""ET EXPLOIT NB8-01 - Unauthed RCE via bprd""
SID: 2024308
Revision: 1
Class Type: web-application-attack
Metadata: attack_target Server, created_at 2017_05_17, deployment Internal, performance_impact Moderate, signature_severity Major, updated_at 2017_05_17
Reference:
Protocol: tcp
Source Network: any
Source Port: any
Destination Network: $HOME_NET
Destination Port: 1556
Flow: established,to_server
Contents:
-
Value: "ack=" Depth: 4
-
Value: "extension=bprd"
Within:
PCRE: "/^.*?[\x24\x60]/R"
Special Options:
- fast_pattern