EmergingThreats> Main Web>2007887 (2008-02-27, TWikiGuest) EditAttach

alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Possible Comodo AntiVirus? 2.0 ExecuteStr?() Remote Command Execution Vulnerability"; flow:to_client,established; content:"clsid"; nocase; content:"309F674D-E4D3-46BD-B9E2-ED7DFD7FD176"; nocase; content:"ExecuteStr"; pcre:"/.*\.(exe|bat|ftp)/i";reference:cve,CVE-2008-0470; reference:bugtraq,27424; reference:url,www.milw0rm.com/exploits/4974; classtype:web-application-attack; sid:2007887; rev:1;)

Added 2008-02-27 12:14:31 UTC

Edit | Attach | Print version | History: r1 | Backlinks | Raw View | WYSIWYG | More topic actions
Topic revision: r1 - 2008-02-27 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats