Rule History

SID: 2016324 • Source: et/open

Versions (3)

Version DetailsCurrent

Rev: 3 • Jan 31, 2013, 12:00 PM

Message:

ET DOS LibuPnP CVE-2012-5964 ST URN ServiceType Buffer Overflow

Rule:

alert udp $EXTERNAL_NET any -> $HOME_NET 1900 (msg:"ET DOS LibuPnP CVE-2012-5964 ST URN ServiceType Buffer Overflow"; content:"|0D 0A|ST|3a|"; nocase; pcre:"/^[^\r\n]*urn\x3aservice\x3a[^\r\n\x3a]{181}/Ri"; content:"urn|3a|service"; nocase; fast_pattern; reference:cve,CVE-2012-5964; classtype:attempted-dos; sid:2016324; rev:3; metadata:created_at 2013_01_31, confidence High, signature_severity Major, updated_at 2022_07_01;)

Created:

Jan 31, 2013, 12:00 PM

Updated:

Jul 1, 2022, 12:00 PM

DB Created:

Sep 21, 2024, 3:00 AM

DB Updated:

May 30, 2025, 12:04 AM

Filename:

rules/emerging-dos.rules