Rule History

alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET EXPLOIT Possible VLC Media Player M3U File FTP URL Processing Stack Buffer Overflow Attempt"; flowbits:isset,ET.m3u.download; flow:established,to_client; content:"ftp|3A|//"; nocase; content:"PRAV"; within:10; isdataat:2000,relative; content:!"|0A|"; within:2000; reference:url,securitytracker.com/alerts/2010/Jul/1024172.html; classtype:attempted-user; sid:2011242; rev:3; metadata:created_at 2010_07_30, confidence Low, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)