Versions (2)
Version DetailsCurrent
Rev: 2 • Apr 23, 2020, 12:00 PMET DELETED Possible iOS MobileMail OOB Write/Heap Overflow Exploit Email (Inbound)
alert smtp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET DELETED Possible iOS MobileMail OOB Write/Heap Overflow Exploit Email (Inbound)"; flow:established,to_server; content:"T8hlGOo9"; fast_pattern; content:"OKl2N"; pcre:"/^(?:\\r\\n|\x0d\x0a)C/R"; content:"AAAAAAAA"; reference:url,blog.zecops.com/vulnerabilities/unassisted-ios-attacks-via-mobilemail-maild-in-the-wild/; classtype:attempted-admin; sid:2030007; rev:2; metadata:attack_target Mobile_Client, created_at 2020_04_23, deployment Perimeter, signature_severity Major, updated_at 2020_05_01;)
Apr 23, 2020, 12:00 PM
May 1, 2020, 12:00 PM
Apr 23, 2020, 12:00 PM
May 31, 2024, 9:00 PM
rules/emerging-deleted.rules