""ET EXPLOIT Equation Group ExtraBacon Cisco ASA AAAADMINAUTH Disable""
SID: 2023071
Revision: 1
Class Type: attempted-admin
Metadata: affected_product Cisco_ASA, attack_target Server, created_at 2016_08_17, deployment Datacenter, performance_impact Low, signature_severity Critical, updated_at 2016_08_17
Reference:
Protocol: udp
Source Network: any
Source Port: any
Destination Network: any
Destination Port: 161
Flow:
Contents:
-
Value: "|bf a5 a5 a5 a5 b8 d8 a5 a5 a5 31 f8 bb a5|"
-
Value: "|ad 31 fb b9 a5 b5 a5 a5 31 f9 ba a2 a5 a5 a5 31 fa cd 80 eb 14 bf|"
-
Value: "|31 c9 b1 04 fc f3 a4 e9 0c 00 00 00 5e eb ec e8 f8 ff ff ff 31 c0 40 c3|"
Within: 24
PCRE:
Special Options: