Ruleset-Updates: Possible IIS Integer Overflow DoS > (CVE-2015-1635) and some scanner-sigs
53 views
Skip to first unread message
mex
Apr 16, 2015, 6:21:42 PM4/16/15
to naxsi-discuss
Updated Rules are available as usually:
https://bitbucket.org/lazy_dogtown/doxi-rules
[+] new sigs:
42000428 :: app_server.rules :: Possible IIS Integer Overflow
DoS > (CVE-2015-1635)
42000421 :: scanner.rules :: Joomla Googlemap-Reflection - Scan
42000422 :: web_server.rules :: PHP 5.x User-Agent detected in
Request, possible flood
42000423 :: web_server.rules :: PHP 4.x User-Agent detected in
Request, possible flood
42000424 :: web_server.rules :: Acunetix PHPSensor-File-Scan
42000425 :: scanner.rules :: SQLiteManager - Exploit
42000426 :: scanner.rules :: SQLiteManager - Exploit
42000427 :: scanner.rules :: JMXConsole-Access
most interesting sig: 41000428 Possible IIS Integer Overflow DoS >
(CVE-2015-1635)
MainRule "str:18446744073709551615" "msg:Possible IIS Integer
Overflow DoS > (CVE-2015-1635) " "mz:$HEADERS_VAR:Range" "s:$ATTACK:8"
id:42000428 ;
References:
- https://technet.microsoft.com/library/security/ms15-034
- http://pastebin.com/ypURDPc4
- http://pastebin.com/BV2uePxk
- https://lists.emergingthreats.net/pipermail/emerging-sigs/2015-April/025976.html
credit goes to emerging threats ml
https://bitbucket.org/lazy_dogtown/doxi-rules
[+] new sigs:
42000428 :: app_server.rules :: Possible IIS Integer Overflow
DoS > (CVE-2015-1635)
42000421 :: scanner.rules :: Joomla Googlemap-Reflection - Scan
42000422 :: web_server.rules :: PHP 5.x User-Agent detected in
Request, possible flood
42000423 :: web_server.rules :: PHP 4.x User-Agent detected in
Request, possible flood
42000424 :: web_server.rules :: Acunetix PHPSensor-File-Scan
42000425 :: scanner.rules :: SQLiteManager - Exploit
42000426 :: scanner.rules :: SQLiteManager - Exploit
42000427 :: scanner.rules :: JMXConsole-Access
most interesting sig: 41000428 Possible IIS Integer Overflow DoS >
(CVE-2015-1635)
MainRule "str:18446744073709551615" "msg:Possible IIS Integer
Overflow DoS > (CVE-2015-1635) " "mz:$HEADERS_VAR:Range" "s:$ATTACK:8"
id:42000428 ;
References:
- https://technet.microsoft.com/library/security/ms15-034
- http://pastebin.com/ypURDPc4
- http://pastebin.com/BV2uePxk
- https://lists.emergingthreats.net/pipermail/emerging-sigs/2015-April/025976.html
credit goes to emerging threats ml
Reply all
Reply to author
Forward
0 new messages