logo
Welcome Guest! To enable all features please Login or Register.

Notification

Icon
Error

Options
Go to last post Go to first unread
jeffshead  
#1 Posted : Monday, October 2, 2017 12:02:07 PM(UTC)
jeffshead


Rank: Member

Joined: 10/22/2015(UTC)
Posts: 26
United States

Thanks: 1 times
Are there any known vulnerabilities or past vulnerabilities that have been patched in SC or any of the libraries included with SC?

I ask because SC is the only site that is experiencing multiple attacks that are triggering SNORT rule #: 42430.

Scott  
#2 Posted : Wednesday, October 4, 2017 10:48:18 AM(UTC)
Scott


Rank: Administration

Medals: Level 4: Wise Old Owl! Received 100 Thanks!

Joined: 3/28/2014(UTC)
Posts: 2,468
United States

Thanks: 3 times
Was thanked: 304 time(s) in 261 post(s)
I cannot think of anything in our software that would throw that trigger. Especially since it's talking about a PhpCMS and we don't use any PHP in our entire codebase as far as I'm aware.
ScreenConnect Team
jeffshead  
#3 Posted : Wednesday, October 4, 2017 11:06:05 AM(UTC)
jeffshead


Rank: Member

Joined: 10/22/2015(UTC)
Posts: 26
United States

Thanks: 1 times
Originally Posted by: Scott Go to Quoted Post
I cannot think of anything in our software that would throw that trigger...


Thank you!

The software is not triggering the SNORT rule. Attacks from abroad are triggering the rule. My concern is the fact that only SC is being targeting when there are several other platforms being hosted on the same server. I was thinking the attackers must know of a past or present vulnerability in SC.
Users browsing this topic
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.