OS-LINUX -- Snort has detected traffic targeting vulnerabilities in a Linux-based operating system. This does not include browser traffic or other software on the OS, but attacks against the OS itself. (such as?)
OS-LINUX cURL and libcurl set-cookie remote code execution attempt
This event is generated when a remote code execution attempt is detected in cURL or libcurl.
Attempted User Privilege Gain
Ease of Attack:
What To Look For
No public information
No known false positives
Cisco Talos Intelligence Group
MITRE ATT&CK Framework
For reference, see the MITRE ATT&CK vulnerability types here:
CVE Additional Information
CVE-2015-3145The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote character.
||Ease of Access||