ATTACK [PTsecurity] Cisco Adaptive Security Appliance 8.x SNMP overflow RCE Probe

SID: 10000098Rev: 20 views

Sourceptresearch/attackdetection

CreatedDecember 13, 2021

UpdatedDecember 13, 2021

Classificationattempted-recon

alert udp any any -> $HOME_NET 161 (msg:"ATTACK [PTsecurity] Cisco Adaptive Security Appliance 8.x SNMP overflow RCE Probe"; content:"|a035020100020100020100302a300c06082b060102010101000500300c06082b060102010103000500300c06082b060102010105000500|"; isdataat:!1, relative; reference:url, blogs.cisco.com/security/shadow-brokers; reference:cve, 2016-6366; classtype:attempted-recon; reference:url, github.com/ptresearch/AttackDetection; sid:10000098; rev:2;)

References

url	blogs.cisco.com/security/shadow-brokers
cve	2016-6366
url	github.com/ptresearch/AttackDetection

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!