alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Yahoo!
JukeBox? MediaGrid? ActiveX? Control mediagrid.dll
AddBitmap?()
BoF?"; flow:to_client,established; content:"clsid"; nocase; content:"22FD7C0A-850C-4A53-9821-0B0915C96139"; nocase; content:"0x40000"; content:"AddBitmap"; nocase; classtype:web-application-attack; reference:bugtraq,27578; reference:url,milw0rm.com/exploits/5052; reference:url,isc.sans.org/diary.html?storyid=3929; sid:2007813; rev:1;)
Added 2008-02-06 10:03:30 UTC
alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Yahoo!
JukeBox? MediaGrid? ActiveX? Control mediagrid.dll
AddBitmap?()
BoF?"; flow:to_client,established; content:"clsid"; nocase; content:"22FD7C0A-850C-4A53-9821-0B0915C96139"; nocase; content:"0x40000"; content:"AddBitmap"; nocase; classtype:web-application-attack; reference:bugtraq,27578; reference:url,milw0rm.com/exploits/5052; reference:url,isc.sans.org/diary.html?storyid=3929; sid:2007813; rev:1;)
Added 2008-02-06 10:03:30 UTC
alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Vulnerable Yahoo
MediaGrid? ActiveX? CLSID in Use"; flow:from_server,established; content:"CLSID"; nocase; content:"22FD7C0A-850C-4A53-9821-0B0915C96139"; nocase; distance:0; within:40; reference:url,isc.sans.org/diary.html?storyid=3929; classtype:web-application-attack; sid:2007813; rev:1;)
Added 2008-02-05 13:50:04 UTC