EditAttachPrintable
r1 - 12 Oct 2011 - 23:09:28 - TWikiGuestYou are here: TWiki >  Main Web > 2000017

alert tcp $EXTERNAL_NET any -> $HOME_NET 139 (msg:"ET NETBIOS NII Microsoft ASN.1 Library Buffer Overflow Exploit"; flow: to_server,established; content:"|A1 05 23 03 03 01 07|"; fast_pattern:only; reference:url,www.microsoft.com/technet/security/bulletin/ms04-007.asp; reference:url,doc.emergingthreats.net/bin/view/Main/2000017; classtype:bad-unknown; sid:2000017; rev:7;)

Added 2011-10-12 19:09:28 UTC

 

alert tcp $EXTERNAL_NET any -> $HOME_NET 139 (msg:"ET NETBIOS NII Microsoft ASN.1 Library Buffer Overflow Exploit"; flow: to_server,established; content:"|A1 05 23 03 03 01 07|"; fast_pattern:only; classtype: bad-unknown; reference:url,www.microsoft.com/technet/security/bulletin/ms04-007.asp; reference:url,doc.emergingthreats.net/bin/view/Main/2000017; sid:2000017; rev:7;)

Added 2011-09-15 14:46:00 UTC

alert tcp $EXTERNAL_NET any -> $HOME_NET 139 (msg:"ET NETBIOS NII Microsoft ASN.1 Library Buffer Overflow Exploit"; flow: to_server,established; content:"|A1 05 23 03 03 01 07|"; fast_pattern:only; classtype: bad-unknown; reference:url,www.microsoft.com/technet/security/bulletin/ms04-007.asp; reference:url,doc.emergingthreats.net/bin/view/Main/2000017; sid:2000017; rev:7;)

Added 2011-09-14 20:20:09 UTC

alert tcp $EXTERNAL_NET any -> $HOME_NET 139 (msg:"ET NETBIOS NII Microsoft ASN.1 Library Buffer Overflow Exploit"; flow: to_server,established; content:"|A1 05 23 03 03 01 07|"; fast_pattern:only; classtype: bad-unknown; reference:url,www.microsoft.com/technet/security/bulletin/ms04-007.asp; reference:url,doc.emergingthreats.net/bin/view/Main/2000017; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_NETBIOS_ASN1_Overflow; sid:2000017; rev:7;)

Added 2011-02-04 17:21:11 UTC

alert tcp $EXTERNAL_NET any -> $HOME_NET 139 (msg:"ET EXPLOIT NII Microsoft ASN.1 Library Buffer Overflow Exploit"; flow: to_server,established; content:"|A1 05 23 03 03 01 07|"; reference:url,www.microsoft.com/technet/security/bulletin/ms04-007.asp; classtype: bad-unknown; reference:url,doc.emergingthreats.net/bin/view/Main/2000017; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_NETBIOS_ASN1_Overflow; sid:2000017; rev:6;)

Added 2010-06-23 13:46:09 UTC

alert tcp $EXTERNAL_NET any -> $HOME_NET 139 (msg:"ET EXPLOIT NII Microsoft ASN.1 Library Buffer Overflow Exploit"; flow: to_server,established; content:"|A1 05 23 03 03 01 07|"; reference:url,www.microsoft.com/technet/security/bulletin/ms04-007.asp; classtype: bad-unknown; reference:url,doc.emergingthreats.net/bin/view/Main/2000017; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_NETBIOS_ASN1_Overflow; sid:2000017; rev:6;)

Added 2010-06-23 13:46:09 UTC

alert tcp $EXTERNAL_NET any -> $HOME_NET 139 (msg:"ET EXPLOIT NII Microsoft ASN.1 Library Buffer Overflow Exploit"; flow: to_server,established; content:"|A1 05 23 03 03 01 07|"; reference:url,www.microsoft.com/technet/security/bulletin/ms04-007.asp; classtype: bad-unknown; reference:url,doc.emergingthreats.net/bin/view/Main/2000017; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_NETBIOS_ASN1_Overflow; sid: 2000017; rev:6;)

Added 2009-02-07 22:00:25 UTC

alert tcp $EXTERNAL_NET any -> $HOME_NET 139 (msg:"ET EXPLOIT NII Microsoft ASN.1 Library Buffer Overflow Exploit"; flow: to_server,established; content:"|A1 05 23 03 03 01 07|"; reference:url,www.microsoft.com/technet/security/bulletin/ms04-007.asp; classtype: bad-unknown; reference:url,doc.emergingthreats.net/bin/view/Main/2000017; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_NETBIOS_ASN1_Overflow; sid: 2000017; rev:6;)

Added 2009-02-07 22:00:25 UTC

alert tcp $EXTERNAL_NET any -> $HOME_NET 139 (msg:"ET EXPLOIT NII Microsoft ASN.1 Library Buffer Overflow Exploit"; flow: to_server,established; content:"|A1 05 23 03 03 01 07|"; reference:url,www.microsoft.com/technet/security/bulletin/ms04-007.asp; classtype: bad-unknown; sid: 2000017; rev:5;)

Added 2008-01-25 10:56:38 UTC

alert tcp $EXTERNAL_NET any -> $HOME_NET 139 (msg:"ET EXPLOIT NII Microsoft ASN.1 Library Buffer Overflow Exploit"; flow: to_server,established; content:"|A1 05 23 03 03 01 07|"; reference:url,www.microsoft.com/technet/security/bulletin/ms04-007.asp; classtype: bad-unknown; sid: 2000017; rev:5;)

Added 2008-01-25 10:56:38 UTC

alert tcp $EXTERNAL_NET any -> $HOME_NET 139 (msg: "BLEEDING-EDGE EXPLOIT NII Microsoft ASN.1 Library Buffer Overflow Exploit"; flow: to_server,established; content:"|A1 05 23 03 03 01 07|"; reference:url,www.microsoft.com/technet/security/bulletin/ms04-007.asp; classtype: bad-unknown; sid: 2000017; rev:4; )

Edit | Attach | Printable | Raw View | Backlinks: Web, All Webs | History: r1 | More topic actions
 
Emerging Threats
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback