Versions (6)
Version DetailsCurrent
Rev: 2 • Aug 30, 2021, 12:00 PMET EXPLOIT Microsoft Exchange - Successful msExchEcpCanary Disclosure (CVE-2021-33766)
alert http [$HOME_NET,$HTTP_SERVERS] any -> any any (msg:"ET EXPLOIT Microsoft Exchange - Successful msExchEcpCanary Disclosure (CVE-2021-33766)"; flow:established,from_server; http.stat_code; content:"500"; http.cookie; content:"msExchEcpCanary="; fast_pattern; flowbits:isset,ET.proxytoken; flowbits:unset,ET.proxytoken; xbits:set,ET.proxytoken.500,track ip_src,expire 30; reference:cve,2021-33766; classtype:attempted-admin; sid:2033835; rev:2; metadata:created_at 2021_08_30, cve CVE_2021_33766, confidence High, signature_severity Major, tag CISA_KEV, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2021_08_30;)
Aug 30, 2021, 12:00 PM
Aug 30, 2021, 12:00 PM
Sep 21, 2024, 3:00 AM
Sep 12, 2025, 9:34 PM
rules/emerging-exploit.rules