""ET EXPLOIT CloudMe Sync Buffer Overflow""
SID: 2025766
Revision: 2
Class Type: attempted-admin
Metadata: attack_target Server, created_at 2018_06_29, cve CVE_2018_6892, deployment Perimeter, performance_impact Low, confidence High, signature_severity Major, updated_at 2018_06_29
Reference:
-
cve
-
2018-6892
Protocol: tcp
Source Network: $EXTERNAL_NET
Source Port: any
Destination Network: $HOME_NET
Destination Port: 8888
Flow: established,to_server
Contents:
-
Value: "|fe e7 d1 61 a8 98 03 69 10 06 e7 6f 6f 0a c4 61 5a ea c8 68 e1 52 d6 68 a2 7c fa 68 ff fd ff ff|"
-
Value: "|92 70 b4 6e 47 27 d5 68 ff ff ff ff bc 48 f9 68|"
-
Value: "|3c 06 f8 68 72 a4 f9 68 c0 ff ff ff 92 70 b4 6e|"
-
Value: "|ab 57 f0 61 a3 ef b5 6e d1 14 dc 61 0c ed b4 64 45 62 ba 61|"
-
Value: "|90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90|"
Within:
PCRE:
Special Options:
- fast_pattern