ATTACK [PTsecurity] Mikrotik RouterOS unauthenticated DNS cache poisoning (CVE-2019-3978)

SID: 10005475Rev: 10 views

Sourceptresearch/attackdetection

CreatedDecember 13, 2021

UpdatedDecember 13, 2021

Classificationattempted-admin

alert tcp any any -> any any (msg:"ATTACK [PTsecurity] Mikrotik RouterOS unauthenticated DNS cache poisoning (CVE-2019-3978)"; flow:established, to_server, no_stream; content:"M2"; offset:4; depth:2; content:"|01 00 00 08|"; content:"|07 00 FF 09 03|"; content:"|03 00 00 21|"; content:"|01 00 FF 88 01 00 0E 00 00 00|"; reference:cve, 2019-3978; reference:cve, medium.com/tenable-techblog/routeros-chain-to-root-f4e0b07c0b21; reference:url, github.com/ptresearch/AttackDetection; classtype:attempted-admin; sid:10005475; rev:1;)

References

cve	2019-3978
cve	medium.com/tenable-techblog/routeros-chain-to-root-f4e0b07c0b21
url	github.com/ptresearch/AttackDetection

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!