SERVER-APACHE -- Snort has detected traffic exploiting vulnerabilities in Apache servers.
SERVER-APACHE Sling framework information disclosure attempt
This event is generated when, an attempt to disclosure sensitive information from an Apache Sling server, is detected Impact: Web Application Attack Details: Due to lack of proper security controls and or misconfiguration, it is possible for remote unauthenticated users to enumerate local system files/folders that arent accessible publicly to unauthenticated users. This rule is intended to detect those enumeration attempts by checking the parameters sent to a vulnerable Servlet post. Ease of Attack: Low
No information provided
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
CVE-2016-0956 |
Loading description
|