ET EXPLOIT Possible EXPLODINGCAN IIS5.0/6.0 Exploit Attempt

7.0.35.0SID: 2024222Rev: 6Enabled0 views
Sourceet/open
Fileemerging-exploit.rules
CreatedApril 18, 2017
UpdatedApril 14, 2024
Classificationtrojan-activity
alert http1 $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT Possible EXPLODINGCAN IIS5.0/6.0 Exploit Attempt"; flow:established,to_server; urilen:1; http.method; content:"PROPFIND"; http.header; content:"Content-Length|3a 20|0|0d 0a|Host|3a 20|"; startswith; content:"|0d 0a|If|3a 20|<http"; fast_pattern; classtype:trojan-activity; sid:2024222; rev:6; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2017_04_18, deployment Perimeter, confidence Medium, signature_severity Critical, tag possible_exploitation, updated_at 2024_04_14;)

Metadata

affected productWeb_Server_Applications
attack targetWeb_Server
created at2017_04_18
deploymentPerimeter
confidenceMedium
signature severityCritical
tagpossible_exploitation
updated at2024_04_14

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!