ATTACK [PTsecurity] Likely Apache HTTP Server 2.4.49 Directory Traversal (CVE-2021-41773)

SID: 10006811Rev: 23 views
Sourceptresearch/attackdetection
CreatedOctober 5, 2021
UpdatedOctober 6, 2021
Classificationweb-application-attack
alert http any any -> any any (msg:"ATTACK [PTsecurity] Likely Apache HTTP Server 2.4.49 Directory Traversal (CVE-2021-41773)"; flow:established, to_server; content:"%2e/"; nocase; http_raw_uri; pcre:"/\/(\.|%2e)%2e\//Ii"; threshold:type limit, track by_src, count 1, seconds 60; reference:cve, 2021-41773; reference:url, twitter.com/lofi42/status/1445382059640434695; reference:url, github.com/ptresearch/AttackDetection; metadata:created_at 2021_10_05, updated_at 2021_10_06; classtype:web-application-attack; sid:10006811; rev:2;)

References

cve2021-41773
urltwitter.com/lofi42/status/1445382059640434695
urlgithub.com/ptresearch/AttackDetection

Metadata

created at2021_10_05
updated at2021_10_06

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!