ET EXPLOIT Possible CVE-2014-1761 Inbound SMTP 1
Sourceet/open
Fileemerging-exploit.rules
CreatedMarch 25, 2014
UpdatedMarch 6, 2024
Classificationattempted-user
alert tcp $EXTERNAL_NET any -> $HOME_NET [25,587] (msg:"ET EXPLOIT Possible CVE-2014-1761 Inbound SMTP 1"; flow:established,to_server ; content:"XGxpc3RvdmVycmlkZWNvdW50"; isdataat:2,relative ; pcre:"/^\s*/Rs"; content:!"MQ"; within:2; content:!"MV"; within:2; content:!"MT"; within:2; content:!"MH"; within:2; content:!"MF"; within:2; content:!"ME"; within:2; content:!"OQ"; within:2; content:!"OX"; within:2; content:!"MA"; within:2; content:!"MS"; within:2; content:!"MX"; within:2; reference:cve,2014-1761 ; reference:url,blogs.technet.com/b/srd/archive/2014/03/24/security-advisory-2953095-recommendation-to-stay-protected-and-for-detections.aspx ; classtype:attempted-user; sid:2018314; rev:11; metadata:created_at 2014_03_25, deprecation_reason Age, confidence Low, signature_severity Major, tag CISA_KEV, updated_at 2024_03_06;)
References
Metadata
created at2014_03_25
deprecation reasonAge
confidenceLow
signature severityMajor
tagCISA_KEV
updated at2024_03_06
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!