[Snort-users] BOHTTP/BrownOrifice/Netscape ServerSocket sigs
ryan at ...35...
Tue Aug 8 19:24:46 EDT 2000
There's already an advisory out on it as well, it's vulnerable to .. games
in the filenames. See today's Bugtraq archives. I assume there is
already a Whitehats rule to catch .. in URLs?
On Tue, 8 Aug 2000, Max Vision wrote:
> I can't find the reference email anywhere but someone asked me if there
> were signatures to detect this. I have written two, one for the java
> bytecode download, and another for a successful trojan installation:
> Max Vision
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
More information about the Snort-users