Rule History

SID: 2014199 • Source: et/open

Versions (4)

Version DetailsCurrent

Rev: 1 • Feb 7, 2012, 12:00 PM

Message:

ET EXPLOIT_KIT Exploit Kit Exploiting IEPeers

Rule:

alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET EXPLOIT_KIT Exploit Kit Exploiting IEPeers"; flow:established,to_client; content:"booom["; content:"booom["; distance:0; content:"booom["; distance:0; content:"booom["; distance:0; content:"booom["; distance:0; content:"booom["; distance:0; content:"booom["; distance:0; reference:url,www.kahusecurity.com/2011/cve-2011-2140-caught-in-the-wild/; reference:cve,2010-0806; classtype:exploit-kit; sid:2014199; rev:1; metadata:created_at 2012_02_07, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)

Created:

Feb 7, 2012, 12:00 PM

Updated:

Jul 26, 2019, 12:00 PM

DB Created:

Sep 21, 2024, 3:00 AM

DB Updated:

Oct 13, 2025, 9:34 PM

Filename:

rules/emerging-exploit_kit.rules