[Snort-users] Web Cgi finger question

Ryan Sebastian rsebastian at ...5068...
Fri Jun 6 05:15:23 EDT 2003

Hi all. New to snort.
CGI isnt installed on my webserver and I got this log. Why is my machine
going outbound to

[**] [1:839:4] WEB-CGI finger access [**]
[Classification: Attempted Information Leak] [Priority: 2]
06/04-23:22:06.134506 ->
TCP TTL:128 TOS:0x0 ID:34291 IpLen:20 DgmLen:373 DF
***AP*** Seq: 0x3C2AB497  Ack: 0x605A3CAF  Win: 0x4470  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10071][Xref =>
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0612][Xref =>

More information about the Snort-users mailing list