""ET EXPLOIT Possible Malicious NAT-PMP Response Successful TCP Map to External Network""

SID: 2019491

Revision: 2

Class Type: attempted-admin

Metadata: created_at 2014_10_22, updated_at 2014_10_22

Reference:

• Link

Protocol: udp

Source Network: $HOME_NET

Source Port: 5351

Destination Network: $EXTERNAL_NET

Destination Port: any

Flow:

Contents:

• Value: "|82 00 00|" Depth: 3 Offset: 1

Within:

PCRE:

Special Options:

source