ET EXPLOIT Possible Etrust Secure Transaction Platform Identification and Entitlements Server File Disclosure Attempt

SID: 2011502Rev: 10 viewsHistory

Sourceet/open

CreatedSeptember 27, 2010

UpdatedJuly 26, 2019

Classificationmisc-attack

alert tcp $EXTERNAL_NET any -> $HOME_NET 50002 (msg:"ET EXPLOIT Possible Etrust Secure Transaction Platform Identification and Entitlements Server File Disclosure Attempt"; flow:established,to_server; content:"POST "; nocase; depth:5; content:"<!DOCTYPE"; nocase; distance:0; content:"<!ENTITY"; nocase; distance:0; content:"<soapenv|3A|Envelope"; nocase; distance:0; content:"<ns1|3A|Username>"; nocase; distance:0; flowbits:set,ET.etrust.fieldis; reference:url,shh.thathost.com/secadv/2009-06-15-entrust-ies.txt; reference:url,securitytracker.com/alerts/2010/Sep/1024391.html; classtype:misc-attack; sid:2011502; rev:1; metadata:created_at 2010_09_27, confidence Medium, signature_severity Major, updated_at 2019_07_26;)

References

url	shh.thathost.com/secadv/2009-06-15-entrust-ies.txt
url	securitytracker.com/alerts/2010/Sep/1024391.html

Metadata

created at2010_09_27

confidenceMedium

signature severityMajor

updated at2019_07_26

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!