Rule:

--
Sid:
17801

--
Summary:
This event is generated when an attempt is made to exploit a known vulnerability in an application acting as a client in a web related transaction.

--
Impact:
Serious. Possible execution of arbitrary code of the attackers choosing.

--
Detailed Information:
Many applications have a web enabled component, which allows them to access data on the Internet. This event indicates that an application with the ability to make requests to resources on the Internet has made such a request and may be vulnerable to an attack.

In this case, the application Director is the one in question.

--
Affected Systems:

--
Attack Scenarios:


--
Ease of Attack:
Simple. Exploits exist.

--
False Positives:
None known.

--
False Negatives:
None known.

--
Corrective Action:
Ensure the system is using an up to date version of the software and has had all vendor supplied patches applied.

--
Contributors:
Sourcefire Vulnerability Research Team


--
Additional References:

--
