GPL NETBIOS SMB-DS DCERPC Messenger Service buffer overflow attempt

SID: 2102258Rev: 100 viewsHistory

Sourceet/open

CreatedSeptember 23, 2010

UpdatedJuly 26, 2019

Classificationattempted-admin

alert tcp $EXTERNAL_NET any -> $HOME_NET 445 (msg:"GPL NETBIOS SMB-DS DCERPC Messenger Service buffer overflow attempt"; flow:to_server,established; content:"|FF|SMB%"; depth:5; offset:4; nocase; content:"&|00|"; within:2; distance:56; content:"|5C 00|P|00|I|00|P|00|E|00 5C 00|"; within:12; distance:5; nocase; content:"|04 00|"; within:2; byte_test:1,>,15,2,relative; byte_jump:4,86,little,align,relative; byte_jump:4,8,little,align,relative; byte_test:4,>,1024,0,little,relative; reference:bugtraq,8826; reference:cve,2003-0717; reference:nessus,11888; reference:nessus,11890; reference:url,www.microsoft.com/technet/security/bulletin/MS03-043.mspx; classtype:attempted-admin; sid:2102258; rev:10; metadata:created_at 2010_09_23, cve CVE_2003_0717, confidence High, signature_severity Major, updated_at 2019_07_26;)

References

bugtraq	8826
cve	2003-0717
nessus	11888
nessus	11890
url	www.microsoft.com/technet/security/bulletin/MS03-043.mspx

Metadata

created at2010_09_23

cveCVE-2003-0717

confidenceHigh

signature severityMajor

updated at2019_07_26

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!