ET POLICY Possible Windows Binary Observed in SSL/TLS Certificate

SID: 2025315Rev: 20 views
History
Sourceet/open
CreatedFebruary 6, 2018
UpdatedMarch 28, 2022
Classificationmisc-attack
alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"ET POLICY Possible Windows Binary Observed in SSL/TLS Certificate"; flow:established,from_server; tls.certs; content:"This program cannot be run in DOS mode"; nocase; bsize:>768; reference:url,www.fidelissecurity.com/threatgeek/2018/02/exposing-x509-vulnerabilities; classtype:misc-attack; sid:2025315; rev:2; metadata:attack_target Client_Endpoint, created_at 2018_02_06, deployment Perimeter, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2022_03_28;)

References

urlwww.fidelissecurity.com/threatgeek/2018/02/exposing-x509-vulnerabilities

Metadata

attack targetClient_Endpoint
created at2018_02_06
deploymentPerimeter
confidenceMedium
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2022_03_28

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!