any plan to support CVE-2017-9805?
Posted: Thu Sep 07, 2017 6:55 pm
Hi, team..
Do you have any plan to release modsecurity rule to support CVE-2017-9805 issue?
Here are the information you may refer.
snort rule
https://exchange.xforce.ibmcloud.com/co ... b1be8e2098
alert tcp any any -> any any (msg:"Detected Struts2 RCE S2-052";sid:20;content:"POST";nocase;http_method;content:"/struts2-rest-showcase/";nocase;http_uri;content:"<next class=\"java.lang.ProcessBuilder\">";nocase;http_client_body;
F5 :: Using "java.lang.ProcessBuilder" string match..
https://devcentral.f5.com/articles/apac ... 12143334=1
Thanks
Do you have any plan to release modsecurity rule to support CVE-2017-9805 issue?
Here are the information you may refer.
snort rule
https://exchange.xforce.ibmcloud.com/co ... b1be8e2098
alert tcp any any -> any any (msg:"Detected Struts2 RCE S2-052";sid:20;content:"POST";nocase;http_method;content:"/struts2-rest-showcase/";nocase;http_uri;content:"<next class=\"java.lang.ProcessBuilder\">";nocase;http_client_body;
F5 :: Using "java.lang.ProcessBuilder" string match..
https://devcentral.f5.com/articles/apac ... 12143334=1
Thanks