Main Webalert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SERVER Nagios statuswml.cgi Remote Arbitrary Shell Command Injection attempt"; flow:to_server,established; content:"GET"; nocase; http_method; content:"/statuswml.cgi?"; nocase; http_uri; content:"ping"; nocase; http_uri; pcre:"/ping\s*=\s*([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}|[^\x26\x0D\x0A]*\x3B)/Ui"; reference:bugtraq,35464; reference:url,doc.emergingthreats.net/2009670; classtype:web-application-attack; sid:2009670; rev:9;) Added 2011-10-12 19:28:01 UTC
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SERVER Nagios statuswml.cgi Remote Arbitrary Shell Command Injection attempt"; flow:to_server,established; content:"GET"; nocase; http_method; content:"/statuswml.cgi?"; nocase; http_uri; content:"ping"; nocase; http_uri; pcre:"/ping\s*=\s*([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}|[^\x26\x0D\x0A]*\x3B)/Ui"; classtype:web-application-attack; reference:bugtraq,35464; reference:url,doc.emergingthreats.net/2009670; sid:2009670; rev:9;) Added 2011-09-14 22:41:18 UTC
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SERVER Nagios statuswml.cgi Remote Arbitrary Shell Command Injection attempt"; flow:to_server,established; content:"GET"; nocase; http_method; content:"/statuswml.cgi?"; nocase; http_uri; content:"ping"; nocase; http_uri; pcre:"/ping\s*=\s*([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}|[^\x26\x0D\x0A]*\x3B)/Ui"; classtype:web-application-attack; reference:bugtraq,35464; reference:url,doc.emergingthreats.net/2009670; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Nagios; sid:2009670; rev:9;) Added 2011-02-04 17:29:02 UTC
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SERVER Nagios statuswml.cgi Remote Arbitrary Shell Command Injection attempt"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/statuswml.cgi?"; nocase; uricontent:"ping"; nocase; pcre:"/ping\s*=\s*([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}|[^\x26\x0D\x0A]*\x3B)/Ui";classtype:web-application-attack; reference:bugtraq,35464; reference:url,doc.emergingthreats.net/2009670; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Nagios; sid:2009670; rev:7;) Added 2009-10-06 14:19:03 UTC
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SERVER Nagios statuswml.cgi Remote Arbitrary Shell Command Injection attempt"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/statuswml.cgi?"; nocase; uricontent:"ping"; nocase; pcre:"/ping\s*=\s*([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}|[^\x26\x0D\x0A]*\x3B)/Ui";classtype:web-application-attack; reference:bugtraq,35464; reference:url,doc.emergingthreats.net/2009670; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Nagios; sid:2009670; rev:7;) Added 2009-10-06 14:19:03 UTC
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB Nagios statuswml.cgi Remote Arbitrary Shell Command Injection attempt"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/statuswml.cgi?"; nocase; uricontent:"ping"; nocase; pcre:"/ping\s*=\s*([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}|[^\x26\x0D\x0A]*\x3B)/Ui";classtype:web-application-attack; reference:bugtraq,35464; reference:url,doc.emergingthreats.net/2009670; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Nagios; sid:2009670; rev:5;) Added 2009-08-06 14:30:36 UTC
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB Nagios statuswml.cgi Remote Arbitrary Shell Command Injection attempt"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/statuswml.cgi?"; nocase; uricontent:"ping"; nocase; pcre:"/ping\s*=\s*([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}|[^\x26\x0D\x0A]*\x3B)/Ui";classtype:web-application-attack; reference:bugtraq,35464; reference:url,doc.emergingthreats.net/2009670; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Nagios; sid:2009670; rev:5;) Added 2009-08-06 14:30:36 UTC
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB Nagios statuswml.cgi Remote Arbitrary Shell Command Injection attempt"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/statuswml.cgi?"; nocase; uricontent:"ping"; nocase; pcre:"/ping\s*=\s*(\x3a[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}|[^\x26\x0D\x0A]*\x3B)/Ui";classtype:web-application-attack; reference:bugtraq,35464; reference:url,doc.emergingthreats.net/2009670; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Nagios; sid:2009670; rev:4;) Added 2009-08-04 11:45:37 UTC
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB Nagios statuswml.cgi Remote Arbitrary Shell Command Injection attempt"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/statuswml.cgi?"; nocase; uricontent:"ping"; nocase; pcre:"/ping\s*=\s*(\x3a[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}|[^\x26\x0D\x0A]*\x3B)/Ui";classtype:web-application-attack; reference:bugtraq,35464; reference:url,doc.emergingthreats.net/2009670; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Nagios; sid:2009670; rev:4;) Added 2009-08-04 11:45:37 UTC
#alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB Nagios statuswml.cgi Remote Arbitrary Shell Command Injection attempt"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/statuswml.cgi?"; nocase; uricontent:"ping"; nocase; pcre:"/ping\s*=\s*(?:[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}|[^\x26\x0D\x0A]*\x3B)/Ui";classtype:web-application-attack; reference:bugtraq,35464; reference:url,doc.emergingthreats.net/2009670; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Nagios; sid:2009670; rev:3;) Added 2009-08-03 22:00:35 UTC
#alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB Nagios statuswml.cgi Remote Arbitrary Shell Command Injection attempt"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/statuswml.cgi?"; nocase; uricontent:"ping"; nocase; pcre:"/ping\s*=\s*(?:[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}|[^\x26\x0D\x0A]*\x3B)/Ui";classtype:web-application-attack; reference:bugtraq,35464; reference:url,doc.emergingthreats.net/2009670; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Nagios; sid:2009670; rev:3;) Added 2009-08-03 22:00:35 UTC
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB Nagios statuswml.cgi Remote Arbitrary Shell Command Injection attempt"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/statuswml.cgi?"; nocase; uricontent:"ping"; nocase; pcre:"/ping\s*=\s*(?:[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}|[^\x26\x0D\x0A]*\x3B)/Ui";classtype:web-application-attack; reference:bugtraq,35464; reference:url,doc.emergingthreats.net/2009670; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Nagios; sid:2009670; rev:3;) Added 2009-08-03 13:53:34 UTC
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB Nagios statuswml.cgi Remote Arbitrary Shell Command Injection attempt"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/statuswml.cgi?"; nocase; uricontent:"ping"; nocase; pcre:"/ping\s*=\s*(?:[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}|[^\x26\x0D\x0A]*\x3B)/Ui";classtype:web-application-attack; reference:bugtraq,35464; reference:url,doc.emergingthreats.net/2009670; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Nagios; sid:2009670; rev:3;) Added 2009-08-03 13:53:34 UTC
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB Nagios statuswml.cgi Remote Arbitrary Shell Command Injection attempt"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/statuswml.cgi?"; nocase; uricontent:"ping"; nocase; pcre:"/ping\s*=\s*[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/Ui";classtype:web-application-attack; reference:bugtraq,35464; reference:url,doc.emergingthreats.net/2009670; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Nagios; sid:2009670; rev:2;) Added 2009-07-22 15:52:40 UTC
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB Nagios statuswml.cgi Remote Arbitrary Shell Command Injection attempt"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/statuswml.cgi?"; nocase; uricontent:"ping"; nocase; pcre:"/ping\s*=\s*[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/Ui";classtype:web-application-attack; reference:bugtraq,35464; reference:url,doc.emergingthreats.net/2009670; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Nagios; sid:2009670; rev:2;) Added 2009-07-22 15:52:40 UTC
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB Nagios statuswml.cgi Remote Arbitrary Shell Command Injection attempt"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/statuswml.cgi?"; nocase; uricontent:"ping"; nocase; pcre:"/ping\s*=\s*[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/Ui";classtype:web-application-attack; reference:bugtraq,35464; sid:2009670; rev:1;) Added 2009-07-22 14:06:21 UTC
Main Web
Create New Topic
Index
Search
Changes
Preferences- User Reference
- ATasteOfTWiki
- TextFormattingRules
- Signature Reference
- WebRss Feed
- EmergingFAQ
 |
|
Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding TWiki? Send feedback