2008129 < Main < EmergingThreats

Main Web>2008129 (2018-09-13, TWikiGuest) (raw view)
 <h2>
 

#alert http $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET ACTIVEX LEADTOOLS Multimedia Toolkit 15 Arbitrary Files Overwrite"; flow:to_client,established; content:"CLSID"; nocase; content:"00150B1A-B1BA-11CE-ABC6-F5B2E79D9E3F"; nocase; distance:0; pcre:"/.*\.(ini|exe|dll|bat|com|cab|txt)/iR"; content:"SaveSettingsToFile"; distance:0; nocase; reference:url,www.shinnai.altervista.org/xplits/TXT_lyyELAFI8pOPu2p7N6cq.html; reference:bugtraq,28442; reference:cve,CVE-2008-1605; reference:url,doc.emergingthreats.net/2008129; classtype:web-application-attack; sid:2008129; rev:7; metadata:created_at 2010_07_30, updated_at 2010_07_30;)

</h2>

Added 2018-09-13 19:39:40 UTC


 %COMMENT{type="threadmode" default="Please enter documentation, comments, false positives, or concerns with this signature. Press the Attach button below to add samples or Pcaps." button="Add to Documentation" }%
 
 <hr>
 


 <h2>
 


</h2>

Added 2018-09-13 17:53:45 UTC


 
 <hr>
 


 <h2>
 

#alert http $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET ACTIVEX LEADTOOLS Multimedia Toolkit 15 Arbitrary Files Overwrite"; flow:to_client,established; content:"CLSID"; nocase; content:"00150B1A-B1BA-11CE-ABC6-F5B2E79D9E3F"; nocase; distance:0; pcre:"/.*\.(ini|exe|dll|bat|com|cab|txt)/iR"; content:"SaveSettingsToFile"; distance:0; nocase; reference:url,www.shinnai.altervista.org/xplits/TXT_lyyELAFI8pOPu2p7N6cq.html; reference:bugtraq,28442; reference:cve,CVE-2008-1605; reference:url,doc.emergingthreats.net/2008129; classtype:web-application-attack; sid:2008129; rev:7; metadata:created_at 2010_07_30, updated_at 2010_07_30;)

</h2>

Added 2017-08-07 21:01:19 UTC


 
 <hr>
 


 <h2>
 

##alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET ACTIVEX LEADTOOLS Multimedia Toolkit 15 Arbitrary Files Overwrite"; flow:to_client,established; file_data; content:"CLSID"; nocase; content:"00150B1A-B1BA-11CE-ABC6-F5B2E79D9E3F"; nocase; distance:0; pcre:"/.*\.(ini|exe|dll|bat|com|cab|txt)/iR"; content:"SaveSettingsToFile"; distance:0; nocase; reference:url,www.shinnai.altervista.org/xplits/TXT_lyyELAFI8pOPu2p7N6cq.html; reference:bugtraq,28442; reference:cve,CVE-2008-1605; reference:url,doc.emergingthreats.net/2008129; classtype:web-application-attack; sid:2008129; rev:8;)

</h2>

Added 2011-10-12 19:24:29 UTC


 
 <hr>
 


 <h2>
 

##alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET ACTIVEX LEADTOOLS Multimedia Toolkit 15 Arbitrary Files Overwrite"; flow:to_client,established; file_data; content:"CLSID"; nocase; content:"00150B1A-B1BA-11CE-ABC6-F5B2E79D9E3F"; nocase; distance:0; pcre:"/.*\.(ini|exe|dll|bat|com|cab|txt)/iR"; content:"SaveSettingsToFile"; distance:0; nocase; classtype:web-application-attack; reference:url,www.shinnai.altervista.org/xplits/TXT_lyyELAFI8pOPu2p7N6cq.html; reference:bugtraq,28442; reference:cve,CVE-2008-1605; reference:url,doc.emergingthreats.net/2008129; sid:2008129; rev:8;)

</h2>

Added 2011-09-14 22:37:58 UTC


 
 <hr>
 


 <h2>
 

##alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET ACTIVEX LEADTOOLS Multimedia Toolkit 15 Arbitrary Files Overwrite"; flow:to_client,established; file_data; content:"CLSID"; nocase; content:"00150B1A-B1BA-11CE-ABC6-F5B2E79D9E3F"; nocase; distance:0; pcre:"/.*\.(ini|exe|dll|bat|com|cab|txt)/iR"; content:"SaveSettingsToFile"; distance:0; nocase; classtype:web-application-attack; reference:url,www.shinnai.altervista.org/xplits/TXT_lyyELAFI8pOPu2p7N6cq.html; reference:bugtraq,28442; reference:cve,CVE-2008-1605; reference:url,doc.emergingthreats.net/2008129; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_Leadtools; sid:2008129; rev:8;)

</h2>

Added 2011-02-04 17:27:14 UTC


 
 <hr>
 


 <h2>
 

alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_CLIENT ACTIVEX LEADTOOLS Multimedia Toolkit 15 Arbitrary Files Overwrite"; flow:to_client,established; content:"CLSID"; nocase; content:"00150B1A-B1BA-11CE-ABC6-F5B2E79D9E3F"; nocase; distance:0; pcre:"/.*\.(ini|exe|dll|bat|com|cab|txt)/iR"; content:"SaveSettingsToFile"; distance:0; nocase; classtype:web-application-attack; reference:url,www.shinnai.altervista.org/xplits/TXT_lyyELAFI8pOPu2p7N6cq.html; reference:bugtraq,28442; reference:cve,CVE-2008-1605; reference:url,doc.emergingthreats.net/2008129; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_Leadtools; sid:2008129; rev:5;)

</h2>

Added 2009-10-06 14:19:02 UTC


 
 <hr>
 


 <h2>
 

alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_CLIENT ACTIVEX LEADTOOLS Multimedia Toolkit 15 Arbitrary Files Overwrite"; flow:to_client,established; content:"CLSID"; nocase; content:"00150B1A-B1BA-11CE-ABC6-F5B2E79D9E3F"; nocase; distance:0; pcre:"/.*\.(ini|exe|dll|bat|com|cab|txt)/iR"; content:"SaveSettingsToFile"; distance:0; nocase; classtype:web-application-attack; reference:url,www.shinnai.altervista.org/xplits/TXT_lyyELAFI8pOPu2p7N6cq.html; reference:bugtraq,28442; reference:cve,CVE-2008-1605; reference:url,doc.emergingthreats.net/2008129; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_Leadtools; sid:2008129; rev:5;)

</h2>

Added 2009-10-06 14:19:02 UTC


 
 <hr>
 


 <h2>
 

alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_CLIENT ACTIVEX LEADTOOLS Multimedia Toolkit 15 Arbitrary Files Overwrite"; flow:to_client,established; content:"CLSID"; nocase; content:"00150B1A-B1BA-11CE-ABC6-F5B2E79D9E3F"; nocase; distance:0; pcre:"/.*\.(ini|exe|dll|bat|com|cab|txt)/iR"; content:"SaveSettingsToFile"; distance:0; nocase; classtype:web-application-attack; reference:url,www.shinnai.altervista.org/xplits/TXT_lyyELAFI8pOPu2p7N6cq.html; reference:bugtraq,28442; reference:cve,CVE-2008-1605; reference:url,doc.emergingthreats.net/2008129; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_Leadtools; sid:2008129; rev:5;)

</h2>

Added 2009-10-06 14:15:47 UTC


 
 <hr>
 


 <h2>
 

alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_CLIENT ACTIVEX LEADTOOLS Multimedia Toolkit 15 Arbitrary Files Overwrite"; flow:to_client,established; content:"CLSID"; nocase; content:"00150B1A-B1BA-11CE-ABC6-F5B2E79D9E3F"; nocase; distance:0; pcre:"/.*\.(ini|exe|dll|bat|com|cab|txt)/iR"; content:"SaveSettingsToFile"; distance:0; nocase; classtype:web-application-attack; reference:url,www.shinnai.altervista.org/xplits/TXT_lyyELAFI8pOPu2p7N6cq.html; reference:bugtraq,28442; reference:cve,CVE-2008-1605; reference:url,doc.emergingthreats.net/2008129; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_Leadtools; sid:2008129; rev:5;)

</h2>

Added 2009-10-06 14:15:47 UTC


 
 <hr>
 


 <h2>
 

alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX LEADTOOLS Multimedia Toolkit 15 Arbitrary Files Overwrite"; flow:to_client,established; content:"CLSID"; nocase; content:"00150B1A-B1BA-11CE-ABC6-F5B2E79D9E3F"; nocase; distance:0; pcre:"/.*\.(ini|exe|dll|bat|com|cab|txt)/iR"; content:"SaveSettingsToFile"; distance:0; nocase; classtype:web-application-attack; reference:url,www.shinnai.altervista.org/xplits/TXT_lyyELAFI8pOPu2p7N6cq.html; reference:bugtraq,28442; reference:cve,CVE-2008-1605; reference:url,doc.emergingthreats.net/2008129; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Leadtools; sid:2008129; rev:3;)

</h2>

Added 2009-02-16 21:30:25 UTC


 
 <hr>
 


 <h2>
 

alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX LEADTOOLS Multimedia Toolkit 15 Arbitrary Files Overwrite"; flow:to_client,established; content:"CLSID"; nocase; content:"00150B1A-B1BA-11CE-ABC6-F5B2E79D9E3F"; nocase; distance:0; pcre:"/.*\.(ini|exe|dll|bat|com|cab|txt)/iR"; content:"SaveSettingsToFile"; distance:0; nocase; classtype:web-application-attack; reference:url,www.shinnai.altervista.org/xplits/TXT_lyyELAFI8pOPu2p7N6cq.html; reference:bugtraq,28442; reference:cve,CVE-2008-1605; reference:url,doc.emergingthreats.net/2008129; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Leadtools; sid:2008129; rev:3;)

</h2>

Added 2009-02-16 21:30:25 UTC


 
 <hr>
 


 <h2>
 

alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX LEADTOOLS Multimedia Toolkit 15 Arbitrary Files Overwrite"; flow:to_client,established; content:"CLSID"; nocase; content:"00150B1A-B1BA-11CE-ABC6-F5B2E79D9E3F"; nocase; distance:0; pcre:"/.*\.(ini|exe|dll|bat|com|cab|txt)/iR"; content:"SaveSettingsToFile"; distance:0; nocase; classtype:web-application-attack; reference:url,www.shinnai.altervista.org/xplits/TXT_lyyELAFI8pOPu2p7N6cq.html; reference:bugtraq,28442; reference:cve,CVE-2008-1605; sid:2008129; rev:2;)

</h2>

Added 2008-11-25 09:49:36 UTC


 
 <hr>
 


 <h2>
 

alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX LEADTOOLS Multimedia Toolkit 15 Arbitrary Files Overwrite"; flow:to_client,established; content:"CLSID"; nocase; content:"00150B1A-B1BA-11CE-ABC6-F5B2E79D9E3F"; nocase; distance:0; pcre:"/.*\.(ini|exe|dll|bat|com|cab|txt)/iR"; content:"SaveSettingsToFile"; distance:0; nocase; classtype:web-application-attack; reference:url,www.shinnai.altervista.org/xplits/TXT_lyyELAFI8pOPu2p7N6cq.html; reference:bugtraq,28442; reference:cve,CVE-2008-1605; sid:2008129; rev:2;)

</h2>

Added 2008-11-25 09:49:36 UTC


 
 <hr>
 


 <h2>
 

alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX LEADTOOLS Multimedia Toolkit 15 Arbitrary Files Overwrite"; flow:to_client,established; content:"CLSID"; nocase; content:"00150B1A-B1BA-11CE-ABC6-F5B2E79D9E3F"; nocase; distance:0; pcre:"/.*\.(ini|exe|dll|bat|com|cab|txt)/iR"; content:"SaveSettingsToFile"; distance:0; nocase; classtype:web-application-attack; reference:url,www.shinnai.altervista.org/xplits/TXT_lyyELAFI8pOPu2p7N6cq.html; reference:bugtraq,28442; reference:cve,CVE-2008-1605; sid:2008129; rev:2;)

</h2>

Added 2008-11-25 09:45:22 UTC


 
 <hr>
 


 <h2>
 

alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX LEADTOOLS Multimedia Toolkit 15 Arbitrary Files Overwrite"; flow:to_client,established; content:"CLSID"; nocase; content:"00150B1A-B1BA-11CE-ABC6-F5B2E79D9E3F"; nocase; distance:0; pcre:"/.*\.(ini|exe|dll|bat|com|cab|txt)/iR"; content:"SaveSettingsToFile"; distance:0; nocase; classtype:web-application-attack; reference:url,www.shinnai.altervista.org/xplits/TXT_lyyELAFI8pOPu2p7N6cq.html; reference:bugtraq,28442; reference:cve,CVE-2008-1605; sid:2008129; rev:2;)

</h2>

Added 2008-11-25 09:45:22 UTC


 
 <hr>
 


 <h2>
 

alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB LEADTOOLS Multimedia Toolkit 15 Arbitrary Files Overwrite"; flow:to_client,established; content:"CLSID"; nocase; content:"00150B1A-B1BA-11CE-ABC6-F5B2E79D9E3F"; nocase; distance:0; pcre:"/.*\.(ini|exe|dll|bat|com|cab|txt)/iR"; content:"SaveSettingsToFile"; distance:0; nocase; classtype:web-application-attack; reference:url,www.shinnai.altervista.org/xplits/TXT_lyyELAFI8pOPu2p7N6cq.html; reference:bugtraq,28442; reference:cve,CVE-2008-1605; sid:2008129; rev:1;)

</h2>

Added 2008-04-11 11:03:39 UTC


 
 <hr>
Topic revision: r1 - 2018-09-13 - TWikiGuest
Main
User Reference
ATasteOfTWiki
TextFormattingRules
Signature Reference
WebRss Feed
EmergingFAQ