SSHD Error Message CVE-2018-15473

Nov 10, 2025 · attack.reconnaissance attack.t1589 cve.2018-15473 detection.emerging-threats ·

Detects exploitation attempt using public exploit code for CVE-2018-15473

Sigma rule (View on GitHub)

 1title: SSHD Error Message CVE-2018-15473
 2id: 4c9d903d-4939-4094-ade0-3cb748f4d7da
 3status: test
 4description: Detects exploitation attempt using public exploit code for CVE-2018-15473
 5references:
 6    - https://github.com/Rhynorater/CVE-2018-15473-Exploit
 7author: Florian Roth (Nextron Systems)
 8date: 2017-08-24
 9modified: 2021-11-27
10tags:
11    - attack.reconnaissance
12    - attack.t1589
13    - cve.2018-15473
14    - detection.emerging-threats
15logsource:
16    product: linux
17    service: sshd
18detection:
19    keywords:
20        - 'error: buffer_get_ret: trying to get more bytes 1907 than in buffer 308 [preauth]'
21    condition: keywords
22falsepositives:
23    - Unknown
24level: medium

References

GitHub - Rhynorater/CVE-2018-15473-Exploit: Exploit written in Python for CVE-2018-15473 with threading and export formats

Exploit written in Python for CVE-2018-15473 with threading and export formats - Rhynorater/CVE-2018-15473-Exploit

Read More

SSHD Error Message CVE-2018-15473

Sigma rule (View on GitHub)

References

GitHub - Rhynorater/CVE-2018-15473-Exploit: Exploit written in Python for CVE-2018-15473 with threading and export formats

Related rules