Yara Rule - Libcue 취약성의 악용 시도가 될 수있는 의심스러운 .cue 파일을 감지 CVE-2023-43641

🧱 보안 정책/룰 관련
1

Yara Rule - Libcue 취약성의 악용 시도가 될 수있는 의심스러운 .cue 파일을 감지 CVE-2023-43641

Yara 정의.

Yara Rule - Detects a suspicious .cue file that could be an exploitation attempt of libcue vulnerability CVE-2023-43641

Yara definition.

Author: Florian Roth

https://github.com/github/securitylab/blob/main/SecurityExploits/libcue/track_set_index_CVE-2023-43641/README.md

date = "2023-10-27"
score = 70
$a1 = "TRACK "
$a2 = "FILE "
$s1 = "INDEX 4294"```


[https://github.com/Neo23x0/signature-base/commit/5dcc569dfb9c24b3ab116a592bfd11d4c02d4f0e](https://github.com/Neo23x0/signature-base/commit/5dcc569dfb9c24b3ab116a592bfd11d4c02d4f0e)