[Emerging-Sigs] Android - CVE-2014-6041

rmkml rmkml at yahoo.fr
Mon Sep 15 17:50:32 EDT 2014


Thx Jaime and Will,

Don't forget file_data please...

Regards
@Rmkml


On Mon, 15 Sep 2014, Will Metcalf wrote:

> Awesome! thanks Jaime! Will get into QA.
> 
> Regards,
> 
> Will
> 
> On Mon, Sep 15, 2014 at 4:32 PM, Jaime Blasco <jaime.blasco at alienvault.com> wrote:
> 
> https://community.rapid7.com/community/metasploit/blog
> 
> Proposed sig:
> 
> alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET CURRENT_EVENTS Possible Android CVE-2014_6041"; flow:from_server,established; content:"|5c|u0000javascript:"; nocase; reference:url,1337day.com/exploit/22581;
> classtype:trojan-activity; sid:1111111; rev:1;)
> Regards
> --
> _______________________________
> 
> Jaime Blasco
> AlienVault Labs Director
> 
> www.ossim.com
> labs.alienvault.com
> Email: jaime.blasco at alienvault.com
> 
> http://twitter.com/jaimeblascob
> 
> 
> 
>


More information about the Emerging-sigs mailing list