Snort mailing list archives
WEB-MISC prefix-get //
From: "Sheahan, Paul (PCLN-NW)" <Paul.Sheahan () priceline com>
Date: Thu, 13 Sep 2001 17:23:30 -0400
I'm using Snort 1.8.1 b78 on Red Hat Linux 7.0. I see a lot of these alerts in my snort logs: WEB-MISC prefix-get // When I look at the traces on the packets, it appears that someone just basically put two slashes after the .com and before the rest of the URL. I tried this on some valid URLs and if I use one slash or two slashes, it seems to work either way. Does anyone know anything about this vulnerability and what exploits are available etc? I can't seem to find any info on it..... Thanks _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- WEB-MISC prefix-get // Sheahan, Paul (PCLN-NW) (Sep 13)