ET WEB_SERVER JAWS Webserver Unauthenticated Shell Command Execution
Sourceet/open
Fileemerging-web_server.rules
CreatedNovember 20, 2019
UpdatedApril 13, 2024
Classificationweb-application-attack
alert http $EXTERNAL_NET any -> any any (msg:"ET WEB_SERVER JAWS Webserver Unauthenticated Shell Command Execution"; flow:established,to_server ; http.method; content:"GET"; http.uri.raw; content:"/shell?cd%20/tmp|3b|wget%20"; startswith; fast_pattern; http.header.raw; content:"Mozilla/5.0%20(Windows|3b|%20U|3b|%20Windows%20NT"; reference:md5,a26f67a1d0a50af72c5fd9c94e9f5a1c ; classtype:web-application-attack; sid:2029008; rev:4; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2019_11_20, deployment Perimeter, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_04_13;)
References
| md5 | a26f67a1d0a50af72c5fd9c94e9f5a1c |
Metadata
affected productWeb_Server_Applications
attack targetWeb_Server
created at2019_11_20
deploymentPerimeter
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2024_04_13
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!