Versions (2)
Version DetailsCurrent
Rev: 6 • Jul 30, 2010, 12:00 PMET WEB_CLIENT VLC Media Player smb URI Handling Remote Buffer Overflow Attempt
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_CLIENT VLC Media Player smb URI Handling Remote Buffer Overflow Attempt"; flow:established,to_client; content:"<location>"; nocase; content:"smb|3A|//"; within:20; nocase; content:!"|0A|"; within:1000; isdataat:1000,relative; pcre:"/\x3Clocation\x3D.+smb\x3A\x2F\x2F.{1000}.+\x3C\x2Flocation\x3E/smi"; reference:url,www.securityfocus.com/bid/35500/info; classtype:attempted-user; sid:2010813; rev:6; metadata:affected_product Web_Browsers, affected_product Web_Browser_Plugins, attack_target Client_Endpoint, created_at 2010_07_30, deployment Perimeter, confidence High, signature_severity Major, tag Web_Client_Attacks, updated_at 2019_09_27;)
Jul 30, 2010, 12:00 PM
Sep 27, 2019, 12:00 PM
Jul 30, 2010, 12:00 PM
May 31, 2024, 9:00 PM
rules/emerging-web_client.rules