HTTP: Suspicious Multi Part Traffic

This signature detects a suspicious HTTP MULTI-PART data traffic, where "Boundary" string is missing to mark the initiation of boundary. This kind of behavior is mostly observed when someone is trying to scan and send malicious traffic against a network security device using various traffic generators.

Extended Description

Cross-site scripting (XSS) vulnerability in the Job Manager plugin 0.7.22 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the email field.

Affected Products

Job_manager_project job_manager

References

BugTraq: 76503

CVE: CVE-2015-2321

Short Name
HTTP:EXPLOIT:SUSPICIOUS-MUL-PRT
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2015-2321 Multi Part Suspicious Traffic bid:76503
Release Date
03/20/2017
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3415
False Positive
Unknown
Vendors

Job_manager_project

CVSS Score

4.3

Found a potential security threat?