#alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS OS Commerce 2.2 RC2 Potential Anonymous Remote Code Execution"; flow:established,to_server; content:"POST "; depth:5; uricontent:".php/"; pcre:"/\/[a-z_]+\.php\/[a-z_]+\.php/U"; reference:url,seclists.org/fulldisclosure/2009/Nov/169; reference:url,seclists.org/fulldisclosure/2009/Nov/170; reference:url,doc.emergingthreats.net/2010341; classtype:web-application-attack; sid:2010341; rev:4; metadata:created_at 2010_07_30, updated_at 2010_07_30;)

Added 2017-08-07 21:03:27 UTC


#alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS OS Commerce 2.2 RC2 Potential Anonymous Remote Code Execution"; flow:established,to_server; content:"POST "; depth:5; uricontent:".php/"; pcre:"/\/[a-z_]+\.php\/[a-z_]+\.php/U"; reference:url,seclists.org/fulldisclosure/2009/Nov/169; reference:url,seclists.org/fulldisclosure/2009/Nov/170; reference:url,doc.emergingthreats.net/2010341; classtype:web-application-attack; sid:2010341; rev:4;)

Added 2014-12-29 16:13:52 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS OS Commerce 2.2 RC2 Potential Anonymous Remote Code Execution"; flow:established,to_server; content:"POST "; depth:5; uricontent:".php/"; pcre:"/\/[a-z_]+\.php\/[a-z_]+\.php/U"; reference:url,seclists.org/fulldisclosure/2009/Nov/169; reference:url,seclists.org/fulldisclosure/2009/Nov/170; reference:url,www.milw0rm.com/exploits/9556; reference:url,doc.emergingthreats.net/2010341; classtype:web-application-attack; sid:2010341; rev:2;)

Added 2011-10-12 19:29:31 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS OS Commerce 2.2 RC2 Potential Anonymous Remote Code Execution"; flow:established,to_server; content:"POST "; depth:5; uricontent:".php/"; pcre:"/\/[a-z_]+\.php\/[a-z_]+\.php/U"; classtype:web-application-attack; reference:url,seclists.org/fulldisclosure/2009/Nov/169; reference:url,seclists.org/fulldisclosure/2009/Nov/170; reference:url,www.milw0rm.com/exploits/9556; reference:url,doc.emergingthreats.net/2010341; sid:2010341; rev:2;)

Added 2011-09-14 22:42:45 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS OS Commerce 2.2 RC2 Potential Anonymous Remote Code Execution"; flow:established,to_server; content:"POST "; depth:5; uricontent:".php/"; pcre:"/\/[a-z_]+\.php\/[a-z_]+\.php/U"; classtype:web-application-attack; reference:url,seclists.org/fulldisclosure/2009/Nov/169; reference:url,seclists.org/fulldisclosure/2009/Nov/170; reference:url,www.milw0rm.com/exploits/9556; reference:url,doc.emergingthreats.net/2010341; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_OSCommerce; sid:2010341; rev:2;)

Added 2011-02-04 17:29:51 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS OS Commerce 2.2 RC2 Potential Anonymous Remote Code Execution"; flow:established,to_server; content:"POST "; depth:5; uricontent:".php/"; pcre:"/\/[a-z_]+\.php\/[a-z_]+\.php/U"; classtype:web-application-attack; reference:url,seclists.org/fulldisclosure/2009/Nov/169; reference:url,seclists.org/fulldisclosure/2009/Nov/170; reference:url,www.milw0rm.com/exploits/9556; reference:url,doc.emergingthreats.net/2010341; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_OSCommerce; sid:2010341; rev:2;)

Added 2009-11-18 21:00:43 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS OS Commerce 2.2 RC2 Potential Anonymous Remote Code Execution"; flow:established,to_server; content:"POST "; depth:5; uricontent:".php/"; pcre:"/\/[a-z_]+\.php\/[a-z_]+\.php/U"; classtype:web-application-attack; reference:url,seclists.org/fulldisclosure/2009/Nov/169; reference:url,seclists.org/fulldisclosure/2009/Nov/170; reference:url,www.milw0rm.com/exploits/9556; reference:url,doc.emergingthreats.net/2010341; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_OSCommerce; sid:2010341; rev:2;)

Added 2009-11-18 21:00:43 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS OS Commerce 2.2 RC2 Potential Anonymous Remote Code Execution"; flow:established,to_server; content:"POST "; depth:5; uricontent:".php/"; pcre:"/\/[a-z_]+\.php\/[a-z_]+\.php/U"; classtype:web-application-attack; reference:url,seclists.org/fulldisclosure/2009/Nov/169; reference:url,seclists.org/fulldisclosure/2009/Nov/170; reference:url,www.milw0rm.com/exploits/9556; sid:2010341; rev:1;)

Added 2009-11-18 20:00:43 UTC


Topic revision: r1 - 2017-08-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats