Rule History

SID: 2030385 • Source: et/open

Versions (3)

Version DetailsCurrent

Rev: 1 • Jun 22, 2020, 12:00 PM

Message:

ET EXPLOIT Possible CVE-2020-11896/CVE-2020-11898 Fragments inside IP-in-IP tunnel

Rule:

alert ip any any -> any any (msg:"ET EXPLOIT Possible CVE-2020-11896/CVE-2020-11898 Fragments inside IP-in-IP tunnel"; ip_proto:4; fragbits:M; reference:url,www.jsof-tech.com/ripple20/; classtype:attempted-admin; sid:2030385; rev:1; metadata:created_at 2020_06_22, performance_impact Significant, confidence Medium, signature_severity Major, updated_at 2020_06_22;)

Created:

Jun 22, 2020, 12:00 PM

Updated:

Jun 22, 2020, 12:00 PM

DB Created:

Sep 21, 2024, 3:00 AM

DB Updated:

Sep 21, 2024, 3:00 AM

Filename:

rules/emerging-exploit.rules