SID 1:45353

Report a false positive

Rule Category

SERVER-APACHE -- Snort has detected traffic exploiting vulnerabilities in Apache servers.

Alert Message

SERVER-APACHE Sling framework information disclosure attempt

Rule Explanation

This event is generated when, an attempt to disclosure sensitive information from an Apache Sling server, is detected Impact: Web Application Attack Details: Due to lack of proper security controls and or misconfiguration, it is possible for remote unauthenticated users to enumerate local system files/folders that arent accessible publicly to unauthenticated users. This rule is intended to detect those enumeration attempts by checking the parameters sent to a vulnerable Servlet post. Ease of Attack: Low

What To Look For

No information provided

Known Usage

No public information

False Positives

No known false positives

Contributors

Cisco Talos Intelligence Group

Rule Groups

No rule groups

CVE

CVE-2016-0956

Additional Links

exploit-db.com/exploits/39435/
helpx.adobe.com/security/products/experience-manager/apsb16-05.html

Rule Vulnerability

CVE Additional Information

This product uses data from the NVD API but is not endorsed or certified by the NVD.
CVE-2016-0956
 Loading description