Versions (3)
Version DetailsCurrent
Rev: 13 • Jul 30, 2010, 12:00 PMET WEB_SPECIFIC_APPS Cacti Input Validation Attack
alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Cacti Input Validation Attack"; flow:established,to_server; content:"GET"; http_method; content:"top_graph_header.php"; http_uri; pcre:"/top_graph_header\.php\?.*=(http|https)\x3a\//Ui"; reference:url,www.cacti.net; reference:url,www.idefense.com/application/poi/display?id=265&type=vulnerabilities; reference:url,www.idefense.com/application/poi/display?id=266&type=vulnerabilities; classtype:web-application-activity; sid:2002129; rev:13; metadata:created_at 2010_07_30, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)
Jul 30, 2010, 12:00 PM
Jul 26, 2019, 12:00 PM
Sep 21, 2024, 3:00 AM
Oct 16, 2025, 8:36 PM
rules/emerging-web_specific_apps.rules