Versions (2)
Version DetailsCurrent
Rev: 4 • Feb 11, 2026, 8:15 AMATTACK [PTsecurity] Telnetd Authentication Bypass attempt (CVE-2026-24061)
alert tcp any any -> any 23 (msg: "ATTACK [PTsecurity] Telnetd Authentication Bypass attempt (CVE-2026-24061)"; flow: established, to_server; content: "|ff fa 27|"; content: "|00|USER|01|"; distance: 0; content: "-f"; distance: 0; pcre: "/USER\x01[^\x00\xff]*?-f/"; flowbits: set, Telnetd.exploit.flg; reference: cve, 2026-24061; reference: url, www.opennet.ru/opennews/art.shtml?num=64649; reference: url, rules.ptsecurity.com; classtype: attempted-admin; sid: 10016325; rev: 4;)
Feb 11, 2026, 8:15 AM
May 8, 2026, 5:42 PM
Mar 2, 2026, 1:34 PM
May 15, 2026, 1:35 PM
rules/ptopen-attacks.rules