Versions (4)
Version DetailsCurrent
Rev: 6 • Jul 30, 2010, 12:00 PMET EXPLOIT Possible ShixxNote buffer-overflow + remote shell attempt
alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT Possible ShixxNote buffer-overflow + remote shell attempt"; flow:established,to_server; content:"|68 61 63 6b 75|"; offset:126; depth:5; content:"|68 61 63 6b 90 61 61 61 61|"; offset:519; depth:9; reference:url,aluigi.altervista.org/adv/shixxbof-adv.txt; classtype:shellcode-detect; sid:2001385; rev:6; metadata:created_at 2010_07_30, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)
Jul 30, 2010, 12:00 PM
Jul 26, 2019, 12:00 PM
Sep 21, 2024, 3:00 AM
Nov 26, 2025, 10:34 PM
rules/emerging-exploit.rules