Rule History

SID: 2014018 • Source: et/open

Versions (3)

Version DetailsCurrent

Rev: 3 • Dec 10, 2011, 12:00 PM

Message:

ET WEB_SERVER JBoss jmx-console Access Control Bypass Attempt

Rule:

alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SERVER JBoss jmx-console Access Control Bypass Attempt"; flow:to_server,established; http.method; content:"HEAD"; http.uri; content:"/jmx-console/HtmlAdaptor?"; nocase; content:"Runtime.getRuntime().exec("; reference:cve,2010-0738; classtype:web-application-activity; sid:2014018; rev:3; metadata:created_at 2011_12_10, cve CVE_2010_0738, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_04_20;)

Created:

Dec 10, 2011, 12:00 PM

Updated:

Apr 20, 2020, 12:00 PM

DB Created:

Sep 21, 2024, 3:00 AM

DB Updated:

Oct 9, 2025, 9:35 PM

Filename:

rules/emerging-web_server.rules