ET EXPLOIT Microsoft RDP Server targetParams Exploit Attempt

SID: 2014383Rev: 20 viewsHistory

Sourceet/open

CreatedMarch 13, 2012

UpdatedJuly 26, 2019

Classificationattempted-admin

alert tcp any any -> $HOME_NET 3389 (msg:"ET EXPLOIT Microsoft RDP Server targetParams Exploit Attempt"; flow:to_server,established; content:"|03 00|"; depth:2; content:"|7f 65 82 01 94|"; distance:24; within:5; content:"|30 19|"; distance:9; within:2; byte_test:1,<,6,3,relative; reference:url,msdn.microsoft.com/en-us/library/cc240836.aspx; reference:cve,2012-0002; classtype:attempted-admin; sid:2014383; rev:2; metadata:created_at 2012_03_13, signature_severity Major, updated_at 2019_07_26;)

References

url	msdn.microsoft.com/en-us/library/cc240836.aspx
cve	2012-0002

Metadata

created at2012_03_13

signature severityMajor

updated at2019_07_26

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!