ATTACK [PTsecurity] Nagios Core < 4.2.2 Curl Command Injection (CVE-2016-9565) RSS Request
Sourceptrules/open
Fileptopen-attacks.rules
CreatedJuly 24, 2025
UpdatedJuly 24, 2025
Classificationattempted-admin
alert http any any -> any any (msg:"ATTACK [PTsecurity] Nagios Core < 4.2.2 Curl Command Injection (CVE-2016-9565) RSS Request"; flow:established, to_server ; content:"/nagios/rss-"; http_uri; content:".php"; http_uri; distance:0; content:"User-Agent: magpie" ; http_header; nocase; flowbits:set, CVE.2016-9565.RSSRequest ; reference:url, legalhackers.com/advisories/Nagios-Exploit-Command-Injection-CVE-2016-9565-2008-4796.html ; reference:cve, 2016-9565 ; reference:url, rules.ptsecurity.com ; classtype:attempted-admin; sid:10000777; rev:1;)
References
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!