ET WEB_SERVER Possible SUPERMICRO IPMI login.cgi Name Parameter Buffer Overflow Attempt CVE-2013-3621

SID: 2017684Rev: 40 viewsHistory

Sourceet/open

CreatedNovember 7, 2013

UpdatedJuly 13, 2022

Classificationattempted-admin

alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SERVER Possible SUPERMICRO IPMI login.cgi Name Parameter Buffer Overflow Attempt CVE-2013-3621"; flow:established,to_server; http.method; content:"POST"; nocase; http.uri; content:"/cgi/login.cgi"; nocase; http.request_body; content:"name="; nocase; content:"pwd="; nocase; pcre:"/(?:^|[\n\&])pwd=/i"; pcre:"/(?:^|[\n\&])name=(?:%\d{2}|[^%&]){129}/i"; reference:cve,CVE-2013-3621; reference:url,community.rapid7.com/community/metasploit/blog/2013/11/06/supermicro-ipmi-firmware-vulnerabilities; classtype:attempted-admin; sid:2017684; rev:4; metadata:created_at 2013_11_07, confidence Low, signature_severity Major, updated_at 2022_07_13;)

References

cve	CVE-2013-3621
url	community.rapid7.com/community/metasploit/blog/2013/11/06/supermicro-ipmi-firmware-vulnerabilities

Metadata

created at2013_11_07

confidenceLow

signature severityMajor

updated at2022_07_13

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!