alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB Chilkat FTP
ActiveX? 2.0
ChilkatCert?.dll Insecure Method Vulnerability"; flow:to_client,established; content:"CLSID"; nocase; content:"A934AEE3-8896-485F-8A55-ACF2A87BD010"; nocase; pcre:"/.*\.(ini|exe|dll|bat|com|cab|txt)/i"; content:"SavePkcs8File"; nocase; distance:0; within:40; classtype:web-application-attack; reference:bugtraq,27540; reference:url,www.milw0rm.com/exploits/5028; sid:2007818; rev:2;)
Added 2008-05-18 20:33:02 UTC
alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB Chilkat FTP
ActiveX? 2.0
ChilkatCert?.dll Insecure Method Vulnerability"; flow:to_client,established; content:"CLSID"; nocase; content:"A934AEE3-8896-485F-8A55-ACF2A87BD010"; nocase; pcre:"/.*\.(ini|exe|dll|bat|com|cab|txt)/i"; content:"SavePkcs8File"; nocase; distance:0; within:40; classtype:web-application-attack; reference:bugtraq,27540; reference:url,www.milw0rm.com/exploits/5028; sid:2007818; rev:2;)
Added 2008-05-18 20:33:02 UTC
alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Chilkat FTP
ActiveX? 2.0
ChilkatCert?.dll Insecure Method Vulnerability"; flow:to_client,established; content:"CLSID"; nocase; content:"A934AEE3-8896-485F-8A55-ACF2A87BD010"; nocase; pcre:"/.*\.(ini|exe|dll|bat|com|cab|txt)/i"; content:"SavePkcs8File"; nocase; distance:0; within:40; classtype:web-application-attack; reference:bugtraq,27540; reference:url,www.milw0rm.com/exploits/5028; sid:2007818; rev:1;)
Added 2008-02-06 10:24:10 UTC