ATTACK [PTsecurity] Suspicious explicitly-defined ECC parameters. Possible CVE-2020-0601 crafted certificate

SID: 10005695Rev: 10 views

Sourceptresearch/attackdetection

CreatedDecember 13, 2021

UpdatedDecember 13, 2021

Classificationtrojan-activity

alert tcp any any -> any any (msg:"ATTACK [PTsecurity] Suspicious explicitly-defined ECC parameters. Possible CVE-2020-0601 crafted certificate"; flow:established; content:"|06 07 2a 86 48 ce 3d 02 01 30 82|"; content:"|06 07 2a 86 48 ce 3d 01 01 02|"; within:200; reference:cve, 2020-0601; reference:url, github.com/ollypwn/cve-2020-0601; reference:url, github.com/ptresearch/AttackDetection; classtype:trojan-activity; sid:10005695; rev:1;)

References

cve	2020-0601
url	github.com/ollypwn/cve-2020-0601
url	github.com/ptresearch/AttackDetection

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!