""ET EXPLOIT Possible CVE-2014-6271 Attempt Against SIP Proxy""

SID: 2019290

Revision: 2

Class Type: attempted-admin

Metadata: created_at 2014_09_27, cve CVE_2014_6271, updated_at 2014_10_01

Reference:

• Link

Protocol: tcp

Source Network: any

Source Port: any

Destination Network: $HOME_NET

Destination Port: [5060,5061]

Flow: to_server,established

Contents:

• Value: "|28 29 20 7b|"

Within:

PCRE:

Special Options:

source