[Emerging-Sigs] Signature for Pre Projects E-Smart Cart 'embadmin/login.asp' SQL Injection Vulnerabilities

waldo kitty wkitty42 at windstream.net
Fri Oct 15 14:05:47 EDT 2010


On 10/15/2010 07:05, dave richards wrote:
> Hi Matt,
>
> Please find the signature for the following,
>
> Pre Projects E-Smart Cart 'embadmin/login.asp' SQL Injection Vulnerabilities
> alert tcp $EXTERNAL_NET any ->  $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP
> Pre Projects E-Smart Cart login.asp Arbitrary SQL Command Injection
> Attempt"; flow:established,to_server; content:"POST"; depth:5;

small fix here...

    content:"POST "; depth:5;

you forgot the space ;)

> uricontent:"/embadmin/login.asp"; nocase; content:"%27"; distance:0;
> classtype:web-application-attack;
> reference:url,juniper-federal.org/security/auto/vulnerabilities/vuln37418.html;
> reference:url,exploit-db.com/exploits/14376; sid:20101024; rev:1;)



More information about the Emerging-sigs mailing list