[Snort-sigs] phpbb session exploit

Chas Tomlin cet at ...2783...
Tue Mar 8 10:13:23 EST 2005


alert tcp any any -> any 80  (msg:"BLEEDING-EDGE EXPLOIT phpbb Session
Cookie";content:"phpbb2mysql_data=a%3A2%3A%7Bs%3A11%3A%22autologinid%22%
3Bb%3A1%3Bs%3A6%3A%22userid%22%3Bs%3A1%3A%222%22%3B%7D"; nocase;
classtype:web-application-attack;sid: 1; rev:1;)

http://www.k-otik.com/exploits/20050228.phpbbsession.c.php


Chas Tomlin

Systems Programmer/Administrator
School of Electronics and Computer Science
University of Southampton





More information about the Snort-sigs mailing list