Versions (3)
Version DetailsCurrent
Rev: 6 • Sep 23, 2010, 12:00 PMGPL EXPLOIT .cmd executable file parsing attack
alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"GPL EXPLOIT .cmd executable file parsing attack"; flow:established,to_server; http.uri; content:".cmd|22|"; nocase; pcre:"/^.*?\x26/Ri"; reference:bugtraq,1912; reference:cve,2000-0886; classtype:web-application-attack; sid:2103193; rev:6; metadata:created_at 2010_09_23, cve CVE_2000_0886, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_04_22;)
Sep 23, 2010, 12:00 PM
Apr 22, 2020, 12:00 PM
Sep 21, 2024, 3:00 AM
Dec 22, 2025, 10:34 PM
rules/emerging-exploit.rules