alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT QNAP Shellshock script retrieval"; flow:established,from_server; file_data; content:"|2f|share|2f|MD0_DATA|2f|optware|2f|.xpl|2f|"; fast_pattern; content:"unset HISTFIE"; metadata: former_category CURRENT_EVENTS; reference:url,www.fireeye.com/blog/threat-research/2014/10/the-shellshock-aftershock-for-nas-administrators.html; reference:url,blogs.akamai.com/2014/09/environment-bashing.html; reference:cve,2014-6271; classtype:attempted-admin; sid:2019905; rev:4; metadata:created_at 2014_12_10, updated_at 2019_10_07;)

Added 2019-10-08 19:34:16 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT QNAP Shellshock script retrieval"; flow:established,from_server; file_data; content:"|2f|share|2f|MD0_DATA|2f|optware|2f|.xpl|2f|"; fast_pattern:only; content:"unset HISTFIE"; metadata: former_category CURRENT_EVENTS; reference:url,www.fireeye.com/blog/threat-research/2014/10/the-shellshock-aftershock-for-nas-administrators.html; reference:url,blogs.akamai.com/2014/09/environment-bashing.html; reference:cve,2014-6271; classtype:attempted-admin; sid:2019905; rev:3; metadata:created_at 2014_12_10, updated_at 2014_12_10;)

Added 2019-08-15 20:33:26 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET CURRENT_EVENTS QNAP Shellshock script retrieval"; flow:established,from_server; file_data; content:"|2f|share|2f|MD0_DATA|2f|optware|2f|.xpl|2f|"; fast_pattern:only; content:"unset HISTFIE"; reference:url,www.fireeye.com/blog/threat-research/2014/10/the-shellshock-aftershock-for-nas-administrators.html; reference:url,blogs.akamai.com/2014/09/environment-bashing.html; reference:cve,2014-6271; classtype:attempted-admin; sid:2019905; rev:2; metadata:created_at 2014_12_10, updated_at 2014_12_10;)

Added 2018-09-13 19:50:02 UTC


Added 2018-09-13 17:59:25 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET CURRENT_EVENTS QNAP Shellshock script retrieval"; flow:established,from_server; file_data; content:"|2f|share|2f|MD0_DATA|2f|optware|2f|.xpl|2f|"; fast_pattern:only; content:"unset HISTFIE"; reference:url,www.fireeye.com/blog/threat-research/2014/10/the-shellshock-aftershock-for-nas-administrators.html; reference:url,blogs.akamai.com/2014/09/environment-bashing.html; reference:cve,2014-6271; classtype:attempted-admin; sid:2019905; rev:2; metadata:created_at 2014_12_10, updated_at 2014_12_10;)

Added 2017-08-07 21:14:16 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET CURRENT_EVENTS QNAP Shellshock script retrieval"; flow:established,from_server; file_data; content:"|2f|share|2f|MD0_DATA|2f|optware|2f|.xpl|2f|"; fast_pattern:only; content:"unset HISTFIE"; reference:url,www.fireeye.com/blog/threat-research/2014/10/the-shellshock-aftershock-for-nas-administrators.html; reference:url,blogs.akamai.com/2014/09/environment-bashing.html; reference:cve,2014-6271; classtype:attempted-admin; sid:2019905; rev:2;)

Added 2014-12-11 11:34:41 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET CURRENT_EVENTS QNAP Shellshock script retrieval"; flow:established,from_server; file_data; content:"|2f|share|2f|MD0_DATA|2f|optware|2f|.xpl|2f|"; fast_pattern:only; content:"unset HISTFIE"; reference:url,www.fireeye.com/blog/threat-research/2014/10/the-shellshock-aftershock-for-nas-administrators.html; reference:url,blogs.akamai.com/2014/09/environment-bashing.html; reference:cve,2014-6271; classtype:attempted-admin; sid:2019905; rev:2;)

Added 2014-12-10 21:25:29 UTC


Topic revision: r1 - 2019-10-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats