Versions (2)
Version DetailsCurrent
Rev: 4 • Jun 28, 2018, 12:00 PMET EXPLOIT HP Enterprise VAN SDN Controller Upload Backdoor
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT HP Enterprise VAN SDN Controller Upload Backdoor"; flow:established,to_server; http.uri; content:"/upload"; endswith; http.header; content:"X-Auth-Token|3a 20|AuroraSdnToken"; http.request_body; content:"!<arch>|0a|debian-binary"; fast_pattern; reference:url,exploit-db.com/exploits/44951/; classtype:attempted-user; sid:2025763; rev:4; metadata:attack_target Networking_Equipment, created_at 2018_06_28, deployment Datacenter, signature_severity Major, updated_at 2020_09_16;)
Jun 28, 2018, 12:00 PM
Sep 16, 2020, 12:00 PM
Jun 28, 2018, 12:00 PM
May 31, 2024, 9:00 PM
rules/emerging-exploit.rules