ET DELETED Wordpress possible Malicious DNS-Requests - wordpress.com.* - Suricata Rule 2013356 (et/open)

ET DELETED Wordpress possible Malicious DNS-Requests - wordpress.com.*

SID: 2013356Rev: 20 views

Sourceet/open

CreatedAugust 4, 2011

UpdatedJune 5, 2023

Classificationweb-application-attack

alert udp !$DNS_SERVERS any -> $DNS_SERVERS 53 (msg:"ET DELETED Wordpress possible Malicious DNS-Requests - wordpress.com.*"; content:"|09|wordpress|03|com"; nocase; content:!"|00|"; within:1; reference:url,web.archive.org/web/20110807204218/http://markmaunder.com/2011/zero-day-vulnerability-in-many-wordpress-themes/; reference:url,web.archive.org/web/20111102155359/blog.sucuri.net/2011/08/timthumb-security-vulnerability-list-of-themes-including-it.html; classtype:web-application-attack; sid:2013356; rev:2; metadata:affected_product Wordpress, affected_product Wordpress_Plugins, attack_target Web_Server, created_at 2011_08_04, deployment Datacenter, deprecation_reason Duplicate, signature_severity Major, tag Wordpress, updated_at 2023_06_05;)

References

url	web.archive.org/web/20110807204218/http://markmaunder.com/2011/zero-day-vulnerability-in-many-wordpress-themes/
url	web.archive.org/web/20111102155359/blog.sucuri.net/2011/08/timthumb-security-vulnerability-list-of-themes-including-it.html

Metadata

affected productWordpress_Plugins

attack targetWeb_Server

created at2011_08_04

deploymentDatacenter

deprecation reasonDuplicate

signature severityMajor

tagWordpress

updated at2023_06_05

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!