SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP Git client path validation command execution attempt
On operating systems which have case-insensitive file systems, Git clients can be convicned to retrieve and overwrite sensitive configuration files in the ".git" directory. This can lead to arbitrary code execution.
This event is generated when a command execution attack has been attempted on the Git Client Path Validation. This could lead to the repository being overwritten.
Public information/Proof of Concept available
Known false positives, with the described conditions
There is a potential for a false positive event due to the fact that malicious traffic is almost identical to a normal request.
Cisco Talos Intelligence Group
No rule groups
None
No information provided
None
Tactic: Execution
Technique: User Execution
For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org