ET WEB_SERVER Microsoft SharePoint Server 2007 _layouts/help.aspx Cross Site Scripting Attempt

SID: 2011073Rev: 80 views

Sourceet/open

CreatedJuly 30, 2010

UpdatedSeptember 14, 2020

Classificationweb-application-attack

alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SERVER Microsoft SharePoint Server 2007 _layouts/help.aspx Cross Site Scripting Attempt"; flow:established,to_server; http.uri; content:"/_layouts/help.aspx"; nocase; content:"cid0="; nocase; pcre:"/cid0\x3d.+(script|alert|onmouse[a-z]+|onkey[a-z]+|onload|onunload|ondragdrop|onblur|onfocus|onclick|ondblclick|onsubmit|onreset|onselect|onchange)/i"; reference:url,www.htbridge.ch/advisory/xss_in_microsoft_sharepoint_server_2007.html; reference:url,tools.cisco.com/security/center/viewAlert.x?alertId=20415; reference:url,www.microsoft.com/technet/security/Bulletin/MS10-039.mspx; reference:url,tools.cisco.com/security/center/viewAlert.x?alertId=20610; reference:cve,2010-0817; classtype:web-application-attack; sid:2011073; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, cve CVE_2010_0817, deployment Datacenter, signature_severity Major, tag XSS, tag Cross_Site_Scripting, updated_at 2020_09_14;)

References

url	www.htbridge.ch/advisory/xss_in_microsoft_sharepoint_server_2007.html
url	tools.cisco.com/security/center/viewAlert.x?alertId=20415
url	www.microsoft.com/technet/security/Bulletin/MS10-039.mspx
url	tools.cisco.com/security/center/viewAlert.x?alertId=20610
cve	2010-0817

Metadata

affected productWeb_Server_Applications

attack targetWeb_Server

created at2010_07_30

cveCVE-2010-0817

deploymentDatacenter

signature severityMajor

tagCross_Site_Scripting

updated at2020_09_14

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!