alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SERVER Apache APR apr_fnmatch Stack Overflow Denial of Service"; flow:to_server,established; urilen:>1400; content:"|2F 3F|P|3D 2A 3F 2A 3F 2A 3F 2A 3F 2A 3F|"; http_uri; pcre:"/(\x2a\x3f){700}/U"; reference:cve,2011-0419; reference:url,cxib.net/stuff/apr_fnmatch.txt; reference:url,bugzilla.redhat.com/show_bug.cgi?id=703390; classtype:attempted-dos; sid:2012926; rev:3; metadata:created_at 2011_06_02, updated_at 2011_06_02;)

Added 2017-08-07 21:06:08 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB_SERVER Apache APR apr_fnmatch Stack Overflow Denial of Service"; flow:to_server,established; urilen:>1400; content:"|2F 3F|P|3D 2A 3F 2A 3F 2A 3F 2A 3F 2A 3F|"; http_uri; pcre:"/(\x2a\x3f){700}/U"; reference:cve,2011-0419; reference:url,cxib.net/stuff/apr_fnmatch.txt; reference:url,bugzilla.redhat.com/show_bug.cgi?id=703390; classtype:attempted-dos; sid:2012926; rev:3;)

Added 2012-03-01 19:55:07 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB_SERVER Apache APR apr_fnmatch Stack Overflow Denial of Service"; flow:to_server,established; urilen:>1400; content:"|2F 3F|P|3D 2A 3F 2A 3F 2A 3F 2A 3F 2A 3F|"; http_uri; pcre:"/(\x2a\x3f){700}/U"; reference:cve,2011-0419; reference:url,cxib.net/stuff/apr_fnmatch.txt; reference:url,bugzilla.redhat.com/show_bug.cgi?id=703390; classtype:attempted-dos; sid:2012926; rev:3;)

Added 2011-10-12 19:35:33 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB_SERVER Apache APR apr_fnmatch Stack Overflow Denial of Service"; flow:to_server,established; urilen:>1400; content:"|2F 3F|P|3D 2A 3F 2A 3F 2A 3F 2A 3F 2A 3F|"; http_uri; pcre:"/(\x2a\x3f){700}/U"; classtype:attempted-dos; reference:cve,2011-0419; reference:url,cxib.net/stuff/apr_fnmatch.txt; reference:url,bugzilla.redhat.com/show_bug.cgi?id=703390; sid:2012926; rev:3;)

Added 2011-06-03 15:45:51 UTC


Topic revision: r2 - 2012-04-05 - MattJonkman
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats