Documents

The following setup guides have been contributed by members of the Snort Community for your use. Comments and questions on these documents should be submitted directly to the author by clicking on their names below.


Latest rule documents - Search
1-59881
This rule looks for a directory traversal in the http_uri at the vulnerable URL while attempting to validate that the service targeted could actually be exploited. This is a rule against the RCE, not the DOS.
1-59878
This rule looks for a malicious deserialization attempt in PEAR that reads the content of the malicious archive and causes an exploitation in the system.
1-59877
This rule looks for a malicious deserialization attempt in PEAR that reads the content of the malicious archive and causes an exploitation in the system.
1-59876
This rule looks for Java libraries used for command execution inside of a configuration zip file uploaded to the Solr coniguration page that's using the configset api. Assuming the zip file is viewable in a uncompressed state.
1-59875
This rule looks for the configset api endpoints used for uploading a configset to Apache Solr.
1-59874
This rule looks for the configset api endpoints used for uploading a configset to Apache Solr.