[Emerging-Sigs] Daily Ruleset Update Summary 09/24/2014 Part Deux the search for more bash sigs

Will Metcalf wmetcalf at emergingthreatspro.com
Wed Sep 24 23:52:48 EDT 2014


[+++]          Summary:          [+++]

A couple more bash sigs. Found that version number could be leveraged as a
vector. Also thanks to Jake Warren for a couple of DHCP sigs to try out.
[+++]          Added rules:          [+++]
  2019236 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP Version
Number (web_server.rules)
  2019237 - ET EXPLOIT Possible CVE-2014-6271 exploit attempt via malicious
DHCP ACK - option 15 (exploit.rules)
  2019238 - ET EXPLOIT Possible CVE-2014-6271 exploit attempt via malicious
DHCP ACK - option 67 (exploit.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20140924/e151cc94/attachment.html>


More information about the Emerging-sigs mailing list