GPL NETBIOS DCERPC LSASS DsRolerUpgradeDownlevelServer Exploit attempt

SID: 2102508Rev: 80 views
History
Sourceet/open
CreatedSeptember 23, 2010
UpdatedJuly 26, 2019
Classificationattempted-admin
alert tcp $EXTERNAL_NET any -> $HOME_NET 135 (msg:"GPL NETBIOS DCERPC LSASS DsRolerUpgradeDownlevelServer Exploit attempt"; flow:to_server,established; content:"|05|"; content:"|00|"; within:1; distance:1; content:"|09 00|"; within:2; distance:19; flowbits:isset,netbios.lsass.bind.attempt; reference:bugtraq,10108; reference:cve,2003-0533; reference:url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx; classtype:attempted-admin; sid:2102508; rev:8; metadata:created_at 2010_09_23, signature_severity Informational, updated_at 2019_07_26;)

References

bugtraq10108
cve2003-0533
urlwww.microsoft.com/technet/security/bulletin/MS04-011.mspx

Metadata

created at2010_09_23
signature severityInformational
updated at2019_07_26

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!