ET WEB_SERVER Possible CVE-2014-6271 Attempt

SID: 2022028Rev: 24 views
History
Sourceet/open
CreatedNovember 4, 2015
UpdatedOctober 8, 2019
Classificationattempted-admin
alert tcp any any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SERVER Possible CVE-2014-6271 Attempt"; flow:established,to_server; content:" HTTP/1."; pcre:"/^[^\r\n]*?HTTP\/1(?:(?!\r?\n\r?\n)[\x20-\x7e\s]){1,500}\n[\x20-\x7e]{1,100}\x3a[\x20-\x7e]{0,500}\x28\x29\x20\x7b/s"; content:"|28 29 20 7b|"; fast_pattern; reference:url,blogs.akamai.com/2014/09/environment-bashing.html; classtype:attempted-admin; sid:2022028; rev:2; metadata:created_at 2015_11_04, cve CVE_2014_6271, confidence Medium, signature_severity Major, tag CISA_KEV, updated_at 2019_10_08;)

References

urlblogs.akamai.com/2014/09/environment-bashing.html

Metadata

created at2015_11_04
confidenceMedium
signature severityMajor
tagCISA_KEV
updated at2019_10_08

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!