ET SMTP Potential Exim HeaderX with run exploit attempt

SID: 2012054Rev: 31 viewsHistory

Sourceet/open

CreatedDecember 15, 2010

UpdatedJuly 26, 2019

Classificationattempted-admin

alert tcp $EXTERNAL_NET any -> $HOME_NET 25 (msg:"ET SMTP Potential Exim HeaderX with run exploit attempt"; flow:established,to_server; content:"|0d 0a|HeaderX|3a 20|"; nocase; content:"run{"; distance:0; reference:url,www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html; reference:url,eclists.org/fulldisclosure/2010/Dec/221; classtype:attempted-admin; sid:2012054; rev:3; metadata:created_at 2010_12_15, signature_severity Minor, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)

References

url	www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html
url	eclists.org/fulldisclosure/2010/Dec/221

Metadata

created at2010_12_15

signature severityMinor

tagDescription_Generated_By_Proofpoint_Nexus

updated at2019_07_26

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!