Snort mailing list archives
ENABLED vs DISABLED
From: "Filice II, Anthony via Snort-sigs" <snort-sigs () lists snort org>
Date: Wed, 29 Jul 2020 20:01:59 +0000
All, Does anyone know why this new release shows DISABLED. Especially when several are still currently being exploited? * 1:54637 <-> DISABLED <-> SERVER-WEBAPP Zoom Client ZoomOpener remote code execution attempt (server-webapp.rules) * 1:54636 <-> DISABLED <-> SERVER-WEBAPP Zoom Client ZoomOpener remote code execution attempt (server-webapp.rules) * 1:54650 <-> DISABLED <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt (server-webapp.rules) * 1:54649 <-> DISABLED <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt (server-webapp.rules)
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists snort org https://lists.snort.org/mailman/listinfo/snort-sigs Please visit http://blog.snort.org for the latest news about Snort! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!
Current thread:
- ENABLED vs DISABLED Filice II, Anthony via Snort-sigs (Jul 29)
- Re: ENABLED vs DISABLED Joel Esler (jesler) via Snort-sigs (Jul 29)