Versions (4)
Version DetailsCurrent
Rev: 6 • Jul 30, 2010, 12:00 PMET EXPLOIT ProFTPD .message file overflow attempt
alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET EXPLOIT ProFTPD .message file overflow attempt"; flowbits:isset,BE.ftp.message; flow:to_server,established; content:"CWD "; depth:4; nocase; flowbits:unset,BE.ftp.message; reference:url,www.milw0rm.com/exploits/2856; classtype:misc-attack; sid:2003197; rev:6; metadata:created_at 2010_07_30, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)
Jul 30, 2010, 12:00 PM
Jul 26, 2019, 12:00 PM
Sep 21, 2024, 3:00 AM
Oct 20, 2025, 3:34 PM
rules/emerging-exploit.rules