ATTACK [PTsecurity] Nagios Core < 4.2.2 Curl Command Injection (CVE-2016-9565) RSS Request

SID: 10000777Rev: 10 views

Sourceptresearch/attackdetection

CreatedDecember 13, 2021

UpdatedDecember 13, 2021

Classificationattempted-admin

alert http $HOME_NET any -> any any (msg:"ATTACK [PTsecurity] Nagios Core < 4.2.2 Curl Command Injection (CVE-2016-9565) RSS Request"; flow:established, to_server; content:"/nagios/rss-"; http_uri; content:".php"; http_uri; distance:0; content:"User-Agent: magpie"; http_header; nocase; flowbits:set, CVE.2016-9565.RSSRequest; reference:url, legalhackers.com/advisories/Nagios-Exploit-Command-Injection-CVE-2016-9565-2008-4796.html; reference:cve, 2016-9565; classtype:attempted-admin; reference:url, github.com/ptresearch/AttackDetection; sid:10000777; rev:1;)

References

url	legalhackers.com/advisories/Nagios-Exploit-Command-Injection-CVE-2016-9565-2008-4796.html
cve	2016-9565
url	github.com/ptresearch/AttackDetection

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!