alert tcp any any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP Version Number"; flow:established,to_server; http_protocol; content:"|28 29 20 7b|"; depth:4; reference:url,blogs.akamai.com/2014/09/environment-bashing.html; classtype:attempted-admin; sid:2019236; rev:5; metadata:created_at 2014_09_25, updated_at 2021_04_06;)

Added 2021-04-06 18:09:21 UTC


alert tcp any any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP Version Number"; flow:established,to_server; http_protocol; content:"|28 29 20 7b|"; depth:4; reference:url,blogs.akamai.com/2014/09/environment-bashing.html; classtype:attempted-admin; sid:2019236; rev:5; metadata:created_at 2014_09_25, updated_at 2020_06_19;)

Added 2020-06-19 19:28:09 UTC


alert tcp any any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP Version Number"; flow:established,to_server; content:"|20 28 29 20 7b|"; fast_pattern:only; pcre:"/^[^\s]+\s+[^\s]+\s+\x28\x29\x20\x7b[^\r\n]*?\r?$/m"; reference:url,blogs.akamai.com/2014/09/environment-bashing.html; classtype:attempted-admin; sid:2019236; rev:3; metadata:created_at 2014_09_25, updated_at 2019_10_07;)

Added 2019-10-07 19:58:50 UTC


alert tcp any any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP Version Number"; flow:established,to_server; content:"|20 28 29 20 7b|"; fast_pattern:only; pcre:"/^[^\s]+\s+[^\s]+\s+\x28\x29\x20\x7b[^\r\n]*?\r?$/m"; reference:url,blogs.akamai.com/2014/09/environment-bashing.html; classtype:attempted-admin; sid:2019236; rev:3; metadata:created_at 2014_09_25, updated_at 2014_09_25;)

Added 2018-09-13 19:49:22 UTC


Added 2018-09-13 17:59:01 UTC


alert tcp any any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP Version Number"; flow:established,to_server; content:"|20 28 29 20 7b|"; fast_pattern:only; pcre:"/^[^\s]+\s+[^\s]+\s+\x28\x29\x20\x7b[^\r\n]*?\r?$/m"; reference:url,blogs.akamai.com/2014/09/environment-bashing.html; classtype:attempted-admin; sid:2019236; rev:3; metadata:created_at 2014_09_25, updated_at 2014_09_25;)

Added 2017-08-07 21:13:27 UTC


alert tcp any any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP Version Number"; flow:established,to_server; content:"|20 28 29 20 7b|"; fast_pattern:only; pcre:"/^[^\s]+\s+[^\s]+\s+\x28\x29\x20\x7b[^\r\n]*?\r?$/m"; reference:url,blogs.akamai.com/2014/09/environment-bashing.html; classtype:attempted-admin; sid:2019236; rev:3;)

Added 2014-10-01 16:51:09 UTC


alert tcp any any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP Version Number"; flow:established,to_server; content:"|20 28 29 20 7b 20|"; fast_pattern:only; pcre:"/^[^\s]+\s+[^\s]+\s+\x28\x29\x20\x7b\x20[^\r\n]*?\r?$/m"; reference:url,blogs.akamai.com/2014/09/environment-bashing.html; classtype:attempted-admin; sid:2019236; rev:2;)

Added 2014-09-24 23:44:09 UTC



This topic: Main > 2019236
Topic revision: r1 - 2021-04-06 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats