Versions (4)
Version DetailsCurrent
Rev: 3 • Feb 7, 2014, 12:00 PMET WEB_SERVER Oracle Reports Parse Query Returned Creds CVE-2012-3153
alert http $HTTP_SERVERS any -> $EXTERNAL_NET any (msg:"ET WEB_SERVER Oracle Reports Parse Query Returned Creds CVE-2012-3153"; flow:established,to_client; file_data; content:"Result Reports Server Command"; content:"userid="; distance:0; content:"/"; distance:0; content:"@"; distance:0; reference:url,netinfiltration.com; classtype:web-application-attack; sid:2018093; rev:3; metadata:created_at 2014_02_07, confidence High, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2022_08_23;)
Feb 7, 2014, 12:00 PM
Aug 23, 2022, 12:00 PM
Sep 21, 2024, 3:00 AM
Oct 6, 2025, 4:34 PM
rules/emerging-web_server.rules