ATTACK [PTsecurity] Mikrotik RouterOS unauthenticated DNS cache poisoning (CVE-2019-3978)

SID: 10005475Rev: 425 views
History
Sourceptrules/open
CreatedJuly 24, 2025
UpdatedJuly 24, 2025
Classificationattempted-admin
alert tcp any any -> any any (msg:"ATTACK [PTsecurity] Mikrotik RouterOS unauthenticated DNS cache poisoning (CVE-2019-3978)"; flow:established, to_server, no_stream; content:"M2"; offset:4; depth:2; content:"|01 00 00 08|"; content:"|07 00 FF 09 03|"; content:"|03 00 00 21|"; content:"|01 00 FF 88 01 00 0E 00 00 00|"; reference:cve, 2019-3978; reference:url, medium.com/tenable-techblog/routeros-chain-to-root-f4e0b07c0b21; reference:url, rules.ptsecurity.com; classtype:attempted-admin; sid:10005475; rev:4;)

References

cve2019-3978
urlmedium.com/tenable-techblog/routeros-chain-to-root-f4e0b07c0b21
urlrules.ptsecurity.com

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!