ET EXPLOIT Backup Exec Windows Agent Remote File Access - Attempt - Suricata Rule 2002181 (et/open)

ET EXPLOIT Backup Exec Windows Agent Remote File Access - Attempt

SID: 2002181Rev: 50 viewsHistory

Sourceet/open

CreatedJuly 30, 2010

UpdatedJuly 26, 2019

Classificationdefault-login-attempt

alert tcp $EXTERNAL_NET any -> $HOME_NET 10000 (msg:"ET EXPLOIT Backup Exec Windows Agent Remote File Access - Attempt"; flow:to_server,established; flowbits:isnotset,SID2002181; content:"|0000 0000 0000 0901 0000 0000 0000 0000 0000 0002 0000 0004 726f 6f74 b4b8 0f26 205c 4234 03fc aeee 8f91 3d6f|"; offset:8; depth:52; flowbits:set,SID2002181; reference:url,www.frsirt.com/english/advisories/2005/1387; reference:url,www.frsirt.com/exploits/20050811.backupexec_dump.pm.php; classtype:default-login-attempt; sid:2002181; rev:5; metadata:created_at 2010_07_30, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)

References

url	www.frsirt.com/english/advisories/2005/1387
url	www.frsirt.com/exploits/20050811.backupexec_dump.pm.php

Metadata

created at2010_07_30

signature severityMajor

tagDescription_Generated_By_Proofpoint_Nexus

updated at2019_07_26

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!