Rule History

alert http $EXTERNAL_NET any -> $HOME_NET any (msg: "ATTACK [PTsecurity] GNU Wget < 1.18 Arbitrary File Upload / Potential Remote Code Execution"; flowbits: isset, 10000062; content: "30"; http_stat_code; depth: 2; content: "Location: ftp://"; nocase; http_header; reference: cve, 2016-4971; reference: url, legalhackers.com/advisories/Wget-Arbitrary-File-Upload-Vulnerability-Exploit.txt; reference: url, rules.ptsecurity.com; classtype: attempted-admin; sid: 10000063; rev: 2;)