POP3: .CRT
This signature detects e-mail attachments that have the extension .crt and were received through POP3. Because .CRTs (Security Certificate) files can contain executable code, this can indicate an incoming e-mail virus. Attackers can create malicious executable code, tricking users into executing the file and infecting the system.
Extended Description
Since .crt files contain executable code, malware writers can exploit this by inserting malicious code. A target system is compromised if an unsuspecting user opens a malicious .crt file, which is usually received by e-mail. The impact on the target system is dependent on the instructions contained in the malicious .crt file.
Short Name
POP3:EXT:DOT-CRT
Severity
Major
Recommended
False
Recommended Action
Drop
Category
POP3
Keywords
.CRT
Release Date
07/28/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown