979.txt

来自「snort入侵检测规则文件2.4 Snort是众所周知的网络入侵检测工具」· 文本 代码 · 共 66 行

TXT
66
字号
Rule:--Sid:979--Summary:This event is generated when an attempt is made to exploit a cross-site scripting vulnerability associated with a file having a .htw extension.--Impact:Cross-site scripting.  This attack may allow the execution of arbitrary commands on a victim host that visits a vulnerable server.--Detailed Information:The Microsoft Indexing Service is vulnerable to a cross-site scripting exploit because of a failure to properly filter user input associated with files with a .htw extension.  This vulnerability is associated with Indexing Service component (CiWebHitsFile). This may allow an attacker to execute abitrary code on the victim host that visits the vulnerable server.--Affected Systems:Microsoft Indexing Services for Windows NT 4.0 and Windows 2000--Attack Scenarios:An attacker can inject malicious code in a vulernable server.  This may allow execution of arbitrary code on the victim host that visits the vulnerable server. --Ease of Attack:Simple. --False Positives:None Known.--False Negatives:None Known.--Corrective Action:Apply the patch discussed in the referenced Microsoft Bulletin. --Contributors:Original rule writer unknownModified by Brian Caswell <bmc@sourcefire.com>Sourcefire Research TeamJudy Novak <judy.novak@sourcefire.com>--Additional References:Bugtraqhttp://www.securityfocus.com/bid/1861CVEhttp://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0942Microsofthttp://www.microsoft.com/technet/security/bulletin/ms00-084.asp--

⌨️ 快捷键说明

复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?