Versions (3)
Version DetailsCurrent
Rev: 2 • Apr 23, 2020, 12:00 PMET EXPLOIT Possible iOS MobileMail OOB Write/Heap Overflow Exploit Email (Inbound)
alert smtp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT Possible iOS MobileMail OOB Write/Heap Overflow Exploit Email (Inbound)"; flow:established,to_server; content:"3r0TRZfh"; fast_pattern; content:"AAAAAAAA"; content:"|00 41 00 41 00 41 00 41|"; reference:url,blog.zecops.com/vulnerabilities/unassisted-ios-attacks-via-mobilemail-maild-in-the-wild/; classtype:attempted-admin; sid:2030008; rev:2; metadata:attack_target Mobile_Client, created_at 2020_04_23, deployment Perimeter, confidence Medium, signature_severity Major, updated_at 2020_05_01;)
Apr 23, 2020, 12:00 PM
May 1, 2020, 12:00 PM
Sep 21, 2024, 3:00 AM
May 30, 2025, 12:04 AM
rules/emerging-exploit.rules