ET EXPLOIT Possible CVE-2014-1761 Inbound SMTP 5

SID: 2018311Rev: 60 views
History
Sourceet/open
CreatedMarch 25, 2014
UpdatedJanuary 19, 2023
Classificationattempted-user
alert tcp $EXTERNAL_NET any -> $HOME_NET [25,587] (msg:"ET EXPLOIT Possible CVE-2014-1761 Inbound SMTP 5"; flow:from_client,established; content:"XHUtNTU0"; fast_pattern; pcre:"/^(?:.*?(?:XHUtNTU0|cdS01NT|x1LTU1N)){7}/Rs"; reference:cve,2014-1761; reference:url,blogs.technet.com/b/srd/archive/2014/03/24/security-advisory-2953095-recommendation-to-stay-protected-and-for-detections.aspx; classtype:attempted-user; sid:2018311; rev:6; metadata:created_at 2014_03_25, deprecation_reason Age, confidence Low, signature_severity Major, tag CISA_KEV, updated_at 2023_01_19;)

References

cve2014-1761
urlblogs.technet.com/b/srd/archive/2014/03/24/security-advisory-2953095-recommendation-to-stay-protected-and-for-detections.aspx

Metadata

created at2014_03_25
deprecation reasonAge
confidenceLow
signature severityMajor
tagCISA_KEV
updated at2023_01_19

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!