ET SCAN Apache mod_proxy Reverse Proxy Exposure 1

SID: 2013791Rev: 40 views
History
Sourceet/open
CreatedOctober 24, 2011
UpdatedOctober 28, 2020
Classificationattempted-recon
alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET SCAN Apache mod_proxy Reverse Proxy Exposure 1"; flow:established,to_server; http.request_line; content:"GET @"; depth:5; reference:url,www.contextis.com/research/blog/reverseproxybypass/; reference:url,mail-archives.apache.org/mod_mbox/httpd-announce/201110.mbox/%3C20111005141541.GA7696@redhat.com%3E; classtype:attempted-recon; sid:2013791; rev:4; metadata:created_at 2011_10_24, confidence Medium, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_10_28;)

References

urlwww.contextis.com/research/blog/reverseproxybypass/
urlmail-archives.apache.org/mod_mbox/httpd-announce/201110.mbox/%3C20111005141541.GA7696@redhat.com%3E

Metadata

created at2011_10_24
confidenceMedium
signature severityInformational
tagDescription_Generated_By_Proofpoint_Nexus
updated at2020_10_28

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!