""ET EXPLOIT Possible CVE-2015-7547 Long Response to AAAA lookup""
SID: 2022544
Revision: 1
Class Type: attempted-user
Metadata: created_at 2016_02_18, cve CVE_2015_7547, updated_at 2016_02_18
Reference:
-
cve
-
2015-7547
Protocol: udp
Source Network: any
Source Port: 53
Destination Network: $HOME_NET
Destination Port: any
Flow: from_server
Contents:
-
Value: "|00 01|" Depth: 2 Offset: 4
-
Value: "|00 00 1c 00 01|"
Within: 5
PCRE: "/^.{6}[^\x00]+/Rs"
Special Options: