ET EXPLOIT Microsoft Exchange - Successful msExchEcpCanary Disclosure (CVE-2021-33766) - Suricata Rule 2033835 (et/open)

ET EXPLOIT Microsoft Exchange - Successful msExchEcpCanary Disclosure (CVE-2021-33766)

SID: 2033835Rev: 20 viewsHistory

Sourceet/open

CreatedAugust 30, 2021

UpdatedAugust 30, 2021

Classificationattempted-admin

alert http [$HOME_NET,$HTTP_SERVERS] any -> any any (msg:"ET EXPLOIT Microsoft Exchange - Successful msExchEcpCanary Disclosure (CVE-2021-33766)"; flow:established,from_server; http.stat_code; content:"500"; http.cookie; content:"msExchEcpCanary="; fast_pattern; flowbits:isset,ET.proxytoken; flowbits:unset,ET.proxytoken; xbits:set,ET.proxytoken.500,track ip_src,expire 30; reference:cve,2021-33766; classtype:attempted-admin; sid:2033835; rev:2; metadata:created_at 2021_08_30, cve CVE_2021_33766, confidence High, signature_severity Major, tag CISA_KEV, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2021_08_30;)

References

cve	2021-33766

Metadata

created at2021_08_30

cveCVE-2021-33766

confidenceHigh

signature severityMajor

tagDescription_Generated_By_Proofpoint_Nexus

updated at2021_08_30

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!