ATTACK [PTsecurity] Possible HTTPoxy HTTP_PROXY value spoofing

SID: 10000065Rev: 31 views
Sourceptresearch/attackdetection
CreatedDecember 13, 2021
UpdatedDecember 13, 2021
Classificationattempted-recon
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ATTACK [PTsecurity] Possible HTTPoxy HTTP_PROXY value spoofing"; flow:established, to_server; content:"|0A|Proxy:"; nocase; http_header; reference:url, httpoxy.org; reference:cve, 2016-5385; reference:cve, 2016-5386; reference:cve, 2016-5387; reference:cve, 2016-5388; reference:cve, 2016-1000109; reference:cve, 2016-1000110; classtype:attempted-recon; reference:url, github.com/ptresearch/AttackDetection; sid:10000065; rev:3;)

References

urlhttpoxy.org
cve2016-5385
cve2016-5386
cve2016-5387
cve2016-5388
cve2016-1000109
cve2016-1000110
urlgithub.com/ptresearch/AttackDetection

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!