ET EXPLOIT Microsoft Outlook/Crypto API X.509 oid id-pe-authorityInfoAccessSyntax design bug allow blind HTTP requests attempt
Sourceet/open
Fileemerging-exploit.rules
CreatedNovember 14, 2013
UpdatedMarch 6, 2024
Classificationattempted-admin
alert tcp $EXTERNAL_NET any -> $SMTP_SERVERS [25,587] (msg:"ET EXPLOIT Microsoft Outlook/Crypto API X.509 oid id-pe-authorityInfoAccessSyntax design bug allow blind HTTP requests attempt"; flow:established,to_server ; content:"multipart/signed|3B|"; nocase; content:"application/pkcs7-signature|3B|"; nocase; distance:0; content:"|0A|QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB|0D|"; distance:0; reference:cve,2013-3870 ; reference:url,www.microsoft.com/technet/security/bulletin/MS13-068.mspx ; reference:url,blog.nruns.com/blog/2013/11/12/A-portscan-by-email-Alex ; classtype:attempted-admin; sid:2017712; rev:11; metadata:created_at 2013_11_14, signature_severity Major, updated_at 2024_03_06;)
References
Metadata
created at2013_11_14
signature severityMajor
updated at2024_03_06
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!