![[Silicon Defense logo]](../SDlogo.gif)
|
SnortSnarf signature pageSERVER-APACHE Apache Struts remote code execution attemptSnortSnarf v021111.1 |
| Signature section (773) | Top 20 source IPs | Top 20 dest IPs |
32 alerts with this signature using input module SnortFileInput, with sources:
Earliest such alert at 14:29:38.900448 on 04/14/2020
Latest such alert at 06:22:59.261900 on 01/11/2021
| SERVER-APACHE Apache Struts remote code execution attempt | 10 sources | 1 destinations |
| Priority: 1 | Classification: Attempted Administrator Privilege Gain | |
| [sid:41818] [CVE:2017-9791][Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5638] | ||
| Source | # Alerts (sig) | # Alerts (total) | # Dsts (sig) | # Dsts (total) |
| 60.170.209.135 | 8 | 8 | 1 | 1 |
| 116.247.101.34 | 6 | 6 | 1 | 1 |
| 112.196.34.163 | 4 | 4 | 1 | 1 |
| 92.52.175.165 | 3 | 3 | 1 | 1 |
| 41.197.31.50 | 2 | 2 | 1 | 1 |
| 116.207.199.209 | 2 | 2 | 1 | 1 |
| 213.183.51.17 | 2 | 2 | 1 | 1 |
| 114.80.114.81 | 2 | 2 | 1 | 1 |
| 221.12.58.174 | 2 | 2 | 1 | 1 |
| 66.111.41.250 | 1 | 1 | 1 | 1 |
| Destinations | # Alerts (sig) | # Alerts (total) | # Srcs (sig) | # Srcs (total) |
| 192.168.0.38 | 32 | 769 | 10 | 431 |