Project

General

Profile

Actions

Feature #255

closed

http-method

Added by Peter Manev almost 14 years ago. Updated almost 14 years ago.

Status:
Closed
Priority:
Normal
Target version:
Effort:
Difficulty:
Label:

Description

http-method

Example:
[9838] 20/12/2010 -- 11:50:19 - (detect-http-method.c:184) <Warning> (DetectHttpMethodSetup) -- [ERRCODE: SC_WARN_COMPATIBILITY(159)] - http_method cannot be used with "fast_pattern" currently.Unsetting fast_pattern on this modifier. Signature ==> alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"WEB-MISC Sun Java System Web Server 7.0 WebDAV format string exploit attempt - LOCK method"; flow:to_server,established; content:"LOCK"; fast_pattern; nocase; http_method; content:"encoding"; pcre:"/\<\?xml[^\>]+encoding\s*\=\s*(\'|\")[^\'\"\>\%]*\%/"; metadata:policy balanced-ips drop, policy security-ips drop, service http; reference:bugtraq,37910; reference:cve,2010-0388; classtype:attempted-user; sid:16427; rev:1;)

Actions #1

Updated by Anoop Saldanha almost 14 years ago

We will be introducing fast_pattern support http_method in a couple of days.

Actions #2

Updated by Victor Julien almost 14 years ago

  • Due date set to 12/09/2011
  • Status changed from New to Assigned
  • Assignee set to Anoop Saldanha
  • Target version set to 1.1beta2
  • Estimated time set to 0.00 h

Adding no hours at it will be part of a task.

Actions #3

Updated by Victor Julien almost 14 years ago

  • Due date changed from 12/09/2011 to 01/07/2011

Whoops wrong date :)

Actions #4

Updated by Victor Julien almost 14 years ago

  • Status changed from Assigned to Closed
  • % Done changed from 0 to 100

Support for this is in our tree currently.

Actions

Also available in: Atom PDF