ET WEB_SERVER Possible Cisco Adaptive Security Appliance Web VPN FTP or CIFS Authentication Form Phishing Attempt

SID: 2010457Rev: 90 viewsHistory

Sourceet/open

CreatedJuly 30, 2010

UpdatedNovember 7, 2020

Classificationattempted-user

alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SERVER Possible Cisco Adaptive Security Appliance Web VPN FTP or CIFS Authentication Form Phishing Attempt"; flow:established,to_server; http.uri; content:"+CSCOE+/files/browse.html"; nocase; fast_pattern; content:"code=init"; nocase; distance:0; content:"path=ftp"; nocase; distance:0; reference:url,www.securityfocus.com/bid/35475/info; reference:cve,2009-1203; classtype:attempted-user; sid:2010457; rev:9; metadata:attack_target Client_Endpoint, created_at 2010_07_30, cve CVE_2009_1203, deployment Perimeter, confidence Medium, signature_severity Major, tag Phishing, updated_at 2020_11_07;)

References

url	www.securityfocus.com/bid/35475/info
cve	2009-1203

Metadata

attack targetClient_Endpoint

created at2010_07_30

cveCVE-2009-1203

deploymentPerimeter

confidenceMedium

signature severityMajor

tagPhishing

updated at2020_11_07

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!