Versions (2)
Version DetailsCurrent
Rev: 4 • Aug 4, 2011, 12:00 PMET WEB_CLIENT Wordpress possible Malicious DNS-Requests - blogger.com.*
alert dns [$HOME_NET,$HTTP_SERVERS] any -> any any (msg:"ET WEB_CLIENT Wordpress possible Malicious DNS-Requests - blogger.com.*"; dns.query; content:"blogger.com."; nocase; isdataat:1,relative; pcre:"/(?:^|\.)blogger\.com\./i"; reference:url,web.archive.org/web/20110807204218/http://markmaunder.com/2011/zero-day-vulnerability-in-many-wordpress-themes/; reference:url,web.archive.org/web/20111102155359/blog.sucuri.net/2011/08/timthumb-security-vulnerability-list-of-themes-including-it.html; classtype:web-application-attack; sid:2013355; rev:4; metadata:affected_product Wordpress, affected_product Wordpress_Plugins, attack_target Web_Server, created_at 2011_08_04, deployment Datacenter, deprecation_reason Relevance, performance_impact Low, signature_severity Major, tag Wordpress, updated_at 2023_06_05;)
Aug 4, 2011, 12:00 PM
Jun 5, 2023, 12:00 PM
Aug 4, 2011, 12:00 PM
May 31, 2024, 9:00 PM
rules/emerging-web_client.rules