ET EXPLOIT SUSPICIOUS DTLS 1.2 Fragmented Client Hello Possible CVE-2014-0195

SID: 2018561Rev: 40 views
History
Sourceet/open
CreatedJune 13, 2014
UpdatedJanuary 19, 2023
Classificationattempted-user
alert udp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT SUSPICIOUS DTLS 1.2 Fragmented Client Hello Possible CVE-2014-0195"; content:"|16 fe fd 00 00 00 00 00 00 00|"; depth:10; content:"|01|"; distance:3; within:1; byte_test:3,>,0,0,relative; byte_test:3,>,0,8,relative; byte_extract:3,0,frag_len,relative; byte_jump:3,5,relative; content:"|01|"; within:1; byte_test:3,!=,frag_len,0,relative; reference:url,h30499.www3.hp.com/t5/HP-Security-Research-Blog/ZDI-14-173-CVE-2014-0195-OpenSSL-DTLS-Fragment-Out-of-Bounds/ba-p/6501002; classtype:attempted-user; sid:2018561; rev:4; metadata:created_at 2014_06_13, deprecation_reason Age, confidence Low, signature_severity Major, updated_at 2023_01_19;)

References

urlh30499.www3.hp.com/t5/HP-Security-Research-Blog/ZDI-14-173-CVE-2014-0195-OpenSSL-DTLS-Fragment-Out-of-Bounds/ba-p/6501002

Metadata

created at2014_06_13
deprecation reasonAge
confidenceLow
signature severityMajor
updated at2023_01_19

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!