Sophie

Sophie

distrib > Mandriva > 8.2 > i586 > by-pkgid > 90137ba41868861e4af055de0961e4de > files > 31

snort-1.8.3-4mdk.i586.rpm

# (C) Copyright 2001, Martin Roesch, Brian Caswell, et al.  All rights reserved.
# $Id: web-cgi.rules,v 1.18 2001/10/29 01:52:54 roesch Exp $
#--------------
# WEB-CGI RULES
#--------------
#

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI HyperSeek directory traversal attempt"; uricontent:"/hsx.cgi"; content:"../../"; content:"%00"; flags:A+; reference:bugtraq,2314; reference:cve,CAN-2001-0253; classtype:web-application-attack; sid:803; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI SWSoft ASPSeek Overflow attempt"; uricontent:"/s.cgi"; nocase; content:"tmpl="; dsize:>500; flags:A+; reference:bugtraq,2492; classtype:web-application-attack; sid:804; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI webspeed access"; flags: A+; uricontent: "/wsisa.dll/WService="; nocase; content: "WSMadmin"; nocase;reference:arachnids,467; classtype:attempted-user; sid:805; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI yabb access"; flags: A+; uricontent: "/YaBB.pl"; content: "../";reference:arachnids,462; classtype:attempted-recon; sid:806; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI wwwboard passwd access"; flags: A+; uricontent: "/wwwboard/passwd.txt"; nocase;reference:arachnids,463; classtype:attempted-recon; sid:807; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI webdriver access"; flags: A+; uricontent: "/webdriver"; nocase;reference:arachnids,473;classtype:attempted-recon; sid:808; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI whoisraw attempt"; flags: A+; uricontent: "/whois_raw.cgi?"; content: "|0a|";reference:arachnids,466;classtype:web-application-attack; sid:809; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI whoisraw access"; flags: A+; uricontent: "/whois_raw.cgi"; reference:arachnids,466;classtype:attempted-recon; sid:810; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI websitepro path access"; flags: A+; uricontent: " /HTTP/1."; nocase;reference:arachnids,468;classtype:attempted-recon; sid:811; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI webplus version access"; flags: A+; uricontent: "/webplus?about "; nocase;reference:arachnids,470;classtype:attempted-recon; sid:812; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI webplus directory trasversal"; flags: A+; uricontent: "/webplus?script"; nocase; content: "../";reference:arachnids,471;classtype:web-application-attack; sid:813; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI websendmail access"; flags: A+; uricontent: "/websendmail"; nocase; reference:cve,CVE-1999-0196; reference:arachnids,469; reference:bugtraq,2077; classtype:attempted-recon; sid:815; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI dcforum.cgi invalid user addition attempt"; flags:A+; uricontent:"/dcboard.cgi"; content:"command=register"; content:"%7cadmin"; classtype:web-application-attack; sid:817; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI dcforum.cgi access"; uricontent:"/dcforum.cgi"; flags:a+;classtype:attempted-recon; sid:818; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI mmstdod.cgi access"; uricontent:"/mmstdod.cgi"; nocase; flags:a+;classtype:attempted-recon; sid:819; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI anaconda directory transversal attempt"; flags: A+; uricontent:"/apexec.pl"; content:"template=../"; nocase; reference:cve,CVE-2000-0975; reference:bugtraq,2388; classtype:web-application-attack; sid:820; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI imagemap overflow attempt"; dsize: >1000; flags: A; uricontent: "/imagemap.exe?"; depth: 32; nocase; reference:arachnids,412;classtype:web-application-attack; sid:821; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI cvsweb.cgi access"; flags: A+; uricontent:"/cvsweb.cgi"; nocase; reference:cve,CVE-2000-0670; reference:bugtraq,1469;classtype:attempted-recon; sid:823; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI php access";flags: A+; uricontent:"/php.cgi"; nocase; reference:bugtraq,2250; reference:arachnids,232; classtype:attempted-recon; sid:824; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI glimpse access"; flags:A+; uricontent:"/glimpse"; nocase; reference:bugtraq,2026; classtype:attempted-recon; sid:825; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI htmlscript access";flags: A+; uricontent:"/htmlscript"; nocase; reference:bugtraq,2001; reference:cve,CVE-1999-0264; classtype:attempted-recon; sid:826; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI info2www access";flags: A+; uricontent:"/info2www"; nocase; reference:bugtraq,1995; reference:cve,CVE-1999-0266; classtype:attempted-recon; sid:827; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI maillist.pl access";flags: A+; uricontent:"/maillist.pl"; nocase;classtype:attempted-recon; sid:828; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI nph-test-cgi access";flags: A+; uricontent:"/nph-test-cgi"; nocase; reference:arachnids,224; reference:cve,CVE-1999-0045; reference:bugtraq,686; classtype:attempted-recon; sid:829; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI NPH-publish access";flags: A+; uricontent:"/nph-publish"; nocase;classtype:attempted-recon; sid:830; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI perl.exe access";flags: A+; uricontent:"/perl.exe"; nocase; reference:arachnids,219;classtype:attempted-recon; sid:832; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI rguest.exe access";flags: A+; uricontent:"/rguest.exe"; nocase; reference:cve,CAN-1999-0467; reference:bugtraq,2024; classtype:attempted-recon; sid:833; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI rwwwshell.pl access";flags: A+; uricontent:"/rwwwshell.pl"; nocase;classtype:attempted-recon; sid:834; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI test-cgi access"; flags: A+; uricontent:"/test-cgi"; nocase; reference:cve,CVE-1999-0070; reference:arachnids,218;classtype:attempted-recon; sid:835; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI testcounter.pl access";flags: A+; uricontent:"/textcounter.pl"; nocase;classtype:attempted-recon; sid:836; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI uploader.exe access";flags: A+; uricontent:"/uploader.exe"; nocase;reference:cve,CVE-1999-0177;classtype:attempted-recon; sid:837; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI webgais access";flags: A+; uricontent:"/webgais"; nocase; reference:arachnids,472; reference:bugtraq,2058; reference:cve,CVE-1999-0176;classtype:attempted-recon; sid:838; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI finger access"; flags: A+; uricontent:"/finger"; nocase; reference:arachnids,221; reference:cve,CVE-1999-0612;classtype:attempted-recon; sid:839; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI perlshop.cgi access";flags: A+; uricontent:"/perlshop.cgi"; nocase;classtype:attempted-recon; sid:840; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI pfdisplay.cgi access";flags: A+; uricontent:"/pfdisplay.cgi"; nocase; reference:bugtraq,64; reference:cve,CVE-1999-0270;classtype:attempted-recon; sid:841; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI aglimpse access";flags: A+; uricontent:"/aglimpse"; nocase; reference:cve,CVE-1999-0147; reference:bugtraq,2026; classtype:attempted-recon; sid:842; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI anform2 access";flags: A+; uricontent:"/AnForm2"; nocase; reference:cve,CVE-1999-0066; reference:arachnids,225;classtype:attempted-recon; sid:843; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI args.bat access";flags: A+; uricontent:"/args.bat"; nocase;classtype:attempted-recon; sid:844; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI AT-admin.cgi access";flags: A+; uricontent:"/AT-admin.cgi"; nocase;classtype:attempted-recon; sid:845; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI bnbform.cgi access";flags: A+; uricontent:"/bnbform.cgi"; nocase; reference:cve,CVE-1999-0937; reference:bugtraq,1469; classtype:attempted-recon; sid:846; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI campas access";flags: A+; uricontent:"/campas"; nocase; reference:cve,CVE-1999-0146; reference:bugtraq,1975; classtype:attempted-recon; sid:847; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI view-source directory traversal";flags: A+; uricontent:"/view-source"; nocase; content:"../"; nocase; reference:cve,CVE-1999-0174;classtype:web-application-attack; sid:848; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI view-source access";flags: A+; uricontent:"/view-source"; nocase; reference:cve,CVE-1999-0174;classtype:attempted-recon; sid:849; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI wais.p access";flags: A+; uricontent:"/wais.pl";nocase;classtype:attempted-recon; sid:850; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI files.pl access";flags: A+; uricontent:"/files.pl"; nocase;classtype:attempted-recon; sid:851; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI wguest.exe access";flags: A+; uricontent:"/wguest.exe"; nocase; reference:cve,CAN-1999-0467; reference:bugtraq,2024; classtype:attempted-recon; sid:852; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI wrap access"; flags: A+; uricontent: "/wrap"; reference:bugtraq,373; reference:arachnids,234; reference:cve,CVE-1999-0149;classtype:attempted-recon; sid:853; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI classifieds.cgi access";flags: A+; uricontent:"/classifieds.cgi"; nocase; reference:bugtraq,2020; reference:cve,CVE-1999-0934;classtype:attempted-recon; sid:854; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI edit.pl access";flags: A+; uricontent:"/edit.pl"; nocase;classtype:attempted-recon; sid:855; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI environ.cgi access";flags: A+; uricontent:"/environ.cgi"; nocase;classtype:attempted-recon; sid:856; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI faxsurvey access"; flags: A+; uricontent:"/faxsurvey"; nocase; reference:cve,CVE-1999-0262; reference:bugtraq,2056; classtype:attempted-recon; sid:857; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI filemail access";flags: A+; uricontent:"/filemail.pl"; nocase;classtype:attempted-recon; sid:858; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI man.sh access";flags: A+; uricontent:"/man.sh"; nocase;classtype:attempted-recon; sid:859; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI snork.bat access";flags: A+; uricontent:"/snork.bat"; nocase; reference:bugtraq,1053; reference:cve,CVE-2000-0169; reference:arachnids,220;classtype:attempted-recon; sid:860; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI w3-msql access";flags: A+; uricontent:"/w3-msql/"; nocase; reference:bugtraq,591; reference:cve,CVE-1999-0276; reference:arachnids,210;classtype:attempted-recon; sid:861; rev:3;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI csh access";flags: A+; uricontent:"/csh"; nocase; reference:cve,CAN-1999-0509;classtype:attempted-recon; sid:862; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI zsh access";flags: A+; uricontent:"/zsh"; nocase; reference:cve,CAN-1999-0509; classtype:attempted-recon; sid:1309; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI day5datacopier.cgi access";flags: A+; uricontent:"/day5datacopier.cgi"; nocase;classtype:attempted-recon; sid:863; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI day5datanotifier.cgi access";flags: A+; uricontent:"/day5datanotifier.cgi"; nocase;classtype:attempted-recon; sid:864; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI ksh access";flags: A+; uricontent:"/ksh"; nocase; reference:cve,CAN-1999-0509;classtype:attempted-recon; sid:865; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI post-query access";flags: A+; uricontent:"/post-query"; nocase;classtype:attempted-recon; sid:866; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI visadmin.exe access";flags: A+; uricontent:"/visadmin.exe"; nocase; reference:bugtraq,1808; reference:cve,CAN-1999-1970;classtype:attempted-recon; sid:867; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI rsh access";flags: A+; uricontent:"/rsh"; nocase; reference:cve,CAN-1999-0509;classtype:attempted-recon; sid:868; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI dumpenv.pl access";flags: A+; uricontent:"/dumpenv.pl"; nocase;classtype:attempted-recon; sid:869; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI snorkerz.cmd access";flags: A+; uricontent:"/snorkerz.cmd"; nocase;classtype:attempted-recon; sid:870; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI survey.cgi access";flags: A+; uricontent:"/survey.cgi"; nocase; reference:bugtraq,1817; reference:cve,CVE-1999-0936; classtype:attempted-recon; sid:871; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI tcsh access";flags: A+; uricontent:"/tcsh"; nocase; reference:cve,CAN-1999-0509;classtype:attempted-recon; sid:872; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI scriptalias access"; flags: A+; uricontent: "///"; reference:cve,CVE-1999-0236; reference:bugtraq,2300; reference:arachnids,227; classtype:attempted-recon; sid:873; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI w3-msql solaris x86  access"; flags: A+; uricontent: "/bin/shA-cA/usr/openwin"; nocase; reference:cve,CVE-1999-0276; reference:arachnids,211;classtype:attempted-recon; sid:874; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI win-c-sample.exe access"; flags: A+; uricontent: "/win-c-sample.exe"; nocase; reference:bugtraq,2078; reference:arachnids,231; reference:cve,CVE-1999-0178;classtype:attempted-recon; sid:875; rev:2;)
alert tcp $HTTP_SERVERS 80 -> $EXTERNAL_NET any (msg:"WEB-CGI bugzilla 2.8 exploit "; flags: A+; content: "blaat@blaat.com"; nocase; reference:arachnids,276;classtype:web-application-attack; sid:876; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI rksh access";flags: A+; uricontent:"/rksh"; nocase; reference:cve,CAN-1999-0509; classtype:attempted-recon; sid:877; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI w2tvars.pm access";flags: A+; uricontent:"/w3tvars.pm"; nocase; classtype:attempted-recon; sid:878; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI admin.pl access";flags: A+; uricontent:"/admin.pl"; nocase; classtype:attempted-recon; sid:879; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI LWGate access";flags: A+; uricontent:"/LWGate"; nocase; classtype:attempted-recon; sid:880; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI archie access";flags: A+; uricontent:"/archie"; nocase; classtype:attempted-recon; sid:881; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI calendar access";flags: A+; uricontent:"/calendar"; nocase; classtype:attempted-recon; sid:882; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI flexform access";flags: A+; uricontent:"/flexform"; nocase; classtype:attempted-recon; sid:883; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI formmail access";flags: A+; uricontent:"/formmail"; nocase; reference:bugtraq,1187; reference:cve,CVE-1999-0172; reference:arachnids,226; classtype:attempted-recon; sid:884; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI bash access";flags: A+; uricontent:"/bash"; nocase; reference:cve,CAN-1999-0509; classtype:attempted-recon; sid:885; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI phf access";flags: A+; uricontent:"/phf"; nocase; reference:bugtraq,629; reference:arachnids,128; reference:cve,CVE-1999-0067;  classtype:attempted-recon; sid:886; rev:3;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI www-sql access";flags: A+; uricontent:"/www-sql"; nocase; classtype:attempted-recon; sid:887; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI wwwadmin.pl access";flags: A+; uricontent:"/wwwadmin.pl"; nocase; classtype:attempted-recon; sid:888; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI ppdscgi.exe access";flags: A+; uricontent:"/ppdscgi.exe"; nocase; reference:bugtraq,491; classtype:attempted-recon; sid:889; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI sendform.cgi access";flags: A+; uricontent:"/sendform.cgi"; nocase; classtype:attempted-recon; sid:890; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI upload.pl access";flags: A+; uricontent:"/upload.pl"; nocase; classtype:attempted-recon; sid:891; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI AnyForm2 access";flags: A+; uricontent:"/AnyForm2"; nocase; reference:bugtraq,719; reference:cve,CVE-1999-0066; classtype:attempted-recon; sid:892; rev:3;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI MachineInfo access";flags: A+; uricontent:"/MachineInfo"; nocase; classtype:attempted-recon; sid:893; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI bb-hist.sh access";flags: A+; uricontent:"/bb-hist.sh"; nocase; reference:bugtraq,142; classtype:attempted-recon; sid:894; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI redirect access";flags: A+; uricontent:"/redirect"; nocase;reference:bugtraq,1179; reference:cve,CVE-2000-0382; classtype:attempted-recon; sid:895; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI wayboard access"; uricontent:"/way-board"; nocase; flags:A+; reference:bugtraq,2370; classtype:attempted-recon; sid:896; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI pals-cgi access"; uricontent:"/pals-cgi"; nocase; flags:A+; reference:cve,CAN-2001-0216; reference:cve,CAN-2001-0217; reference:bugtraq,2372; classtype:attempted-recon; sid:897; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI commerce.cgi access"; uricontent:"/commerce.cgi"; nocase; flags:A+; classtype:attempted-recon; sid:898; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI Amaya templates sendtemp.pl directory traversal attempt"; uricontent:"/sendtemp.pl"; nocase; content:"templ="; nocase; flags:A+; reference:bugtraq,2504; classtype:web-application-attack; sid:899; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI webspirs directory traversal attempt"; uricontent:"/webspirs.cgi"; nocase; content:"../../"; nocase; flags:A+; reference:bugtraq,2362; classtype:web-application-attack; sid:900; rev:2;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI webspirs access"; uricontent:"/webspirs.cgi"; nocase; flags:A+; reference:bugtraq,2362; classtype:attempted-recon; sid:901; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI tstisapi.dll access"; uricontent:"tstisapi.dll"; nocase; flags:A+; classtype:attempted-recon; sid:902; rev:1;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI sendmessage.cgi access"; uricontent:"/sendmessage.cgi"; nocase; flags:A+; classtype:attempted-recon; sid:1308; rev:1;)

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional