GHOST Vulnerability (CVE-2015-0235)
Updated Jun 06, 2023
Version 2.0Was this article helpful?
Here's an optimization to the iRule:
when CLIENT_ACCEPTED {
TCP::collect
}
when CLIENT_DATA {
switch -- [string toupper [TCP::payload 5]] {
"HELO " -
"EHLO " {
if {[TCP::payload length] > 1000 ) } {
log local0. "Detected GHOST exploitation attempt"
TCP::close return
}
}
}
TCP::release
TCP::collect
}