""ET EXPLOIT Possible OpenSSL Infinite Loop Inducing Cert Inbound via UDP (CVE-2022-0778)""
SID: 2035888
Revision: 2
Class Type: denial-of-service
Metadata: affected_product OpenSSL, attack_target Server, created_at 2022_04_11, cve CVE_2022_0778, deployment Perimeter, deployment Internal, performance_impact Low, signature_severity Major, updated_at 2022_04_11
Reference:
-
cve
-
2022-0778
Protocol: udp
Source Network: any
Source Port: any
Destination Network: [$HOME_NET,$HTTP_SERVERS]
Destination Port: any
Flow:
Contents:
-
Value: "|30 82|"
-
Value: "|30 0a 06 08 2a 86 48 ce 3d 04 03|"
-
Value: "|2a 86 48 ce 3d 01 01 02 02 02 b9|"
-
Value: "|20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 17|"
-
Value: "|20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00|"
-
Value: "|04 03|"
-
Value: "|00 08|"
Within: 2
PCRE:
Special Options:
- fast_pattern