""ET WEB_SPECIFIC_APPS DNN DNNPersonalization Cookie RCE Attempt (CVE-2017-9822)""

SID: 2025545

Revision: 1

Class Type: attempted-admin

Metadata: affected_product Web_Server_Applications, attack_target Web_Server, created_at 2018_04_27, cve CVE_2017_9822, deployment Datacenter, signature_severity Minor, updated_at 2018_04_27

Reference:

• Link

Protocol: tcp

Source Network: any

Source Port: any

Destination Network: $HTTP_SERVERS

Destination Port: $HTTP_PORTS

Flow: established,to_server

Contents:

• Value: "DNNPersonalization="

• Value: "DNNPersonalization="

• Value: "ObjectStateFormatter"

• Value: "ObjectDataProvider"

Within:

PCRE:

Special Options:

• fast_pattern

• http_cookie

• http_cookie

• http_cookie

source