Rule History

alert icmp any any -> any any (msg: "ATTACK [PTsecurity] Dnsmasq <2.78 Heap Based Buffer Overflow (CVE-2017-14492)"; itype: 133; icode: 0; content: "|01|"; offset: 4; depth: 1; byte_test: 1, >, 150, 0, relative; isdataat: 1500, relative; reference: cve, 2017-14492; reference: url, security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html; reference: url, rules.ptsecurity.com; classtype: attempted-admin; sid: 10002469; rev: 2;)