Rule History

SID: 2010524 • Source: et/open

Versions (4)

Version DetailsCurrent

Rev: 5 • Jul 30, 2010, 12:00 PM

Message:

ET WEB_SERVER Possible HTTP 500 XSS Attempt (Internal Source)

Rule:

alert http $HTTP_SERVERS any -> $EXTERNAL_NET 1024: (msg:"ET WEB_SERVER Possible HTTP 500 XSS Attempt (Internal Source)"; flow:from_server,established; content:"HTTP/1.1 500 Internal Server Error|0d 0a|"; depth:36; nocase; content:"<script"; nocase; within:512; classtype:web-application-attack; sid:2010524; rev:5; metadata:created_at 2010_07_30, deprecation_reason Performance, performance_impact Significant, confidence Medium, signature_severity Minor, updated_at 2024_04_10;)

Created:

Jul 30, 2010, 12:00 PM

Updated:

Apr 10, 2024, 12:00 PM

DB Created:

Sep 21, 2024, 3:00 AM

DB Updated:

May 30, 2025, 12:04 AM

Filename:

rules/emerging-web_server.rules