SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP PostfixAdmin protected alias deletion attempt
This event is generated when an authenticated admin attempts to delete an alias in the PostfixAdmin web admin tool. Impact: Web Application Attack Details: Rule checks for an attempt to delete a protected alias in PostfixAdmin. Ease of Attack:
No information provided
No public information
Known false positives, with the described conditions
There is no way to discern a malicious alias deletion from a benign one, so this rule will alert on all deletion attempts.
Cisco Talos Intelligence Group
No rule groups
CVE-2017-5930 |
Loading description
|