""ET WEB_SERVER Likely Malicious Request for /proc/self/fd/""

SID: 2019110

Revision: 2

Class Type: web-application-attack

Metadata: attack_target Web_Server, created_at 2014_09_04, updated_at 2022_12_01, reviewed_at 2024_03_20

Reference:

Protocol: tcp

Source Network: $EXTERNAL_NET

Source Port: any

Destination Network: [$HOME_NET,$HTTP_SERVERS]

Destination Port: $HTTP_PORTS

Flow: established,to_server

Contents:

• Value: "/proc/self/fd/"

Within:

PCRE:

Special Options:

• nocase

• http_uri

source