Commits

Anonymous committed 77a6345 Draft

Simple rule to detect the latest php cgi-bin vuln.

  • Participants
  • Parent commits fb810b4

Comments (0)

Files changed (1)

File etc/rules/web_rules.xml

     <group>attack,</group>
   </rule>
 
+  <rule id="31110" level="6">
+    <if_sid>31100</if_sid>
+    <url>?-d|?-s</url>
+    <description>PHP CGI-bin vulnerability attempt.</description>
+    <group>attack,</group>
+  </rule>
+
   <rule id="31109" level="6">
     <if_sid>31100</if_sid>
     <url>+as+varchar(8000)</url>