alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS Webmin Pre-1.290 Compromise Attempt"; flow:established,to_server; content:"POST"; http_method; content:"/unathenticated/"; http_uri; content:"/unauthenticated//..%01/..%01/..%01/"; http_raw_uri; reference:url,bliki.rimuhosting.com/comments/knowledgebase/linux/miscapplications/webmin; reference:url,doc.emergingthreats.net/2010009; classtype:web-application-attack; sid:2010009; rev:7; metadata:created_at 2010_07_30, updated_at 2020_02_10;)

Added 2020-02-10 18:52:30 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS Webmin Pre-1.290 Compromise Attempt"; flow:established,to_server; content:"POST"; http_method; content:"/unathenticated/"; http_uri; content:"/unauthenticated//..%01/..%01/..%01/"; http_raw_uri; reference:url,bliki.rimuhosting.com/comments/knowledgebase/linux/miscapplications/webmin; reference:url,doc.emergingthreats.net/2010009; classtype:web-application-attack; sid:2010009; rev:7; metadata:created_at 2010_07_30, updated_at 2020_02_10;)

Added 2020-02-10 18:51:25 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS Webmin Pre-1.290 Compromise Attempt"; flow:established,to_server; content:"POST "; depth:5; content:"/unathenticated/"; http_uri; content:"/unauthenticated//..%01/..%01/..%01/"; reference:url,bliki.rimuhosting.com/comments/knowledgebase/linux/miscapplications/webmin; reference:url,doc.emergingthreats.net/2010009; classtype:web-application-attack; sid:2010009; rev:6; metadata:created_at 2010_07_30, updated_at 2019_09_26;)

Added 2019-09-26 19:56:31 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS Webmin Pre-1.290 Compromise Attempt"; flow:established,to_server; content:"POST "; depth:5; content:"/unathenticated/"; http_uri; content:"/unauthenticated//..%01/..%01/..%01/"; reference:url,bliki.rimuhosting.com/comments/knowledgebase/linux/miscapplications/webmin; reference:url,doc.emergingthreats.net/2010009; classtype:web-application-attack; sid:2010009; rev:5; metadata:created_at 2010_07_30, updated_at 2019_08_22;)

Added 2019-08-22 20:12:54 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS Webmin Pre-1.290 Compromise Attempt"; flow:established,to_server; content:"POST "; depth:5; uricontent:"/unathenticated/"; content:"/unauthenticated//..%01/..%01/..%01/"; reference:url,bliki.rimuhosting.com/comments/knowledgebase/linux/miscapplications/webmin; reference:url,doc.emergingthreats.net/2010009; classtype:web-application-attack; sid:2010009; rev:4; metadata:created_at 2010_07_30, updated_at 2010_07_30;)

Added 2018-09-13 19:41:03 UTC


Added 2018-09-13 17:54:29 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS Webmin Pre-1.290 Compromise Attempt"; flow:established,to_server; content:"POST "; depth:5; uricontent:"/unathenticated/"; content:"/unauthenticated//..%01/..%01/..%01/"; reference:url,bliki.rimuhosting.com/comments/knowledgebase/linux/miscapplications/webmin; reference:url,doc.emergingthreats.net/2010009; classtype:web-application-attack; sid:2010009; rev:4; metadata:created_at 2010_07_30, updated_at 2010_07_30;)

Added 2017-08-07 21:03:07 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS Webmin Pre-1.290 Compromise Attempt"; flow:established,to_server; content:"POST "; depth:5; uricontent:"/unathenticated/"; content:"/unauthenticated//..%01/..%01/..%01/"; reference:url,bliki.rimuhosting.com/comments/knowledgebase/linux/miscapplications/webmin; reference:url,doc.emergingthreats.net/2010009; classtype:web-application-attack; sid:2010009; rev:4;)

Added 2011-10-12 19:28:44 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS Webmin Pre-1.290 Compromise Attempt"; flow:established,to_server; content:"POST "; depth:5; uricontent:"/unathenticated/"; content:"/unauthenticated//..%01/..%01/..%01/"; classtype:web-application-attack; reference:url,bliki.rimuhosting.com/comments/knowledgebase/linux/miscapplications/webmin; reference:url,doc.emergingthreats.net/2010009; sid:2010009; rev:4;)

Added 2011-09-14 22:42:01 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS Webmin Pre-1.290 Compromise Attempt"; flow:established,to_server; content:"POST "; depth:5; uricontent:"/unathenticated/"; content:"/unauthenticated//..%01/..%01/..%01/"; classtype:web-application-attack; reference:url,bliki.rimuhosting.com/comments/knowledgebase/linux/miscapplications/webmin; reference:url,doc.emergingthreats.net/2010009; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Webmin; sid:2010009; rev:4;)

Added 2011-02-04 17:29:26 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS Webmin Pre-1.290 Compromise Attempt"; flow:established,to_server; content:"POST "; depth:5; uricontent:"/unathenticated/"; content:"/unauthenticated//..%01/..%01/..%01/"; classtype:web-application-attack; reference:url,bliki.rimuhosting.com/comments/knowledgebase/linux/miscapplications/webmin; reference:url,doc.emergingthreats.net/2010009; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Webmin; sid:2010009; rev:4;)

Added 2009-10-06 14:20:24 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS Webmin Pre-1.290 Compromise Attempt"; flow:established,to_server; content:"POST "; depth:5; uricontent:"/unathenticated/"; content:"/unauthenticated//..%01/..%01/..%01/"; classtype:web-application-attack; reference:url,bliki.rimuhosting.com/comments/knowledgebase/linux/miscapplications/webmin; reference:url,doc.emergingthreats.net/2010009; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Webmin; sid:2010009; rev:4;)

Added 2009-10-06 14:20:24 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS Webmin Pre-1.290 Compromise Attempt"; flow:established,to_server; content:"POST "; depth:5; uricontent:"/unathenticated/"; content:"/unauthenticated//..%01/..%01/..%01/"; classtype:web-application-attack; reference:url,bliki.rimuhosting.com/comments/knowledgebase/linux/miscapplications/webmin; reference:url,doc.emergingthreats.net/2010009; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Webmin; sid:2010009; rev:4;)

Added 2009-10-06 14:17:01 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS Webmin Pre-1.290 Compromise Attempt"; flow:established,to_server; content:"POST "; depth:5; uricontent:"/unathenticated/"; content:"/unauthenticated//..%01/..%01/..%01/"; classtype:web-application-attack; reference:url,bliki.rimuhosting.com/comments/knowledgebase/linux/miscapplications/webmin; reference:url,doc.emergingthreats.net/2010009; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SPECIFIC_APPS/WEB_Webmin; sid:2010009; rev:4;)

Added 2009-10-06 14:17:01 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB Webmin Pre-1.290 Compromise Attempt"; flow:established,to_server; content:"POST "; depth:5; uricontent:"/unathenticated/"; content:"/unauthenticated//..%01/..%01/..%01/"; classtype:web-application-attack; reference:url,bliki.rimuhosting.com/comments/knowledgebase/linux/miscapplications/webmin; reference:url,doc.emergingthreats.net/2010009; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Webmin; sid:2010009; rev:2;)

Added 2009-09-30 22:30:39 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB Webmin Pre-1.290 Compromise Attempt"; flow:established,to_server; content:"POST "; depth:5; uricontent:"/unathenticated/"; content:"/unauthenticated//..%01/..%01/..%01/"; classtype:web-application-attack; reference:url,bliki.rimuhosting.com/comments/knowledgebase/linux/miscapplications/webmin; reference:url,doc.emergingthreats.net/2010009; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Webmin; sid:2010009; rev:2;)

Added 2009-09-30 22:30:39 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB Webmin Pre-1.290 Compromise Attempt"; flow:established,to_server; content:"POST "; depth:5; uricontent:"/unathenticated/"; content:"/unauthenticated//..%01/..%01/..%01/"; classtype:web-application-attack; reference:url,bliki.rimuhosting.com/comments/knowledgebase/linux/miscapplications/webmin; sid:2010009; rev:1;)

Added 2009-09-30 13:00:37 UTC


Topic revision: r1 - 2020-02-10 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats