SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP TYPO3 PharStreamWrapper Package directory traversal attempt
This event is generated when a TYPO3 PharStreamWrapper Package directory traversal attempt is detected. An attacker that can control user input can submit a name of a phar file with a directory traversal attempt and perform operations on another phar file. Impact: Web Application Attack Details: Ease of Attack:
No information provided
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
CVE-2019-11831The PharStreamWrapper (aka phar-stream-wrapper) package 2.x before 2.1.1 and 3.x before 3.1.1 for TYPO3 does not prevent directory traversal, which allows attackers to bypass a deserialization protection mechanism, as demonstrated by a phar:///path/bad.phar/../good.phar URL.