Rule History

alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS Barracuda Web Application Firewall 600 XSS attempt (backup_server)"; flow:established,to_server; http.uri; content:"/cgi-mod/index.cgi?"; nocase; content:"backup_server="; nocase; pcre:"/\/cgi-mod\/index\.cgi\?.*backup_server=[^&\;]*[>\"]/i"; reference:url,packetstormsecurity.org/0912-exploits/barracuda-inject.txt; classtype:web-application-attack; sid:2010548; rev:7; metadata:created_at 2010_07_30, signature_severity Major, updated_at 2020_09_10;)