""ET WEB_CLIENT Apple Quicktime RTSP Content-Type overflow attempt""
SID: 2007704
Revision: 6
Class Type: attempted-user
Metadata: affected_product Web_Browsers, affected_product Web_Browser_Plugins, attack_target Client_Endpoint, created_at 2010_07_30, deployment Perimeter, signature_severity Major, tag Web_Client_Attacks, updated_at 2010_09_30
Reference:
Protocol: udp
Source Network: $EXTERNAL_NET
Source Port: any
Destination Network: $HOME_NET
Destination Port: any
Flow:
Contents:
-
Value: "RTSP/" Depth: 5
-
Value: "|0a|Content-Type|3a|"
-
Value: !"|0a|"
Within: 50
PCRE:
Special Options:
-
nocase
-
nocase