[Snort-sigs] SID 3466 reference incorrect

JC monroe at ...745...
Sun Jul 10 19:24:03 EDT 2005


SID 3466 CVE refrenece is totally off
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-MISC
Authorization Basic overflow attempt"; flow:to_server,established;
content:"Authorization|3A|"; nocase; content:"Basic"; distance:0;
nocase; pcre:"/^Authorization\x3a\s*Basic\s[^\n]{200}/smi";
reference:bugtraq,8375; reference:cvs,2003-0727; classtype:web-
application-attack; sid:3466; rev:3;)
should be 
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-MISC
Authorization Basic overflow attempt"; flow:to_server,established;
content:"Authorization|3A|"; nocase; content:"Basic"; distance:0;
nocase; pcre:"/^Authorization\x3a\s*Basic\s[^\n]{200}/smi";
reference:bugtraq,8375; reference:cve,2003-0727; classtype:web-
application-attack; sid:3466; rev:3;)





More information about the Snort-sigs mailing list