GPL RPC kcms_server directory traversal attempt

SID: 2102007Rev: 120 viewsHistory

Sourceet/open

CreatedSeptember 23, 2010

UpdatedNovember 26, 2024

Classificationmisc-attack

alert tcp $EXTERNAL_NET any -> $HOME_NET 32771:34000 (msg:"GPL RPC kcms_server directory traversal attempt"; flow:to_server,established; content:"|00 01 87|}"; depth:4; offset:16; byte_jump:4,20,relative,align; byte_jump:4,4,relative,align; content:"/../"; distance:0; content:"|00 00 00 00|"; depth:4; offset:8; reference:bugtraq,6665; reference:cve,2003-0027; reference:url,www.kb.cert.org/vuls/id/850785; classtype:misc-attack; sid:2102007; rev:12; metadata:created_at 2010_09_23, cve CVE_2003_0027, deployment Perimeter, deployment Internal, confidence High, signature_severity Major, updated_at 2024_11_26, mitre_tactic_id TA0007, mitre_tactic_name Discovery, mitre_technique_id T1083, mitre_technique_name File_And_Directory_Discovery; target:dest_ip;)

References

bugtraq	6665
cve	2003-0027
url	www.kb.cert.org/vuls/id/850785

Metadata

created at2010_09_23

cveCVE-2003-0027

deploymentInternal

confidenceHigh

signature severityMajor

updated at2024_11_26

mitre tactic idTA0007

mitre tactic nameDiscovery

mitre technique idT1083

mitre technique nameFile_And_Directory_Discovery

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!