SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP PHP FPM env_path_info buffer underflow attempt
This event is generated when Snort detects an attempt to add or modify PHP configuration via the URL. Impact: Web Application Attack Details: Systems that are configured to run PHP in a potentially unsafe manner could allow an attacker to modify PHP runtime configuration via the URL. An example of this can be found in the proof-of-concept for CVE-2019-11043. Ease of Attack: Simple
No information provided
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups