#alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET DELETED Possible Apache Struts OGNL Expression Injection (CVE-2017-5638) (Content-Length) M2"; flow:to_server,established; content:"Content-Length|3a 20 25 7b 28|"; nocase; content:"{"; content:"}"; metadata: former_category WEB_SPECIFIC_APPS; classtype:web-application-attack; sid:2024095; rev:1; metadata:affected_product Apache_Struts2, attack_target Web_Server, deployment Datacenter, signature_severity Major, created_at 2017_03_20, updated_at 2017_03_21;)

Added 2017-08-07 21:19:23 UTC


#alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET DELETED Possible Apache Struts OGNL Expression Injection (CVE-2017-5638) (Content-Length) M2"; flow:to_server,established; content:"Content-Length|3a 20 25 7b 28|"; nocase; content:"{"; content:"}"; classtype:web-application-attack; sid:2024095; rev:1;)

Added 2017-05-05 16:59:01 UTC


#alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET DELETED Possible Apache Struts OGNL Expression Injection (CVE-2017-5638) (Content-Length) M2"; flow:to_server,established; content:"Content-Length|3a 20 25 7b 28|"; nocase; content:"{"; content:"}"; metadata: former_category WEB_SPECIFIC_APPS; classtype:web-application-attack; sid:2024095; rev:1;)

Added 2017-03-21 17:46:22 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS Possible Apache Struts OGNL Expression Injection (CVE-2017-5638) (Content-Length) M2"; flow:to_server,established; content:"Content-Length|3a 20 25 7b 28|"; nocase; content:"{"; content:"}"; classtype:web-application-attack; sid:2024095; rev:1;)

Added 2017-03-20 20:33:41 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS Possible Apache Struts OGNL Expression Injection (CVE-2017-5638) (Content-Length) M2"; flow:to_server,established; content:"Content-Length|3a 20 25 7b 28|"; nocase; content:"{"; content:"}"; classtype:web-application-attack; sid:2024095; rev:1;)

Added 2017-03-20 19:16:56 UTC


Topic revision: r1 - 2017-08-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats