alert http any any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS DNN DNNPersonalization Cookie RCE Attempt (CVE-2017-9822)"; flow:established,to_server; content:"DNNPersonalization="; fast_pattern; http_cookie; content:"ObjectStateFormatter"; http_cookie; content:"ObjectDataProvider"; http_cookie; reference:cve,2017-9822; reference:url,f5.com/labs/articles/threat-intelligence/cyber-security/zealot-new-apache-struts-campaign-uses-eternalblue-and-eternalsynergy-to-mine-monero-on-internal-networks?sf176487178; classtype:attempted-admin; sid:2025545; rev:3; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2018_04_27, deployment Datacenter, former_category WEB_SPECIFIC_APPS, signature_severity Minor, updated_at 2020_11_04;)

Added 2020-11-04 18:49:47 UTC


alert http any any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS DNN DNNPersonalization Cookie RCE Attempt (CVE-2017-9822)"; flow:established,to_server; content:"DNNPersonalization="; fast_pattern; http_cookie; content:"ObjectStateFormatter"; http_cookie; content:"ObjectDataProvider"; http_cookie; reference:cve,2017-9822; reference:url,f5.com/labs/articles/threat-intelligence/cyber-security/zealot-new-apache-struts-campaign-uses-eternalblue-and-eternalsynergy-to-mine-monero-on-internal-networks?sf176487178; classtype:attempted-admin; sid:2025545; rev:3; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2018_04_27, deployment Datacenter, former_category WEB_SPECIFIC_APPS, signature_severity Minor, updated_at 2020_03_04;)

Added 2020-08-05 19:14:39 UTC


alert http any any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS DNN DNNPersonalization Cookie RCE Attempt (CVE-2017-9822)"; flow:established,to_server; content:"DNNPersonalization="; fast_pattern; http_cookie; content:"ObjectStateFormatter"; http_cookie; content:"ObjectDataProvider"; http_cookie; metadata: former_category WEB_SPECIFIC_APPS; reference:cve,2017-9822; reference:url,f5.com/labs/articles/threat-intelligence/cyber-security/zealot-new-apache-struts-campaign-uses-eternalblue-and-eternalsynergy-to-mine-monero-on-internal-networks?sf176487178; classtype:attempted-admin; sid:2025545; rev:3; metadata:affected_product Web_Server_Applications, attack_target Web_Server, deployment Datacenter, signature_severity Minor, created_at 2018_04_27, updated_at 2020_03_04;)

Added 2020-03-04 19:16:55 UTC


alert http any any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS DNN DNNPersonalization Cookie RCE Attempt (CVE-2017-9822)"; flow:established,to_server; content:"DNNPersonalization="; fast_pattern; content:"DNNPersonalization="; http_cookie; content:"ObjectStateFormatter"; http_cookie; content:"ObjectDataProvider"; http_cookie; metadata: former_category WEB_SPECIFIC_APPS; reference:cve,2017-9822; reference:url,f5.com/labs/articles/threat-intelligence/cyber-security/zealot-new-apache-struts-campaign-uses-eternalblue-and-eternalsynergy-to-mine-monero-on-internal-networks?sf176487178; classtype:attempted-admin; sid:2025545; rev:2; metadata:affected_product Web_Server_Applications, attack_target Web_Server, deployment Datacenter, signature_severity Minor, created_at 2018_04_27, updated_at 2018_04_27;)

Added 2018-09-13 19:54:41 UTC


Added 2018-09-13 18:02:09 UTC


alert http any any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS DNN DNNPersonalization Cookie RCE Attempt (CVE-2017-9822)"; flow:established,to_server; content:"DNNPersonalization="; fast_pattern; content:"DNNPersonalization="; http_cookie; content:"ObjectStateFormatter"; http_cookie; content:"ObjectDataProvider"; http_cookie; metadata: former_category WEB_SPECIFIC_APPS; reference:cve,2017-9822; reference:url,f5.com/labs/articles/threat-intelligence/cyber-security/zealot-new-apache-struts-campaign-uses-eternalblue-and-eternalsynergy-to-mine-monero-on-internal-networks?sf176487178; classtype:attempted-admin; sid:2025545; rev:2; metadata:affected_product Web_Server_Applications, attack_target Web_Server, deployment Datacenter, signature_severity Minor, created_at 2018_04_27, updated_at 2018_04_27;)

Added 2018-04-27 17:30:07 UTC


Topic revision: r1 - 2020-11-04 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats