Vulnerability in Windows Help and Support Center -rev2

공격 참조

http://secunia.com/blog/103/
http://seclists.org/fulldisclosure/2010/Jun/205

탐지룰

alert 80 any -> any any (flow:established, to_client; content:”hcp|3a2f2f|”; content:”topic|3d|hcp|3a2f2f|”; distance:0; pcre:”/hcp\x3a\x2f\x2f[^\r\n]+topic\x3dhcp\x3a\x2f\x2f/i”;)

Advertisements

About this entry