ET NETBIOS PolarisOffice Insecure Library Loading - SMB ASCII - Suricata Rule 2025790 (et/open)

ET NETBIOS PolarisOffice Insecure Library Loading - SMB ASCII

SID: 2025790Rev: 21 viewsHistory

Sourceet/open

CreatedJuly 6, 2018

UpdatedSeptember 9, 2021

Classificationattempted-user

alert tcp $HOME_NET [445,139] -> any any (msg:"ET NETBIOS PolarisOffice Insecure Library Loading - SMB ASCII"; flow:from_server; content:"SMB"; offset:4; depth:5; byte_test:1,!&,0x80,7,relative; content:"puiframeworkproresenu|2E|dll"; nocase; distance:0; fast_pattern; reference:cve,2018-12589; reference:url,exploit-db.com/exploits/44985; classtype:attempted-user; sid:2025790; rev:2; metadata:attack_target Client_Endpoint, created_at 2018_07_06, cve CVE_2018_12589, deployment Perimeter, signature_severity Informational, updated_at 2021_09_09;)

References

cve	2018-12589
url	exploit-db.com/exploits/44985

Metadata

attack targetClient_Endpoint

created at2018_07_06

cveCVE-2018-12589

deploymentPerimeter

signature severityInformational

updated at2021_09_09

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!