ATTACK [PTsecurity] Apache2 <2.2.34 <2.4.27 Optionsbleed (CVE-2017-9798) Leak

SID: 10001947Rev: 41 views
Sourceptresearch/attackdetection
CreatedSeptember 29, 2021
UpdatedSeptember 29, 2021
Classificationattempted-recon
alert http $HOME_NET any -> any any (msg:"ATTACK [PTsecurity] Apache2 <2.2.34 <2.4.27 Optionsbleed (CVE-2017-9798) Leak"; flow:established, from_server; content:"Allow:"; nocase; http_header; pcre:"/Allow:(?: ,|[^\r\n]*(?:[^A-Za-z0-9,\s\-_]|,,))/Hi"; threshold:type limit, track by_src, count 1, seconds 10; reference:cve, 2017-9798; reference:url, blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html; reference:url, github.com/ptresearch/AttackDetection; metadata:Open Ptsecurity.com ruleset; metadata:updated_at 2021_09_29; classtype:attempted-recon; sid:10001947; rev:4;)

References

cve2017-9798
urlblog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html
urlgithub.com/ptresearch/AttackDetection

Metadata

OpenPtsecurity.com ruleset

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!