#alert http $EXTERNAL_NET any -> $HOME_NET 8880 (msg:"ET WEB_SERVER Plesk Panel Possible HTTP_AUTH_LOGIN SQLi (CVE-2012-1557)"; flow:established,to_server; content:"POST"; http_method; content:"/enterprise/control/agent.php"; http_uri; content:"HTTP_AUTH_LOGIN|3a|"; http_header; pcre:"/^[^\r\n]*?[\x27\x22\t\\%\x00\x08\x26]/HR"; reference:cve,CVE-2012-1557; classtype:attempted-user; sid:2016792; rev:4; metadata:created_at 2013_04_27, former_category WEB_SERVER, updated_at 2022_05_03;)

Added 2022-07-12 18:43:29 UTC


alert http $EXTERNAL_NET any -> $HOME_NET 8880 (msg:"ET WEB_SERVER Plesk Panel Possible HTTP_AUTH_LOGIN SQLi CVE-2012-1557"; flow:established,to_server; content:"POST"; http_method; content:"/enterprise/control/agent.php"; http_uri; content:"HTTP_AUTH_LOGIN|3a|"; http_header; pcre:"/^[^\r\n]*?[\x27\x22\t\\%\x00\x08\x26]/HR"; reference:cve,CVE-2012-1557; classtype:attempted-user; sid:2016792; rev:3; metadata:created_at 2013_04_27, updated_at 2022_05_03;)

Added 2022-05-03 18:06:37 UTC


alert http $EXTERNAL_NET any -> $HOME_NET 8880 (msg:"ET WEB_SERVER Plesk Panel Possible HTTP_AUTH_LOGIN SQLi CVE-2012-1557"; flow:established,to_server; content:"POST"; http_method; content:"/enterprise/control/agent.php"; http_uri; content:"HTTP_AUTH_LOGIN|3a|"; http_header; pcre:"/^[^\r\n]*?[\x27\x22\t\\%\x00\x08\x26]/HR"; reference:cve,CVE-2012-1557; classtype:attempted-user; sid:2016792; rev:3; metadata:created_at 2013_04_27, updated_at 2020_04_24;)

Added 2021-09-21 19:58:38 UTC


alert http $EXTERNAL_NET any -> $HOME_NET 8880 (msg:"ET WEB_SERVER Plesk Panel Possible HTTP_AUTH_LOGIN SQLi CVE-2012-1557"; flow:established,to_server; content:"POST"; http_method; content:"/enterprise/control/agent.php"; http_uri; content:"HTTP_AUTH_LOGIN|3a|"; http_header; pcre:"/^[^\r\n]*?[\x27\x22\t\\%\x00\x08\x26]/HR"; reference:cve,CVE-2012-1557; classtype:attempted-user; sid:2016792; rev:3; metadata:created_at 2013_04_26, updated_at 2020_04_24;)

Added 2020-04-24 18:20:29 UTC


alert http $EXTERNAL_NET any -> $HOME_NET 8880 (msg:"ET WEB_SERVER Plesk Panel Possible HTTP_AUTH_LOGIN SQLi CVE-2012-1557"; flow:established,to_server; content:"POST"; http_method; content:"/enterprise/control/agent.php"; http_uri; content:"HTTP_AUTH_LOGIN|3a|"; http_header; pcre:"/^[^\r\n]*?[\x27\x22\t\\%\x00\x08\x26]/HR"; reference:cve,CVE-2012-1557; classtype:attempted-user; sid:2016792; rev:3; metadata:created_at 2013_04_26, updated_at 2013_04_26;)

Added 2018-09-13 19:46:50 UTC


Added 2018-09-13 17:57:35 UTC


alert http $EXTERNAL_NET any -> $HOME_NET 8880 (msg:"ET WEB_SERVER Plesk Panel Possible HTTP_AUTH_LOGIN SQLi CVE-2012-1557"; flow:established,to_server; content:"POST"; http_method; content:"/enterprise/control/agent.php"; http_uri; content:"HTTP_AUTH_LOGIN|3a|"; http_header; pcre:"/^[^\r\n]*?[\x27\x22\t\\%\x00\x08\x26]/HR"; reference:cve,CVE-2012-1557; classtype:attempted-user; sid:2016792; rev:3; metadata:created_at 2013_04_26, updated_at 2013_04_26;)

Added 2017-08-07 21:10:35 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET 8880 (msg:"ET WEB_SERVER Plesk Panel Possible HTTP_AUTH_LOGIN SQLi CVE-2012-1557"; flow:established,to_server; content:"POST "; depth:5; content:"/enterprise/control/agent.php"; distance:0; content:"HTTP_AUTH_LOGIN|3a|"; distance:0; pcre:"/^[^\r\n]*?[\x27\x22\t\\%\x00\x08\x26]/R"; reference:cve,CVE-2012-1557; classtype:attempted-user; sid:2016792; rev:3;)

Added 2013-05-21 18:25:11 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET 8880 (msg:"ET WEB_SERVER Plesk Panel Possible HTTP_AUTH_LOGIN SQLi CVE-2012-1557"; flow:established,to_server; content:"POST "; depth:5; content:"/enterprise/control/agent.php"; distance:0; content:"HTTP_AUTH_LOGIN|3a|"; distance:0; pcre:"/[^\r\n]*?[\x27\x22\t\\%\x00\x08\x26]/R"; reference:cve,CVE-2012-1557; classtype:attempted-user; sid:2016792; rev:2;)

Added 2013-04-27 00:46:56 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET 8880 (msg:"ET WEB_SERVER Plesk Panel Possible HTTP_AUTH_LOGIN SQLi CVE-2012-1557"; flow:established,to_server; content:"POST "; depth:5; content:"/enterprise/control/agent.php"; distance:0; content:"HTTP_AUTH_LOGIN|3a|"; distance:0; pcre:"/[^\r\n]*?[\x27\x22\t\\%\x00\x08\x26]/R"; reference:cve,CVE-2012-1557; classtype:attempted-user; sid:2016792; rev:2;)

Added 2013-04-26 18:35:52 UTC


Topic revision: r1 - 2022-07-12 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats