ATTACK [PTsecurity] MS IIS 6.0 BO RCE (CVE-2017-7269)

SID: 10001195Rev: 10 views

Sourceptresearch/attackdetection

CreatedDecember 13, 2021

UpdatedDecember 13, 2021

Classificationattempted-admin

alert http any any -> $HOME_NET any (msg:"ATTACK [PTsecurity] MS IIS 6.0 BO RCE (CVE-2017-7269)"; flow:to_server, established; content:"PROPFIND"; http_method; content:"If: <"; http_header; nocase; pcre:"/^If: <[^\r\n>]+[\x7F-\xFF]/Hmi"; reference:url, www.helpnetsecurity.com/2017/03/30/cve-2017-7269/; reference:cve, 2017-7269; classtype:attempted-admin; reference:url, github.com/ptresearch/AttackDetection; sid:10001195; rev:1;)

References

url	www.helpnetsecurity.com/2017/03/30/cve-2017-7269/
cve	2017-7269
url	github.com/ptresearch/AttackDetection

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!