ET EXPLOIT Possible WINS Server Remote Memory Corruption Vulnerability

SID: 2024435Rev: 10 views
History
Sourceet/open
CreatedJune 29, 2017
UpdatedJuly 26, 2019
Classificationattempted-user
alert tcp $HOME_NET any -> $HOME_NET 42 (msg:"ET EXPLOIT Possible WINS Server Remote Memory Corruption Vulnerability"; flow:to_server,established; dsize:48; content:"|00 00 78 00|"; offset:4; depth:4; content:"|00 00 00 05|"; offset:16; depth:4; fast_pattern; threshold:type both, count 3, seconds 1, track by_src; reference:url,blog.fortinet.com/2017/06/14/wins-server-remote-memory-corruption-vulnerability-in-microsoft-windows-server; classtype:attempted-user; sid:2024435; rev:1; metadata:affected_product Windows_DNS_server, attack_target DNS_Server, created_at 2017_06_29, deployment Datacenter, performance_impact Low, confidence Low, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)

References

urlblog.fortinet.com/2017/06/14/wins-server-remote-memory-corruption-vulnerability-in-microsoft-windows-server

Metadata

affected productWindows_DNS_server
attack targetDNS_Server
created at2017_06_29
deploymentDatacenter
performance impactLow
confidenceLow
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2019_07_26

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!