alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Apache CouchDB? Remote Code Execution 1"; flow:established,to_server; content:"/_users/org.couchdb.user|3a|"; http_uri; content:"|22|roles|22 3a 20 5b 22 5f|admin|22 5d 2c|"; http_client_body; fast_pattern; content:"password"; http_client_body; reference:cve,2017-12635; classtype:attempted-user; sid:2025740; rev:2; metadata:attack_target Web_Server, created_at 2018_06_25, deployment Datacenter, former_category WEB_SPECIFIC_APPS, signature_severity Major, updated_at 2020_11_19;)

Added 2020-11-19 18:26:23 UTC


alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Apache CouchDB? Remote Code Execution 1"; flow:established,to_server; content:"/_users/org.couchdb.user|3a|"; http_uri; content:"|22|roles|22 3a 20 5b 22 5f|admin|22 5d 2c|"; http_client_body; fast_pattern; content:"password"; http_client_body; reference:cve,2017-12635; classtype:attempted-user; sid:2025740; rev:2; metadata:attack_target Web_Server, created_at 2018_06_25, deployment Datacenter, former_category WEB_SPECIFIC_APPS, signature_severity Major, updated_at 2020_08_19;)

Added 2020-08-19 18:14:31 UTC


alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Apache CouchDB? Remote Code Execution 1"; flow:established,to_server; content:"/_users/org.couchdb.user|3a|"; http_uri; content:"|22|roles|22 3a 20 5b 22 5f|admin|22 5d 2c|"; http_client_body; fast_pattern; content:"password"; http_client_body; reference:cve,2017-12635; classtype:attempted-user; sid:2025740; rev:2; metadata:attack_target Web_Server, created_at 2018_06_25, deployment Datacenter, former_category WEB_SPECIFIC_APPS, signature_severity Major, updated_at 2018_07_18;)

Added 2020-08-05 19:14:51 UTC


alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Apache CouchDB? Remote Code Execution 1"; flow:established,to_server; content:"/_users/org.couchdb.user|3a|"; http_uri; content:"|22|roles|22 3a 20 5b 22 5f|admin|22 5d 2c|"; http_client_body; fast_pattern; content:"password"; http_client_body; metadata: former_category WEB_SPECIFIC_APPS; reference:cve,2017-12635; classtype:attempted-user; sid:2025740; rev:2; metadata:attack_target Web_Server, deployment Datacenter, signature_severity Major, created_at 2018_06_25, updated_at 2018_07_18;)

Added 2018-09-13 19:54:48 UTC


Added 2018-09-13 18:02:13 UTC


alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Apache CouchDB? Remote Code Execution 1"; flow:established,to_server; content:"/_users/org.couchdb.user|3a|"; http_uri; content:"|22|roles|22 3a 20 5b 22 5f|admin|22 5d 2c|"; http_client_body; fast_pattern; content:"password"; http_client_body; metadata: former_category WEB_SPECIFIC_APPS; reference:cve,2017-12635; classtype:attempted-user; sid:2025740; rev:2; metadata:attack_target Web_Server, deployment Datacenter, signature_severity Major, created_at 2018_06_25, updated_at 2018_07_18;)

Added 2018-07-18 17:37:07 UTC


Topic revision: r1 - 2020-11-19 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats