alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET SCAN SQL Injection Attempt (Agent uil2pn)"; flow:to_server,established; content:"uil2pn"; http_user_agent; reference:url,www.prevx.com/filenames/89385984947861762-X1/UIL2PN.EXE.html; reference:url,doc.emergingthreats.net/2010215; classtype:web-application-attack; sid:2010215; rev:5; metadata:affected_product Web_Server_Applications, attack_target Web_Server, deployment Datacenter, tag SQL_Injection, signature_severity Major, created_at 2010_07_30, updated_at 2016_07_01;)

Added 2017-08-07 21:03:19 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET SCAN SQL Injection Attempt (Agent uil2pn)"; flow:to_server,established; content:"User-Agent|3a| uil2pn|0d 0a|"; fast_pattern:only; http_header; reference:url,www.prevx.com/filenames/89385984947861762-X1/UIL2PN.EXE.html; reference:url,doc.emergingthreats.net/2010215; classtype:web-application-attack; sid:2010215; rev:6;)

Added 2011-10-12 19:29:14 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET SCAN SQL Injection Attempt (Agent uil2pn)"; flow:to_server,established; content:"User-Agent|3a| uil2pn|0d 0a|"; fast_pattern:only; http_header; classtype:web-application-attack; reference:url,www.prevx.com/filenames/89385984947861762-X1/UIL2PN.EXE.html; reference:url,doc.emergingthreats.net/2010215; sid:2010215; rev:6;)

Added 2011-09-14 22:42:28 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET SCAN SQL Injection Attempt (Agent uil2pn)"; flow:to_server,established; content:"User-Agent|3a| uil2pn|0d 0a|"; fast_pattern:only; http_header; classtype:web-application-attack; reference:url,www.prevx.com/filenames/89385984947861762-X1/UIL2PN.EXE.html; reference:url,doc.emergingthreats.net/2010215; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_SQLScan; sid:2010215; rev:6;)

Added 2011-02-04 17:29:41 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET SCAN SQL Injection Attempt (Agent uil2pn)"; flow:to_server,established; content:"|0d 0a|User-Agent|3a| uil2pn|0d 0a|"; classtype:web-application-attack; reference:url,www.prevx.com/filenames/89385984947861762-X1/UIL2PN.EXE.html; reference:url,doc.emergingthreats.net/2010215; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_SQLScan; sid:2010215; rev:3;)

Added 2009-11-03 22:45:43 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET SCAN SQL Injection Attempt (Agent uil2pn)"; flow:to_server,established; content:"|0d 0a|User-Agent|3a| uil2pn|0d 0a|"; classtype:web-application-attack; reference:url,www.prevx.com/filenames/89385984947861762-X1/UIL2PN.EXE.html; reference:url,doc.emergingthreats.net/2010215; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_SQLScan; sid:2010215; rev:3;)

Added 2009-11-03 22:45:43 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET SCAN SQL Injection Attempt (Agent uil2pn)"; flow:to_server,established; content:"|0d 0a|User-Agent: uil2pn|0d 0a|"; classtype:web-application-attack; reference:url,www.prevx.com/filenames/89385984947861762-X1/UIL2PN.EXE.html; reference:url,doc.emergingthreats.net/2010215; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_SQLScan; sid:2010215; rev:2;)

Added 2009-11-02 20:30:42 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET SCAN SQL Injection Attempt (Agent uil2pn)"; flow:to_server,established; content:"|0d 0a|User-Agent: uil2pn|0d 0a|"; classtype:web-application-attack; reference:url,www.prevx.com/filenames/89385984947861762-X1/UIL2PN.EXE.html; reference:url,doc.emergingthreats.net/2010215; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_SQLScan; sid:2010215; rev:2;)

Added 2009-11-02 20:30:42 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET SCAN SQL Injection Attempt (Agent uil2pn)"; flow:to_server,established; content:"|0d 0a|User-Agent: uil2pn|0d 0a|"; classtype:web-application-attack; reference:url,www.prevx.com/filenames/89385984947861762-X1/UIL2PN.EXE.html; reference:url,doc.emergingthreats.net/2010215; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_SQLScan; sid:2010215; rev:2;)

Added 2009-11-02 20:26:39 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET SCAN SQL Injection Attempt (Agent uil2pn)"; flow:to_server,established; content:"|0d 0a|User-Agent: uil2pn|0d 0a|"; classtype:web-application-attack; reference:url,www.prevx.com/filenames/89385984947861762-X1/UIL2PN.EXE.html; reference:url,doc.emergingthreats.net/2010215; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_SQLScan; sid:2010215; rev:2;)

Added 2009-11-02 20:26:39 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET SCAN SQL Injection Attempt (Agent uil2pn)"; flow:to_server,established; content:"|0d 0a|User-Agent: uil2pn|0d 0a|"; classtype:web-application-attack; reference:url,www.prevx.com/filenames/89385984947861762-X1/UIL2PN.EXE.html; sid:2010215; rev:1;)

Added 2009-10-30 10:30:40 UTC


Topic revision: r1 - 2017-08-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats