[Silicon Defense logo]

SnortSnarf signature page

SERVER-WEBAPP Joomla JDatabaseDriverMysqli unserialize code execution attempt

SnortSnarf v021111.1

Signature section (328)Top 20 source IPsTop 20 dest IPs

21 alerts with this signature using input module SnortFileInput, with sources:

Earliest such alert at 12:41:24.249308 on 02/18/2019
Latest such alert at 21:19:18.853446 on 08/17/2019

SERVER-WEBAPP Joomla JDatabaseDriverMysqli unserialize code execution attempt 14 sources 1 destinations
Priority: 1Classification: Attempted User Privilege Gain
[sid:37078] [CVE:2015-8562]

Sources triggering this attack signature

Source# Alerts (sig)# Alerts (total)# Dsts (sig)# Dsts (total)
92.63.91.816611
119.29.233.672211
132.232.107.1722211
61.219.41.1441111
106.13.44.341111
118.25.211.2501111
194.225.198.1331111
139.155.110.621111
77.243.181.1961111
115.159.198.811111
134.175.117.1371111
178.162.217.1361111
192.187.114.111111
123.207.227.661111

Destinations receiving this attack signature

Destinations# Alerts (sig)# Alerts (total)# Srcs (sig)# Srcs (total)
192.168.0.382132414203

SnortSnarf brought to you courtesy of Silicon Defense
Authors: Jim Hoagland and Stuart Staniford
See also the Snort Page by Marty Roesch
Page generated at Wed Aug 21 02:01:08 2019