ET EXPLOIT Possible DNS BIND TSIG Denial of Service Attempt (CVE-2020-8617)

SID: 2030221Rev: 20 viewsHistory

Sourceet/open

CreatedMay 26, 2020

UpdatedMarch 24, 2022

Classificationdenial-of-service

alert dns $EXTERNAL_NET any -> any any (msg:"ET EXPLOIT Possible DNS BIND TSIG Denial of Service Attempt (CVE-2020-8617)"; content:"|00|"; distance:0; byte_extract:1,1,rec_name,relative; content:"|00 00 fa 00 ff|"; distance:rec_name; within:5; fast_pattern; content:"|00 10 00 00|"; endswith; reference:cve,2020-8617; classtype:denial-of-service; sid:2030221; rev:2; metadata:attack_target DNS_Server, created_at 2020_05_26, deployment Datacenter, performance_impact Low, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2022_03_24;)

References

cve

2020-8617

Metadata

attack targetDNS_Server

created at2020_05_26

deploymentDatacenter

performance impactLow

confidenceMedium

signature severityMajor

tagDescription_Generated_By_Proofpoint_Nexus

updated at2022_03_24

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!