Rule History

SID: 2102090 • Source: et/open

Versions (2)

Version DetailsCurrent

Rev: 13 • Sep 23, 2010, 12:00 PM

Message:

GPL EXPLOIT WEBDAV exploit attempt

Rule:

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"GPL EXPLOIT WEBDAV exploit attempt"; flow:to_server,established; content:"HTTP/1.1|0A|Content-type|3A| text/xml|0A|HOST|3A|"; fast_pattern; content:"Accept|3A| */*|0A|Translate|3A| f|0A|Content-length|3A|5276|0A 0A|"; distance:1; reference:bugtraq,7116; reference:bugtraq,7716; reference:cve,2003-0109; reference:nessus,11413; reference:url,www.microsoft.com/technet/security/bulletin/ms03-007.mspx; classtype:attempted-admin; sid:2102090; rev:13; metadata:created_at 2010_09_23, signature_severity Major, updated_at 2022_03_17;)

Created:

Sep 23, 2010, 12:00 PM

Updated:

Mar 17, 2022, 12:00 PM

DB Created:

Sep 21, 2024, 3:00 AM

DB Updated:

May 30, 2025, 12:04 AM

Filename:

rules/emerging-exploit.rules