2003372 < Main < EmergingThreats

EmergingThreats>

Main Web>2003372 (2019-08-23, TWikiGuest)

EditAttach

#alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS PHPEventMan? remote file include"; flow:established,to_server; uricontent:"/controller/"; nocase; pcre:"/(text\.ctrl\.php|common\.function\.php)\?level=\s*(ftps?|https?|php)\:\//Ui"; reference:bugtraq,22358; reference:url,doc.emergingthreats.net/2003372; classtype:web-application-attack; sid:2003372; rev:5; metadata:affected_product Any, attack_target Server, deployment Datacenter, tag Remote_File_Include, signature_severity Major, created_at 2010_07_30, updated_at 2019_08_22;)

Added 2019-08-22 20:11:07 UTC

#alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS PHPEventMan? remote file include"; flow:established,to_server; uricontent:"/controller/"; nocase; pcre:"/(text\.ctrl\.php|common\.function\.php)\?level=\s*(ftps?|https?|php)\:\//Ui"; reference:bugtraq,22358; reference:url,doc.emergingthreats.net/2003372; classtype:web-application-attack; sid:2003372; rev:5; metadata:affected_product Any, attack_target Server, deployment Datacenter, tag Remote_File_Include, signature_severity Major, created_at 2010_07_30, updated_at 2016_07_01;)

Added 2017-08-07 20:56:39 UTC

#alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS PHPEventMan? remote file include"; flow:established,to_server; uricontent:"/controller/"; nocase; pcre:"/(text\.ctrl\.php|common\.function\.php)\?level=\s*(ftps?|https?|php)\:\//Ui"; reference:bugtraq,22358; reference:url,doc.emergingthreats.net/2003372; classtype:web-application-attack; sid:2003372; rev:5;)

Added 2017-04-19 17:17:06 UTC

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS PHPEventMan? remote file include"; flow:established,to_server; uricontent:"/controller/"; nocase; pcre:"/(text\.ctrl\.php|common\.function\.php)\?level=\s*(ftps?|https?|php)\:\//Ui"; reference:bugtraq,22358; reference:url,doc.emergingthreats.net/2003372; classtype:web-application-attack; sid:2003372; rev:5;)

Added 2011-10-12 19:13:21 UTC

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS PHPEventMan? remote file include"; flow:established,to_server; uricontent:"/controller/"; nocase; pcre:"/(text\.ctrl\.php|common\.function\.php)\?level=\s*(ftps?|https?|php)\:\//Ui"; classtype:web-application-attack; reference:bugtraq,22358; reference:url,doc.emergingthreats.net/2003372; sid:2003372; rev:5;)

Added 2011-09-14 22:26:18 UTC

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS PHPEventMan? remote file include"; flow:established,to_server; uricontent:"/controller/"; nocase; pcre:"/(text\.ctrl\.php|common\.function\.php)\?level=\s*(ftps?|https?|php)\:\//Ui"; classtype:web-application-attack; reference:bugtraq,22358; reference:url,doc.emergingthreats.net/2003372; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_PHPEventman; sid:2003372; rev:5;)

Added 2011-02-04 17:22:25 UTC

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS PHPEventMan? remote file include"; flow:established,to_server; uricontent:"/controller/"; nocase; pcre:"/(text\.ctrl\.php|common\.function\.php)\?level=\s*(ftps?|https?|php)\:\//Ui"; reference:bugtraq,22358; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2003372; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_PHPEventman; sid:2003372; rev:5;)

Added 2009-10-06 14:39:21 UTC

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS PHPEventMan? remote file include"; flow:established,to_server; uricontent:"/controller/"; nocase; pcre:"/(text\.ctrl\.php|common\.function\.php)\?level=\s*(ftps?|https?|php)\:\//Ui"; reference:bugtraq,22358; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2003372; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_PHPEventman; sid:2003372; rev:5;)

Added 2009-10-06 14:39:21 UTC

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC PHPEventMan? remote file include"; flow:established,to_server; uricontent:"/controller/"; nocase; pcre:"/(text\.ctrl\.php|common\.function\.php)\?level=\s*(ftps?|https?|php)\:\//Ui"; reference:bugtraq,22358; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2003372; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_PHPEventman; sid:2003372; rev:5;)

Added 2009-10-06 14:19:54 UTC

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC PHPEventMan? remote file include"; flow:established,to_server; uricontent:"/controller/"; nocase; pcre:"/(text\.ctrl\.php|common\.function\.php)\?level=\s*(ftps?|https?|php)\:\//Ui"; reference:bugtraq,22358; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2003372; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_PHPEventman; sid:2003372; rev:5;)

Added 2009-10-06 14:19:54 UTC

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC PHPEventMan? remote file include"; flow:established,to_server; uricontent:"/controller/"; nocase; pcre:"/(text\.ctrl\.php|common\.function\.php)\?level=\s*(ftps?|https?|php)\:\//Ui"; reference:bugtraq,22358; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2003372; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_PHPEventman; sid:2003372; rev:5;)

Added 2009-10-06 14:16:32 UTC

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC PHPEventMan? remote file include"; flow:established,to_server; uricontent:"/controller/"; nocase; pcre:"/(text\.ctrl\.php|common\.function\.php)\?level=\s*(ftps?|https?|php)\:\//Ui"; reference:bugtraq,22358; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2003372; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_PHPEventman; sid:2003372; rev:5;)

Added 2009-10-06 14:16:32 UTC

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC PHPEventMan? remote file include"; flow:established,to_server; uricontent:"/controller/"; nocase; pcre:"/(text\.ctrl\.php|common\.function\.php)\?level=\s*(ftps?|https?|php)\:\//Ui"; reference:bugtraq,22358; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2003372; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_PHPEventman; sid:2003372; rev:4;)

Added 2009-02-24 21:30:26 UTC

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC PHPEventMan? remote file include"; flow:established,to_server; uricontent:"/controller/"; nocase; pcre:"/(text\.ctrl\.php|common\.function\.php)\?level=\s*(ftps?|https?|php)\:\//Ui"; reference:bugtraq,22358; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2003372; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_PHPEventman; sid:2003372; rev:4;)

Added 2009-02-24 21:30:26 UTC

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC PHPEventMan? remote file include"; flow:established,to_server; uricontent:"/controller/"; nocase; pcre:"/(text\.ctrl\.php|common\.function\.php)\?level=\s*(ftps?|https?|php)\:\//Ui"; reference:bugtraq,22358; classtype:web-application-attack; sid:2003372; rev:3;)

Added 2008-02-01 10:46:26 UTC

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC PHPEventMan? remote file include"; flow:established,to_server; uricontent:"/controller/"; nocase; pcre:"/(text\.ctrl\.php|common\.function\.php)\?level=\s*(ftps?|https?|php)\:\//Ui"; reference:bugtraq,22358; classtype:web-application-attack; sid:2003372; rev:3;)

Added 2008-02-01 10:46:26 UTC

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB PHPEventMan? remote file include"; flow:established,to_server; uricontent:"/controller/"; nocase; pcre:"/(text\.ctrl\.php|common\.function\.php)\?level=\s*(ftps?|https?|php)\:\//Ui"; reference:bugtraq,22358; classtype:web-application-attack; sid:2003372; rev:2;)

Added 2007-05-31 13:09:54 UTC

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB PHPEventMan? remote file include"; flow:established,to_server; uricontent:"/controller/"; nocase; pcre:"/(text\.ctrl\.php|common\.function\.php)\?level=\s*(ftp|https?)\:\//Ui"; reference:bugtraq,22358; classtype:web-application-attack; sid:2003372; rev:1;)

Topic revision: r1 - 2019-08-23 - TWikiGuest

Main

User Reference
ATasteOfTWiki
TextFormattingRules

Signature Reference
WebRss Feed
EmergingFAQ