Full Disclosure: Re: Secuirty Hole Found In Dave's Sock

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Re: Secuirty Hole Found In Dave's Sock

From: Jackson McKinley <saintau () sdf lonestar org>
Date: Fri, 9 Sep 2005 04:19:04 +0000


alert leg $RIGHT_FOOT any -> any toe (msg: "Suspect traffic - Sock hole exploit"; 
content:"%48%61%63%6b%69%6e%67%20%74%68%65%20%73%6f%63%6b%20%6d%61%6e%21"; classtype: misc-activity; si
d: 2001842; rev:4; )
alert leg $BOTH_LEGS any -> any foot/toe/leg (msg: "Attempted exploiting of the toe, sock or leg"; 
content:"%68%61%63%6b%69%6e%67%20%74%68%65%20%66%6f%6f%74%2c%20%74%6f%65%2c%20%6c%65%67%2e%2e%20%6f%68%20%6d%79%20%74%6f%65%20%74%68%65%79%20%68%61%76%65%20%61%20%63%72%65%61%6d%20%66%6f%72%20%74%68%61%74%20%6e%6f%77";
 
Classtype: mis$: misc-activity; sid: 2001842; rev:4; )

Could this be related to socks disappearing?  Anybody have signatures
for snort?

John

-- 
saintau () sdf lonestar org
SDF Public Access UNIX System - http://sdf.lonestar.org

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

Re: Secuirty Hole Found In Dave's Sock, (continued)
- RE: Secuirty Hole Found In Dave's Sock Dave Cawley (Sep 08)
  - Re: Secuirty Hole Found In Dave's Sock John Kinsella (Sep 08)
    - Re: Secuirty Hole Found In Dave's Sock Philipp Walther (Sep 08)
    - Re: Secuirty Hole Found In Dave's Sock Jackson McKinley (Sep 09)
- RE: Secuirty Hole Found In Dave's Sock Swain, Kenneth (Sep 08)
- RE: Secuirty Hole Found In Dave's Sock Swain, Kenneth (Sep 08)