Signature Detail
Short Name |
HTTP:WIN-CMD:ROOT.EXE |
|---|---|
Severity |
Medium |
Recommended |
No |
Category |
HTTP |
Keywords |
Windows Command Root.exe Probe |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Windows Command Root.exe Probe
This signature detects the Windows command "root.exe" within a URL. This command does not normally appear in a URL, and can indicate an attempt to compromise the system.
Extended Description
Attackers could probe for vulnerable web servers, and if successful, could be able to execute arbitrary commands on the target in the context of the web server or administrator.
References
- CERT: CA-1996-11
- CVE: CVE-1999-0509