Versions (2)
Version DetailsCurrent
Rev: 4 • Oct 4, 2016, 12:00 PMET DELETED BIND9 msg->reserved Assertion DoS Packet Inbound (CVE-2016-2776)
alert udp any any -> $DNS_SERVERS 53 (msg:"ET DELETED BIND9 msg->reserved Assertion DoS Packet Inbound (CVE-2016-2776)"; dsize:>512; content:"|00 00 00 01 00 00 00 00 00 01|"; depth:10; offset:2; content:"|00 00 01 00 01|"; distance:0; content:"|00 00 FA|"; distance:0; reference:cve,cve-2016-2776; reference:url,blog.infobytesec.com/2016/10/a-tale-of-dns-packet-cve-2016-2776.html; classtype:attempted-dos; sid:2023317; rev:4; metadata:affected_product BIND, attack_target Server, created_at 2016_10_04, deployment Datacenter, signature_severity Major, updated_at 2022_04_29;)
Oct 4, 2016, 12:00 PM
Apr 29, 2022, 12:00 PM
Oct 4, 2016, 12:00 PM
May 31, 2024, 9:00 PM
rules/emerging-deleted.rules