alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS 68KB PHP Knowledge Base Remote File Inclusion Attempt"; flow:established,to_server; content:"GET "; depth:4; uricontent:"/themes/admin/default/modules/show.php?file="; classtype:web-application-attack; reference:url,securityreason.com/wlb_show/WLB-2010030122; reference:url,68kb.com/2010/04/03/68kb-v1-0-0-rc4-is-now-released-please-upgrade/; reference:url,www.securityfocus.com/archive/1/512824; reference:url,doc.emergingthreats.net/2011327; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_68kb; sid:2011327; rev:2;)

Added 2010-08-10 14:38:51 UTC


Topic revision: r1 - 2010-08-10 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats