Back to Rule

Rule History

SID: 2012155 • Source: et/open

Versions (2)

Version DetailsCurrent

Rev: 3Jan 6, 2011, 12:00 PM

ET EXPLOIT Wireshark ENTTEC DMX Data Processing Code Execution Attempt 2

alert udp $EXTERNAL_NET any -> $HOME_NET 3333 (msg:"ET EXPLOIT Wireshark ENTTEC DMX Data Processing Code Execution Attempt 2"; content:"|FE|"; byte_test:1,>,11,0,relative; content:"|45 53 44 44|"; depth:4; content:"|04|"; distance:2; within:1; content:"|FE FF|"; within:50; content:"|FE FF|"; within:50; reference:url,www.exploit-db.com/exploits/15898/; reference:bid,45634; classtype:attempted-user; sid:2012155; rev:3; metadata:created_at 2011_01_06, signature_severity Major, updated_at 2020_08_20;)

Jan 6, 2011, 12:00 PM

Aug 20, 2020, 12:00 PM

Sep 21, 2024, 3:00 AM

May 30, 2025, 12:04 AM

rules/emerging-exploit.rules