ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 - Known Exploit Instance - Suricata Rule 2008700 (et/open)

ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 - Known Exploit Instance

SID: 2008700Rev: 50 viewsHistory

Sourceet/open

CreatedJuly 30, 2010

UpdatedJuly 26, 2019

Classificationattempted-admin

alert udp any any -> $HOME_NET 139 (msg:"ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 - Known Exploit Instance"; content:"|00 2e 00 2e 00 2f 00 2e 00 2e 00 2f 00 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 87|"; reference:url,www.microsoft.com/technet/security/Bulletin/MS08-067.mspx; reference:cve,2008-4250; reference:url,www.kb.cert.org/vuls/id/827267; classtype:attempted-admin; sid:2008700; rev:5; metadata:created_at 2010_07_30, cve CVE_2008_4250, confidence Medium, signature_severity Major, updated_at 2019_07_26;)

References

url	www.microsoft.com/technet/security/Bulletin/MS08-067.mspx
cve	2008-4250
url	www.kb.cert.org/vuls/id/827267

Metadata

created at2010_07_30

cveCVE-2008-4250

confidenceMedium

signature severityMajor

updated at2019_07_26

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!