ET EXPLOIT OpenBMC slpd-lite Language Tag Length Memory Corruption Attempt (CVE-2024-41660)

SID: 2055309Rev: 141 views

Sourceet/open

CreatedAugust 16, 2024

UpdatedAugust 16, 2024

Classificationattempted-admin

alert udp any any -> $HOME_NET 427 (msg:"ET EXPLOIT OpenBMC slpd-lite Language Tag Length Memory Corruption Attempt (CVE-2024-41660)"; content:"|02 09 00 00 00 ff 00 00 00 00 00 00 00|"; startswith; fast_pattern; pcre:"/^(\xff\xff|\xfd\xe8)/R"; reference:url,www.tetrelsec.com/posts/cve-2024-41660-slpd-lite/; reference:cve,2024-41660; classtype:attempted-admin; sid:2055309; rev:1; metadata:affected_product OpenBMC, attack_target Networking_Equipment, tls_state plaintext, created_at 2024_08_16, cve CVE_2024_41660, deployment Perimeter, deployment Internal, performance_impact Low, confidence High, signature_severity Major, updated_at 2024_08_16; target:dest_ip;)

References

url	www.tetrelsec.com/posts/cve-2024-41660-slpd-lite/
cve	2024-41660

Metadata

affected productOpenBMC

attack targetNetworking_Equipment

tls stateplaintext

created at2024_08_16

cveCVE-2024-41660

deploymentInternal

performance impactLow

confidenceHigh

signature severityMajor

updated at2024_08_16

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!