Groups
Sign in
Groups
naxsi-discuss
Conversations
About
Send feedback
Help
Ruleset-Updates: Possible IIS Integer Overflow DoS > (CVE-2015-1635) and some scanner-sigs
53 views
Skip to first unread message
mex
unread,
Apr 16, 2015, 6:21:42 PM
4/16/15
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to naxsi-discuss
Updated Rules are available as usually:
https://bitbucket.org/lazy_dogtown/doxi-rules
[+] new sigs:
42000428 :: app_server.rules :: Possible IIS Integer Overflow
DoS > (CVE-2015-1635)
42000421 :: scanner.rules :: Joomla Googlemap-Reflection - Scan
42000422 :: web_server.rules :: PHP 5.x User-Agent detected in
Request, possible flood
42000423 :: web_server.rules :: PHP 4.x User-Agent detected in
Request, possible flood
42000424 :: web_server.rules :: Acunetix PHPSensor-File-Scan
42000425 :: scanner.rules :: SQLiteManager - Exploit
42000426 :: scanner.rules :: SQLiteManager - Exploit
42000427 :: scanner.rules :: JMXConsole-Access
most interesting sig: 41000428 Possible IIS Integer Overflow DoS >
(CVE-2015-1635)
MainRule "str:18446744073709551615" "msg:Possible IIS Integer
Overflow DoS > (CVE-2015-1635) " "mz:$HEADERS_VAR:Range" "s:$ATTACK:8"
id:42000428 ;
References:
-
https://technet.microsoft.com/library/security/ms15-034
-
http://pastebin.com/ypURDPc4
-
http://pastebin.com/BV2uePxk
-
https://lists.emergingthreats.net/pipermail/emerging-sigs/2015-April/025976.html
credit goes to emerging threats ml
Reply all
Reply to author
Forward
0 new messages