ATTACK [PTsecurity] Possible Apache Axis RCE via SSRF (CVE-2019-0227)

SID: 10004698Rev: 10 views

Sourceptresearch/attackdetection

CreatedDecember 13, 2021

UpdatedDecember 13, 2021

Classificationattempted-admin

alert http any any -> any any (msg:"ATTACK [PTsecurity] Possible Apache Axis RCE via SSRF (CVE-2019-0227)"; flow:established, to_client; content:"30"; http_stat_code; content:"Location:"; http_header; content:"method"; distance:0; http_header; pcre:"/(!|%21)(-|%2D|)+(>|%3E)/RHi"; content:"deployment"; distance:0; http_header; reference:cve, 2019-0227; reference:url, rhinosecuritylabs.com/application-security/cve-2019-0227-expired-domain-rce-apache-axis; classtype:attempted-admin; reference:url, github.com/ptresearch/AttackDetection; sid:10004698; rev:1;)

References

cve	2019-0227
url	rhinosecuritylabs.com/application-security/cve-2019-0227-expired-domain-rce-apache-axis
url	github.com/ptresearch/AttackDetection

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!