""ET EXPLOIT Possible CVE-2015-7547 Malformed Server Response A/AAAA""
SID: 2022545
Revision: 1
Class Type: attempted-user
Metadata: created_at 2016_02_18, cve CVE_2015_7547, updated_at 2016_02_18
Reference:
-
cve
-
2015-7547
Protocol: udp
Source Network: any
Source Port: 53
Destination Network: $HOME_NET
Destination Port: any
Flow: from_server
Contents:
- Value: "|00 01 00 00 00 00 00 00|" Depth: 10 Offset: 4
Within:
PCRE: "/^(?:.[a-z0-9-]{2,}){2,}\x00\x00(?:\x01|\x1c)/Ri"
Special Options: