Versions (2)
Version DetailsCurrent
Rev: 3 • Jul 16, 2018, 12:00 PMET WEB_SPECIFIC_APPS Fortify Software Security Center XML External Entity Injection 4
alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Fortify Software Security Center XML External Entity Injection 4"; flow:established,to_server; http.uri; content:"/fm-ws/services"; fast_pattern; endswith; http.request_body; content:"<?xml"; content:"<!DOCTYPE data SYSTEM"; pcre:"/^[^>]+\x22\s*http\x3a\x2f\x2f.+\.dtd/Ri"; content:"<data>&send|3b|</data>"; reference:url,exploit-db.com/exploits/45027/; reference:cve,2018-12463; classtype:attempted-user; sid:2025844; rev:3; metadata:attack_target Web_Server, created_at 2018_07_16, cve CVE_2018_12463, deployment Datacenter, signature_severity Major, updated_at 2020_09_16;)
Jul 16, 2018, 12:00 PM
Sep 16, 2020, 12:00 PM
Jul 16, 2018, 12:00 PM
May 31, 2024, 9:00 PM
rules/emerging-web_specific_apps.rules