENTS FireFox? Remote Command EXE Nntp Link Detected"; flow: from_server,established; content:"nntp\:%"; nocase; content: "/../../"; within:30; nocase; pcre:"/(\.exe|\.bat|\.com)/i"; reference:url,xs-sniper.com/blog/remote-command-exec-firefox-2005/; classtype:web-application-attack; sid:2006438; rev:1;) Added 2007-10-28 03:16:03 UTC
alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"BLEEDING-EDGE CURRENT_EVENTS FireFox? Remote Command EXE Nntp Link Detected"; flow: from_server,established; content:"nntp\:%"; nocase; content: "/../../"; within:30; nocase; pcre:"/(\.exe|\.bat|\.com)/i"; reference:url,xs-sniper.com/blog/remote-command-exec-firefox-2005/; classtype:web-application-attack; sid:2006438; rev:1;) Added 2007-07-27 09:30:18 UTC
alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"BLEEDING-EDGE CURRENT_EVENTS FireFox? Remote Command EXE Nntp Link Detected"; flow: from_server,established; content:"nntp:%"; nocase; content: "/../../"; within:30; nocase; pcre:"/(\.exe|\.bat|\.com)/i"; reference:url,xs-sniper.com/blog/remote-command-exec-firefox-2005/; classtype:web-application-attack; sid:2006438; rev:1;) Added 2007-07-27 05:33:11 UTC
Edit | Attach | Print version | History: r1 | Backlinks | Raw View | WYSIWYG | More topic actionsTopic revision: r1 - 2008-01-10 - TWikiGuest
Main Web
Create New Topic
Index
Search
Changes
Preferences- User Reference
- ATasteOfTWiki
- TextFormattingRules
- Signature Reference
- WebRss Feed
- EmergingFAQ
 |
|
Copyright © Emerging Threats