""ET EXPLOIT Possible 2015-7547 Malformed Server response""

SID: 2022531

Revision: 1

Class Type: attempted-user

Metadata: created_at 2016_02_17, cve CVE_2015_7547, updated_at 2016_02_17

Reference:

• cve

• 2015-7547

Protocol: udp

Source Network: any

Source Port: 53

Destination Network: $HOME_NET

Destination Port: any

Flow: from_server

Contents:

• Value: "|00 01 00 00 00 00 00 00|" Depth: 8 Offset: 4

Within:

PCRE: "/^[^\x00]+\x00\x00\x01/R"

Special Options:

source