""ET CURRENT_EVENTS SUSPICIOUS DTLS 1.0 Fragmented Client Hello Possible CVE-2014-0195""
SID: 2018560
Revision: 3
Class Type: attempted-user
Metadata: created_at 2014_06_13, cve CVE_2014_0195, updated_at 2022_05_03, reviewed_at 2024_03_07
Reference:
Protocol: udp
Source Network: $EXTERNAL_NET
Source Port: any
Destination Network: $HOME_NET
Destination Port: any
Flow:
Contents:
-
Value: "|16 fe ff 00 00 00 00 00 00 00|" Depth: 10
-
Value: "|01|"
-
Value: "|01|"
Within: 1
PCRE:
Special Options: