alert tcp any any -> $HOME_NET 19000 (msg:"ET EXPLOIT Bloomberg Comdb2 Distributed Transaction Abort Operation DoS (CVE-2025-46354)"; flow:established,to_server; content:"|00 00 00 01|"; fast_pattern; startswith; byte_extract:1,15,data_len; isdataat:data_len; content:"|0a|"; distance:2; within:1; content:"|08 06|"; distance:0; threshold:type threshold, track by_src, count 10, seconds 60; reference:url,talosintelligence.com/vulnerability_reports/TALOS-2025-2198; reference:cve,2025-46354; classtype:attempted-dos; sid:2063842; rev:1; metadata:attack_target Networking_Equipment, created_at 2025_07_31, cve CVE_2025_46354, deployment Perimeter, deployment Internal, performance_impact Significant, confidence Medium, signature_severity Major, updated_at 2025_07_31; target:dest_ip;)