ET WEB_SERVER Attempt To Access MSSQL xp_cmdshell Stored Procedure Via URI

SID: 2009815Rev: 80 views
History
Sourceet/open
CreatedJuly 30, 2010
UpdatedSeptember 14, 2020
Classificationweb-application-attack
alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SERVER Attempt To Access MSSQL xp_cmdshell Stored Procedure Via URI"; flow:established,to_server; http.uri; content:"EXEC"; nocase; content:"xp_cmdshell"; nocase; reference:url,msdn.microsoft.com/en-us/library/ms175046.aspx; reference:url,www.databasejournal.com/features/mssql/article.php/3372131/Using-xpcmdshell.htm; classtype:web-application-attack; sid:2009815; rev:8; metadata:created_at 2010_07_30, signature_severity Major, updated_at 2020_09_14;)

References

urlmsdn.microsoft.com/en-us/library/ms175046.aspx
urlwww.databasejournal.com/features/mssql/article.php/3372131/Using-xpcmdshell.htm

Metadata

created at2010_07_30
signature severityMajor
updated at2020_09_14

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!