[prev in list] [next in list] [prev in thread] [next in thread] 

List:       snort-sigs
Subject:    [Snort-sigs] New Sigs
From:       Keith Pachulski <Keith.Pachulski () corp ! ptd ! net>
Date:       2000-11-01 19:45:26
[Download RAW message or body]

With the first sig, during install the admin chooses the port the server
will listen on so there is no real defining port unfortunately.
alert tcp !$HOME_NET any -> $HOME_NET any (msg:"Possible Netscape Servers
Suite Multiple DoS Vulnerabilities"; flags:PA;
content:"/dsgw/bin/search?context="; nocase;)

alert tcp !$HOME_NET any -> $HOME_NET 80 (msg:"Unify eWave ServletExec File
Upload Vulnerability"; flags:PA; content:"/servlet";
content:"UploadServlet"; nocase;)

alert tcp !$HOME_NET any -> $HOME_NET 25 (msg:"Possible MS Exchange Server
MIME DoS Vulnerability"; flags:PA; content="|63 68 61 72 73 65 74 20 3D 20
22 22|";)

[prev in list] [next in list] [prev in thread] [next in thread]