ET CURRENT_EVENTS Possible TWiki RCE attempt

7.0.35.0SID: 2019385Rev: 3Disabled1 views
Sourceet/open
Fileemerging-current_events.rules
CreatedOctober 10, 2014
UpdatedMarch 18, 2024
Classificationattempted-admin
alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET CURRENT_EVENTS Possible TWiki RCE attempt"; flow:established,to_server; http.uri; content:"debugenableplugins="; pcre:"/debugenableplugins=[a-zA-Z0-9]+?\x3b/"; reference:url,twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2014-7236; reference:cve,2014-7236; classtype:attempted-admin; sid:2019385; rev:3; metadata:created_at 2014_10_10, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_18;)

Metadata

created at2014_10_10
confidenceMedium
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2024_03_18

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!