""ET WEB_SPECIFIC_APPS Apache ActiveMQ File Upload RCE (CVE-2016-3088)""
SID: 2025574
Revision: 1
Class Type: attempted-admin
Metadata: attack_target Web_Server, created_at 2018_05_10, cve CVE_2016_3088, deployment Datacenter, signature_severity Minor, updated_at 2018_05_10
Reference:
Protocol: tcp
Source Network: any
Source Port: any
Destination Network: $HTTP_SERVERS
Destination Port: 8161
Flow: established,to_server
Contents:
-
Value: "MOVE /" Depth: 6
-
Value: "|0d 0a|Destination|3a 20|"
Within:
PCRE:
Special Options: