Detecting CVE-2020-16898

Aashish_Sharma1 · October 14, 2020, 9:43pm

Here is a take at detecting CVE-2020-16898

Based of the blog post :

While, I am running it on our cluster (s), I don't yet have pcaps to say if this
is getting a hit or not.

Any other feedback, improvements most welcome.

Aashish

Vlad_Grigorescu · October 14, 2020, 9:47pm

—Vlad

Ben_Reardon · October 14, 2020, 10:40pm

And yet another, we started yesterday and just released
https://github.com/corelight/CVE-2020-16898

Have referenced both your packages. What a vibrant community.

Ben

Topic		Replies	Views
Blog Post on Detecting CVE-2020-0601 with Zeek Zeek	2	93	May 6, 2022
Work-in-progress package to detect CVE-2020-0601 Zeek	7	127	May 6, 2022
CVE-2020-1350 Detection Inquiry Zeek	4	94	May 6, 2022
Errors trying to implement the detection on CVE-2020-0601 Zeek	6	116	May 6, 2022
Ripple20 Zeek	9	123	May 6, 2022