Versions (5)
Version DetailsCurrent
Rev: 3 • Dec 9, 2014, 12:00 PMET EXPLOIT Possible PYKEK Priv Esc in-use
alert tcp any any -> $HOME_NET 88 (msg:"ET EXPLOIT Possible PYKEK Priv Esc in-use"; flow:established,to_server; content:"|a4 11 18 0f|19700101000000Z|a5 11 18 0f|19700101000000Z|a6 11 18 0f|19700101000000Z"; content:"|a8 05 30 03 02 01 17|"; distance:8; within:7; threshold:type limit, track by_src, seconds 60, count 1; reference:url,github.com/bidord/pykek; reference:cve,2014-6324; classtype:attempted-admin; sid:2019897; rev:3; metadata:created_at 2014_12_09, deprecation_reason Age, confidence Low, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2023_01_19;)
Dec 9, 2014, 12:00 PM
Jan 19, 2023, 12:00 PM
Sep 21, 2024, 3:00 AM
Nov 24, 2025, 10:34 PM
rules/emerging-exploit.rules