alert http any any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Apache Tomcat Possible CVE-2017-12617 JSP Upload Bypass Attempt"; flow:to_server,established; content:"PUT"; http_method; content:".shtml/"; http_uri; nocase; fast_pattern; pcre:"/\.shtml\/[^\x2f]*$/Ui"; metadata: former_category WEB_SPECIFIC_APPS; reference:cve,2017-12617; reference:cve,2017-12615; classtype:web-application-attack; sid:2024810; rev:5; metadata:affected_product Apache_Tomcat, attack_target Web_Server, deployment Datacenter, signature_severity Major, created_at 2017_10_05, updated_at 2019_10_07;)

Added 2019-10-08 19:34:46 UTC


alert http any any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Apache Tomcat Possible CVE-2017-12617 JSP Upload Bypass Attempt"; flow:to_server,established; content:"PUT"; http_method; content:".shtml/"; http_uri; nocase; fast_pattern:only; pcre:"/\.shtml\/[^\x2f]*$/Ui"; metadata: former_category WEB_SPECIFIC_APPS; reference:cve,2017-12617; reference:cve,2017-12615; classtype:web-application-attack; sid:2024810; rev:4; metadata:affected_product Apache_Tomcat, attack_target Web_Server, deployment Datacenter, signature_severity Major, created_at 2017_10_05, updated_at 2017_11_29;)

Added 2018-09-13 19:54:09 UTC


Added 2018-09-13 18:01:49 UTC


alert http any any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Apache Tomcat Possible CVE-2017-12617 JSP Upload Bypass Attempt"; flow:to_server,established; content:"PUT"; http_method; content:".shtml/"; http_uri; nocase; fast_pattern:only; pcre:"/\.shtml\/[^\x2f]*$/Ui"; metadata: former_category WEB_SPECIFIC_APPS; reference:cve,2017-12617; reference:cve,2017-12615; classtype:web-application-attack; sid:2024810; rev:4; metadata:affected_product Apache_Tomcat, attack_target Web_Server, deployment Datacenter, signature_severity Major, created_at 2017_10_05, updated_at 2017_11_29;)

Added 2017-11-30 16:40:55 UTC


alert http any any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Apache Tomcat Possible CVE-2017-12617 JSP Upload Bypass Attempt"; flow:to_server,established; content:"PUT"; http_method; content:".shtml/"; http_uri; nocase; fast_pattern:only; pcre:"/\.shtml\/[^\x2f]*$/Ui"; metadata: former_category WEB_SPECIFIC_APPS; classtype:web-application-attack; sid:2024810; rev:3; metadata:affected_product Apache_Tomcat, attack_target Web_Server, deployment Datacenter, signature_severity Major, created_at 2017_10_05, updated_at 2017_10_05;)

Added 2017-10-13 19:06:05 UTC


alert http $HOME_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Apache Tomcat Possible CVE-2017-12617 JSP Upload Bypass Attempt"; flow:to_server,established; content:"PUT"; http_method; content:".shtml/"; http_uri; nocase; fast_pattern:only; pcre:"/\.shtml\/[^\x2f]*$/Ui"; metadata: former_category WEB_SPECIFIC_APPS; classtype:web-application-attack; sid:2024810; rev:2; metadata:affected_product Apache_Tomcat, attack_target Web_Server, deployment Datacenter, signature_severity Major, created_at 2017_10_05, updated_at 2017_10_05;)

Added 2017-10-05 16:35:57 UTC



This topic: Main > 2024810
Topic revision: r1 - 2019-10-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats