""ET EXPLOIT Possible OpenVPN CVE-2014-6271 attempt""

SID: 2019322

Revision: 2

Class Type: attempted-admin

Metadata: created_at 2014_09_30, cve CVE_2014_6271, updated_at 2014_10_01

Reference:

• Link

Protocol: udp

Source Network: any

Source Port: any

Destination Network: $HOME_NET

Destination Port: 1194

Flow: to_server

Contents:

• Value: "|20|" Depth: 1

• Value: "|28 29 20 7b|"

Within:

PCRE:

Special Options:

source