[Silicon Defense logo]

SnortSnarf signature page

SERVER-WEBAPP Joomla JDatabaseDriverMysqli unserialize code execution attempt

SnortSnarf v021111.1

Signature section (850)Top 20 source IPsTop 20 dest IPs

33 alerts with this signature using input module SnortFileInput, with sources:

Earliest such alert at 18:46:46.291439 on 05/23/2020
Latest such alert at 23:29:45.494678 on 05/12/2021

SERVER-WEBAPP Joomla JDatabaseDriverMysqli unserialize code execution attempt 23 sources 1 destinations
Priority: 1Classification: Attempted User Privilege Gain
[sid:37078] [CVE:2015-8562]

Sources triggering this attack signature

Source# Alerts (sig)# Alerts (total)# Dsts (sig)# Dsts (total)
92.63.91.816611
160.176.197.704411
119.29.233.672211
132.232.107.1722211
61.219.41.1441111
177.239.44.31111
111.161.41.861111
119.28.2.1231211
218.89.222.1581111
106.13.44.341111
118.25.211.2501111
220.164.144.1611211
194.225.198.1331111
139.155.110.621111
129.211.134.621211
77.243.181.1961111
129.204.211.1381311
115.159.198.811111
134.175.117.1371111
178.162.217.1361111
192.187.114.111111
123.207.227.661111
118.25.111.121211

Destinations receiving this attack signature

Destinations# Alerts (sig)# Alerts (total)# Srcs (sig)# Srcs (total)
192.168.0.383384623474

SnortSnarf brought to you courtesy of Silicon Defense
Authors: Jim Hoagland and Stuart Staniford
See also the Snort Page by Marty Roesch
Page generated at Sun May 16 18:01:02 2021