[Silicon Defense logo]

SnortSnarf signature page

SERVER-WEBAPP Joomla JDatabaseDriverMysqli unserialize code execution attempt

SnortSnarf v021111.1

Signature section (346)Top 20 source IPsTop 20 dest IPs

24 alerts with this signature using input module SnortFileInput, with sources:

Earliest such alert at 12:41:24.249308 on 02/18/2019
Latest such alert at 02:23:49.671465 on 10/03/2019

SERVER-WEBAPP Joomla JDatabaseDriverMysqli unserialize code execution attempt 17 sources 1 destinations
Priority: 1Classification: Attempted User Privilege Gain
[sid:37078] [CVE:2015-8562]

Sources triggering this attack signature

Source# Alerts (sig)# Alerts (total)# Dsts (sig)# Dsts (total)
92.63.91.816611
119.29.233.672211
132.232.107.1722211
61.219.41.1441111
218.89.222.1581111
106.13.44.341111
118.25.211.2501111
220.164.144.1611211
194.225.198.1331111
139.155.110.621111
77.243.181.1961111
115.159.198.811111
134.175.117.1371111
178.162.217.1361111
192.187.114.111111
123.207.227.661111
118.25.111.121211

Destinations receiving this attack signature

Destinations# Alerts (sig)# Alerts (total)# Srcs (sig)# Srcs (total)
192.168.0.382434217212

SnortSnarf brought to you courtesy of Silicon Defense
Authors: Jim Hoagland and Stuart Staniford
See also the Snort Page by Marty Roesch
Page generated at Thu Oct 24 06:01:03 2019