SERVER-APACHE -- Snort has detected traffic exploiting vulnerabilities in Apache servers.
SERVER-APACHE Apache Tomcat AJP connector arbitrary file access attempt
The Snort rule is looking for accessing of files on webroot of tomcat server via AJP connector that is running on TCP/8009
When attacker tries to access arbitrary file on the tomcat server via AJP connector
Public information/Proof of Concept available
No known false positives
Cisco Talos Intelligence Group
No rule groups
Information Leakage happens when an attacker manipulates a system into revealing sensitive information, either through malformed input or by taking advantage of another feature of the system.