SnortID.com - Search for SNORT ID's - Snort is a registered trademark of Sourcefire, Inc

Enter a Snort ID to lookup (e.g 1:269)

Search String: 119:18

N.B.: Maximum of 50 results are displayed

Sid	Summary	Impact	Detailed Information	Affected Systems	Attack Scenarios	Ease of Attack	False Positive	False Negative	Corrective Action	Contributors	Additional References
119:18	This event is generated when the pre-processor http_inspect detects network traffic that may constitute an attack.	Directory traversal outside the root directory of a web server.	This event is generated when the http_inspect pre-processor detects an attempt to escape the root directory of a web server by an attacker using a directory traversal technique. This event can be controlled using the ((http_inspect)) configuration options.	All web servers.	An attacker may employ a directory traversal technique to escape the root directory of a web server in an attempt to access protected system files.	Simple.	None Known.	None Known.	Check the target host for signs of compromise. Apply any appropriate vendor supplied patches.	Daniel Roelker Sourcefire Vulnerability Research Team Nigel Houghton	HTTP IDS Evasions Revisited - Daniel Roelker http://docs.idsresearch.org/http_ids_evasions.pdf