""ET EXPLOIT Possible CVE-2018-0171 Exploit (PoC based)""

SID: 2025472

Revision: 1

Class Type: attempted-admin

Metadata: affected_product Cisco_ASA, attack_target Networking_Equipment, created_at 2018_04_06, cve CVE_2018_0171, deployment Perimeter, signature_severity Major, updated_at 2018_04_06

Reference:

Protocol: tcp

Source Network: any

Source Port: any

Destination Network: $HOME_NET

Destination Port: 4786

Flow: established,to_server

Contents:

  • Value: "|00 00 00 01 00 00 00 01 00 00 00 07|" Depth: 12

  • Value: "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"

  • Value: "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB"

Within: 44

PCRE:

Special Options:

source