#alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SERVER Possible Apache Struts OGNL Command Execution CVE-2013-2251 action"; flow:established,to_server; content:".action?"; http_uri; content:"action|3a|"; http_uri; distance:0; content:"{"; http_uri; distance:0; pcre:"/[\?&]action\x3a/U"; reference:url,struts.apache.org/release/2.3.x/docs/s2-016.html; classtype:attempted-user; sid:2017157; rev:6; metadata:created_at 2013_07_17, former_category WEB_SERVER, updated_at 2022_05_03;)

Added 2022-07-12 18:43:30 UTC


alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SERVER Possible Apache Struts OGNL Command Execution CVE-2013-2251 action"; flow:established,to_server; content:".action?"; http_uri; content:"action|3a|"; http_uri; distance:0; content:"{"; http_uri; distance:0; pcre:"/[\?&]action\x3a/U"; reference:url,struts.apache.org/release/2.3.x/docs/s2-016.html; classtype:attempted-user; sid:2017157; rev:5; metadata:created_at 2013_07_17, updated_at 2022_05_03;)

Added 2022-05-03 18:06:38 UTC


alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SERVER Possible Apache Struts OGNL Command Execution CVE-2013-2251 action"; flow:established,to_server; content:".action?"; http_uri; content:"action|3a|"; http_uri; distance:0; content:"{"; http_uri; distance:0; pcre:"/[\?&]action\x3a/U"; reference:url,struts.apache.org/release/2.3.x/docs/s2-016.html; classtype:attempted-user; sid:2017157; rev:4; metadata:created_at 2013_07_17, updated_at 2020_04_24;)

Added 2021-09-21 19:58:50 UTC


alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SERVER Possible Apache Struts OGNL Command Execution CVE-2013-2251 action"; flow:established,to_server; content:".action?"; http_uri; content:"action|3a|"; http_uri; distance:0; content:"{"; http_uri; distance:0; pcre:"/[\?&]action\x3a/U"; reference:url,struts.apache.org/release/2.3.x/docs/s2-016.html; classtype:attempted-user; sid:2017157; rev:4; metadata:created_at 2013_07_16, updated_at 2020_04_24;)

Added 2020-04-24 18:20:33 UTC


alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SERVER Possible Apache Struts OGNL Command Execution CVE-2013-2251 action"; flow:established,to_server; content:".action?"; http_uri; content:"action|3a|"; http_uri; distance:0; content:"{"; http_uri; distance:0; pcre:"/[\?&]action\x3a/U"; reference:url,struts.apache.org/release/2.3.x/docs/s2-016.html; classtype:attempted-user; sid:2017157; rev:4; metadata:created_at 2013_07_16, updated_at 2013_07_16;)

Added 2018-09-13 19:47:19 UTC


Added 2018-09-13 17:57:50 UTC


alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SERVER Possible Apache Struts OGNL Command Execution CVE-2013-2251 action"; flow:established,to_server; content:".action?"; http_uri; content:"action|3a|"; http_uri; distance:0; content:"{"; http_uri; distance:0; pcre:"/[\?&]action\x3a/U"; reference:url,struts.apache.org/release/2.3.x/docs/s2-016.html; classtype:attempted-user; sid:2017157; rev:4; metadata:created_at 2013_07_16, updated_at 2013_07_16;)

Added 2017-08-07 21:11:01 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SERVER Possible Apache Struts OGNL Command Execution CVE-2013-2251 action"; flow:established,to_server; content:"action|3a 25|"; http_uri; content:"{"; http_uri; distance:0; pcre:"/[\?&]action\x3a\x25/U"; reference:url,struts.apache.org/release/2.3.x/docs/s2-016.html; classtype:attempted-user; sid:2017157; rev:2;)

Added 2013-08-22 06:44:22 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SERVER Possible Apache Struts OGNL Command Execution CVE-2013-2551 action"; flow:established,to_server; content:"action|3a 25|"; http_uri; content:"{"; http_uri; distance:0; pcre:"/[\?&]action\x3a\x25/U"; reference:url,struts.apache.org/release/2.3.x/docs/s2-016.html; classtype:attempted-user; sid:2017157; rev:1;)

Added 2013-07-16 20:58:54 UTC


Topic revision: r1 - 2022-07-12 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats