""ET EXPLOIT Possible CVE-2015-7547 A/AAAA Record Lookup Possible Forced FallBack(fb set)""
SID: 2022546
Revision: 1
Class Type: attempted-user
Metadata: created_at 2016_02_18, cve CVE_2015_7547, updated_at 2016_02_18
Reference:
-
cve
-
2015-7547
Protocol: tcp
Source Network: $HOME_NET
Source Port: any
Destination Network: $EXTERNAL_NET
Destination Port: 53
Flow: established,to_server
Contents:
- Value: "|00 01 00 00 00 00 00 00|" Depth: 8 Offset: 6
Within:
PCRE: "/^(?:.[a-z0-9-]{2,}){2,}\x00\x00(?:\x01|\x1c)/Ri"
Special Options: