""ET EXPLOIT Possible CVE-2016-0777 Client Sent Roaming Resume Request""
SID: 2022370
Revision: 2
Class Type: attempted-user
Metadata: created_at 2016_01_15, cve CVE_2016_0777, updated_at 2016_01_15
Reference:
Protocol: tcp
Source Network: any
Source Port: any
Destination Network: any
Destination Port: $SSH_PORTS
Flow: established,to_server
Contents:
- Value: "|14|"
Offset: 6
-
Value: "roaming@appgate.com"
-
Value: !"AppGateSSH_5.2"
Within:
PCRE:
Special Options: