EmergingThreats> Main Web>2004885 (revision 1)EditAttach

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB webSPELL SQL Injection Attempt -- index.php showonly ASCII"; flow:established,to_server; uricontent:"/index.php?"; nocase; uricontent:"showonly="; nocase; uricontent:"SELECT"; nocase; pcre:"/ASCII\(.+SELECT/Ui"; classtype:web-application-attack; reference:cve,CVE-2007-1019; reference:url,www.milw0rm.com/exploits/3325; sid:2004885; rev:2;)

Added 2007-08-18 15:04:11 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB webSPELL SQL Injection Attempt -- index.php showonly ASCII"; flow:established,to_server; uricontent:"/index.php?"; nocase; uricontent:"showonly="; nocase; uricontent:"SELECT"; nocase; pcre:"/ASCII\(.+SELECT/Ui"; classtype:web-application-attack; reference:cve,CVE-2007-1019; reference:url,www.milw0rm.com/exploits/3325; sid:2004885; rev:2;)

Added 2007-08-18 02:31:37 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB webSPELL SQL Injection Attempt -- index.php showonly ASCII"; flow:established,to_server; uricontent:"/index.php?"; nocase; uricontent:"showonly="; nocase; uricontent:"SELECT"; nocase; pcre:"/ASCII\(.+SELECT/Ui"; classtype:web-application-attack; reference:cve,CVE-2007-1019; reference:url,www.milw0rm.com/exploits/3325; sid:2004885; rev:2;)

Added 2007-08-16 04:19:27 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB webSPELL SQL Injection Attempt -- index.php showonly ASCII"; flow:established,to_server; uricontent:"/index.php?"; nocase; uricontent:"showonly="; nocase; uricontent:"SELECT"; nocase; pcre:"/ASCII\(.+SELECT/Ui"; classtype:web-application-attack; reference:cve,CVE-2007-1019; reference:url,www.milw0rm.com/exploits/3325; sid:2004885; rev:2;)

Added 2007-08-15 23:01:56 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB webSPELL SQL Injection Attempt -- index.php showonly ASCII"; flow:established,to_server; uricontent:"/index.php?"; nocase; uricontent:"showonly="; nocase; uricontent:"SELECT"; nocase; pcre:"/ASCII\(.+SELECT/Ui"; classtype:web-application-attack; reference:cve,CVE-2007-1019; reference:url,www.milw0rm.com/exploits/3325; sid:2004885; rev:2;)

Added 2007-08-15 07:02:41 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB webSPELL SQL Injection Attempt -- index.php showonly ASCII"; flow:established,to_server; uricontent:"/index.php?"; nocase; uricontent:"showonly="; nocase; uricontent:"SELECT"; nocase; pcre:"/ASCII\(.+SELECT/Ui"; classtype:web-application-attack; reference:cve,CVE-2007-1019; reference:url,www.milw0rm.com/exploits/3325; sid:2004885; rev:2;)

Added 2007-08-15 05:07:25 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB webSPELL SQL Injection Attempt -- index.php showonly ASCII"; flow:established,to_server; uricontent:"/index.php?"; nocase; uricontent:"showonly="; nocase; uricontent:"SELECT"; nocase; pcre:"/ASCII\(.+SELECT/Ui"; classtype:web-application-attack; reference:cve,CVE-2007-1019; reference:url,www.milw0rm.com/exploits/3325; sid:2004885; rev:2;)

Added 2007-08-15 04:40:22 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB webSPELL SQL Injection Attempt -- index.php showonly ASCII"; flow:established,to_server; uricontent:"/index.php?"; nocase; uricontent:"showonly="; nocase; uricontent:"SELECT"; nocase; pcre:"/ASCII\(.+SELECT/Ui"; classtype:web-application-attack; reference:cve,CVE-2007-1019; reference:url,www.milw0rm.com/exploits/3325; sid:2004885; rev:2;)

Added 2007-08-15 03:32:10 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB webSPELL SQL Injection Attempt -- index.php showonly ASCII"; flow:established,to_server; uricontent:"/index.php?"; nocase; uricontent:"showonly="; nocase; uricontent:"SELECT"; nocase; pcre:"/ASCII\(.+SELECT/Ui"; classtype:web-application-attack; reference:cve,CVE-2007-1019; reference:url,www.milw0rm.com/exploits/3325; sid:2004885; rev:2;)

Added 2007-08-15 03:20:16 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB webSPELL SQL Injection Attempt -- index.php showonly ASCII"; flow:established,to_server; uricontent:"/index.php?"; nocase; uricontent:"showonly="; nocase; uricontent:"SELECT"; nocase; pcre:"/ASCII\(.+SELECT/Ui"; classtype:web-application-attack; reference:cve,CVE-2007-1019; reference:url,www.milw0rm.com/exploits/3325; sid:2004885; rev:2;)

Added 2007-08-15 03:14:52 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB webSPELL SQL Injection Attempt -- index.php showonly ASCII"; flow:established,to_server; uricontent:"/index.php?"; nocase; uricontent:"showonly="; nocase; uricontent:"SELECT"; nocase; pcre:"/ASCII\(.+SELECT/Ui"; classtype:web-application-attack; reference:cve,CVE-2007-1019; reference:url,www.milw0rm.com/exploits/3325; sid:2004885; rev:2;)

Added 2007-08-15 02:47:38 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB webSPELL SQL Injection Attempt -- index.php showonly ASCII"; flow:established,to_server; uricontent:"/index.php?"; nocase; uricontent:"showonly="; nocase; uricontent:"SELECT"; nocase; pcre:"/ASCII\(.+SELECT/Ui"; classtype:web-application-attack; reference:cve,CVE-2007-1019; reference:url,www.milw0rm.com/exploits/3325; sid:2004885; rev:2;)

Added 2007-08-15 01:31:40 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB webSPELL SQL Injection Attempt -- index.php showonly ASCII"; flow:established,to_server; uricontent:"/index.php?"; nocase; uricontent:"showonly="; nocase; uricontent:"SELECT"; nocase; pcre:"/ASCII\(.+SELECT/Ui"; classtype:web-application-attack; reference:cve,CVE-2007-1019; reference:url,www.milw0rm.com/exploits/3325; sid:2004885; rev:2;)

Added 2007-08-15 01:16:22 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB webSPELL SQL Injection Attempt -- index.php showonly ASCII"; flow:established,to_server; uricontent:"/index.php?"; nocase; uricontent:"showonly="; nocase; uricontent:"SELECT"; nocase; pcre:"/ASCII\(.+SELECT/Ui"; classtype:web-application-attack; reference:cve,CVE-2007-1019; reference:url,www.milw0rm.com/exploits/3325; sid:2004885; rev:2;)

Added 2007-08-14 23:16:23 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB webSPELL SQL Injection Attempt -- index.php showonly ASCII"; flow:established,to_server; uricontent:"/index.php?"; nocase; uricontent:"showonly="; nocase; uricontent:"SELECT"; nocase; pcre:"/ASCII\(.+SELECT/Ui"; classtype:web-application-attack; reference:cve,CVE-2007-1019; reference:url,www.milw0rm.com/exploits/3325; sid:2004885; rev:2;)

Added 2007-08-14 23:02:22 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB webSPELL SQL Injection Attempt -- index.php showonly ASCII"; flow:established,to_server; uricontent:"/index.php?"; nocase; uricontent:"showonly="; nocase; uricontent:"SELECT"; nocase; pcre:"/ASCII\(.+SELECT/Ui"; classtype:web-application-attack; reference:cve,CVE-2007-1019; reference:url,www.milw0rm.com/exploits/3325; sid:2004885; rev:2;)

Added 2007-08-14 13:46:24 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB webSPELL SQL Injection Attempt -- index.php showonly ASCII"; flow:established,to_server; uricontent:"/index.php?"; nocase; uricontent:"showonly="; nocase; uricontent:"SELECT"; nocase; pcre:"/ASCII\(.+SELECT/Ui"; classtype:web-application-attack; reference:cve,CVE-2007-1019; reference:url,www.milw0rm.com/exploits/3325; sid:2004885; rev:2;)

Added 2007-08-14 03:02:15 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB webSPELL SQL Injection Attempt -- index.php showonly ASCII"; flow:established,to_server; uricontent:"/index.php?"; nocase; uricontent:"showonly="; nocase; uricontent:"SELECT"; nocase; pcre:"/ASCII\(.+SELECT/Ui"; classtype:web-application-attack; reference:cve,CVE-2007-1019; reference:url,www.milw0rm.com/exploits/3325; sid:2004885; rev:2;)

Added 2007-08-14 02:56:50 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB webSPELL SQL Injection Attempt -- index.php showonly ASCII"; flow:established,to_server; uricontent:"/index.php?"; nocase; uricontent:"showonly="; nocase; uricontent:"SELECT"; nocase; pcre:"/ASCII\(.+SELECT/Ui"; classtype:web-application-attack; reference:cve,CVE-2007-1019; reference:url,www.milw0rm.com/exploits/3325; sid:2004885; rev:2;)

Added 2007-08-14 02:16:34 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB webSPELL SQL Injection Attempt -- index.php showonly ASCII"; flow:established,to_server; uricontent:"/index.php?"; nocase; uricontent:"showonly="; nocase; uricontent:"SELECT"; nocase; pcre:"/ASCII\(.+SELECT/Ui"; classtype:web-application-attack; reference:cve,CVE-2007-1019; reference:url,www.milw0rm.com/exploits/3325; sid:2004885; rev:2;)

Added 2007-08-14 02:02:48 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB webSPELL SQL Injection Attempt -- index.php showonly ASCII"; flow:established,to_server; uricontent:"/index.php?"; nocase; uricontent:"showonly="; nocase; uricontent:"SELECT"; nocase; pcre:"/ASCII\(.+SELECT/Ui"; classtype:web-application-attack; reference:cve,CVE-2007-1019; reference:url,www.milw0rm.com/exploits/3325; sid:2004885; rev:2;)

Added 2007-08-14 01:38:37 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB webSPELL SQL Injection Attempt -- index.php showonly ASCII"; flow:established,to_server; uricontent:"/index.php?"; nocase; uricontent:"showonly="; nocase; uricontent:"SELECT"; nocase; pcre:"/ASCII\(.+SELECT/Ui"; classtype:web-application-attack; reference:cve,CVE-2007-1019; reference:url,www.milw0rm.com/exploits/3325; sid:2004885; rev:2;)

Added 2007-08-14 01:02:21 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB webSPELL SQL Injection Attempt -- index.php showonly ASCII"; flow:established,to_server; uricontent:"/index.php?"; nocase; uricontent:"showonly="; nocase; uricontent:"SELECT"; nocase; pcre:"/ASCII\(.+SELECT/Ui"; classtype:web-application-attack; reference:cve,CVE-2007-1019; reference:url,www.milw0rm.com/exploits/3325; sid:2004885; rev:2;)

Added 2007-08-14 00:03:25 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB webSPELL SQL Injection Attempt -- index.php showonly ASCII"; flow:established,to_server; uricontent:"/index.php?"; nocase; uricontent:"showonly="; nocase; uricontent:"SELECT"; nocase; pcre:"/ASCII\(.+SELECT/Ui"; classtype:web-application-attack; reference:cve,CVE-2007-1019; reference:url,www.milw0rm.com/exploits/3325; sid:2004885; rev:2;)

Added 2007-08-13 10:35:33 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB webSPELL SQL Injection Attempt -- index.php showonly ASCII"; flow:established,to_server; uricontent:"/index.php?"; nocase; uricontent:"showonly="; nocase; uricontent:"SELECT"; nocase; pcre:"/ASCII\(.+SELECT/Ui"; classtype:web-application-attack; reference:cve,CVE-2007-1019; reference:url,www.milw0rm.com/exploits/3325; sid:2004885; rev:2;)

Added 2007-08-13 04:20:36 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB webSPELL SQL Injection Attempt -- index.php showonly ASCII"; flow:established,to_server; uricontent:"/index.php?"; nocase; uricontent:"showonly="; nocase; uricontent:"SELECT"; nocase; pcre:"/ASCII\(.+SELECT/Ui"; classtype:web-application-attack; reference:cve,CVE-2007-1019; reference:url,www.milw0rm.com/exploits/3325; sid:2004885; rev:2;)

Added 2007-08-13 04:14:02 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"BLEEDING-EDGE WEB webSPELL SQL Injection Attempt -- index.php showonly ASCII"; flow:established,to_server; uricontent:"/index.php?"; nocase; uricontent:"showonly="; nocase; pcre:"/ASCII\(.+SELECT/Ui"; classtype:web-application-attack; reference:cve,CVE-2007-1019; reference:url,www.milw0rm.com/exploits/3325; sid:2004885; rev:1;)

Added 2007-06-10 20:30:40 UTC


Edit | Attach | Print version | History: r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions...
Topic revision: r1 - 2007-08-18 - MattJonkman
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats