Rule History

alert http $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS LaVague Remote Inclusion Attempt -- printbar.php views_path"; flow:established,to_server; content:"/views/print/printbar.php?"; nocase; http_uri; content:"views_path="; nocase; http_uri; pcre:"/=\s*(https?|ftps|php)\:\//Ui"; reference:cve,CVE-2007-2607; reference:url,www.exploit-db.com/exploits/3870/; classtype:web-application-attack; sid:2003716; rev:8; metadata:created_at 2010_07_30, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)