ET WEB_SERVER Possible Apache Struts OGNL in Dynamic Action

SID: 2017277Rev: 62 viewsHistory

Sourceet/open

CreatedAugust 6, 2013

UpdatedSeptember 19, 2020

Classificationattempted-user

alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SERVER Possible Apache Struts OGNL in Dynamic Action"; flow:established,to_server; http.uri; content:"/${"; fast_pattern; pcre:"/\/\$\{[^\}\x2c]+?=/"; reference:cve,2013-2135; reference:bugtraq,60345; reference:url,cwiki.apache.org/confluence/display/WW/S2-015; classtype:attempted-user; sid:2017277; rev:6; metadata:created_at 2013_08_06, cve CVE_2013_2135, confidence Medium, signature_severity Major, updated_at 2020_09_19;)

References

cve	2013-2135
bugtraq	60345
url	cwiki.apache.org/confluence/display/WW/S2-015

Metadata

created at2013_08_06

cveCVE-2013-2135

confidenceMedium

signature severityMajor

updated at2020_09_19

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!