©2026 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
FILE-IDENTIFY -- Snort has detecte File Type indicators associated with packet data, which it will use to facilitate a flowbit, a method of stringing rules together. In a flowbit, one rule examines packets for file type indications, which it uses to switch rules pertaining to that file type from a dormant to active state in order to process the appropriate packets. File-type rules stay dormant to prevent alerts on innocent traffic. That same traffic, when contained in, for instance, a .doc file attached to an email, might be a threat and should be scanned.
FILE-IDENTIFY no explanation kikikikikikikikikiki MWP 20220124 SMIL file download request
No explanation given.
123
No public information
No known false positives
Cisco Talos Intelligence Group
Rule Categories::Browser::Internet Explorer
Local File Inclusion
Local File Inclusion (LFI) attackers attempt to trick the web server into executing a file local to its own file system. The attacker might have saved the file there in another way first, or the target file could be a local executable that should not be accessible to the web server otherwise. A successful LFI can lead to data leaks or remote code execution. Avoid dynamic inclusion of user input files, or whitelist files that may be included.
CVE-2017-11588 |
Loading description
|
©2026 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.