alert tcp $HOME_NET [445,139] -> any any (msg:"ET NETBIOS PolarisOffice? Insecure Library Loading - SMB ASCII"; flow:from_server; content:"SMB"; offset:4; depth:5; byte_test:1,!&,0x80,7,relative; content:"puiframeworkproresenu|2E|dll"; nocase; distance:0; fast_pattern; reference:cve,2018-12589; reference:url,exploit-db.com/exploits/44985; classtype:attempted-user; sid:2025790; rev:2; metadata:attack_target Client_Endpoint, created_at 2018_07_06, deployment Perimeter, former_category NETBIOS, updated_at 2021_09_09;)

Added 2021-09-09 17:40:24 UTC


alert tcp $HOME_NET [445,139] -> any any (msg:"ET NETBIOS PolarisOffice? Insecure Library Loading - SMB ASCII"; flow:from_server; content:"SMB"; offset:4; depth:5; byte_test:1,!&,0x80,7,relative; content:"puiframeworkproresenu|2E|dll"; nocase; distance:0; fast_pattern; reference:url, exploit-db.com/exploits/44985/; reference:cve,2018-12589; classtype:attempted-user; sid:2025790; rev:1; metadata:attack_target Client_Endpoint, created_at 2018_07_06, deployment Perimeter, former_category NETBIOS, updated_at 2018_07_18;)

Added 2020-08-05 19:14:53 UTC


alert tcp $HOME_NET [445,139] -> any any (msg:"ET NETBIOS PolarisOffice? Insecure Library Loading - SMB ASCII"; flow:from_server; content:"SMB"; offset:4; depth:5; byte_test:1,!&,0x80,7,relative; content:"puiframeworkproresenu|2E|dll"; nocase; distance:0; fast_pattern; reference:url, exploit-db.com/exploits/44985/; metadata: former_category NETBIOS; reference:cve,2018-12589; classtype:attempted-user; sid:2025790; rev:1; metadata:attack_target Client_Endpoint, deployment Perimeter, created_at 2018_07_06, updated_at 2018_07_18;)

Added 2018-09-13 19:54:52 UTC


Added 2018-09-13 18:02:16 UTC


alert tcp $HOME_NET [445,139] -> any any (msg:"ET NETBIOS PolarisOffice? Insecure Library Loading - SMB ASCII"; flow:from_server; content:"SMB"; offset:4; depth:5; byte_test:1,!&,0x80,7,relative; content:"puiframeworkproresenu|2E|dll"; nocase; distance:0; fast_pattern; reference:url, exploit-db.com/exploits/44985/; metadata: former_category NETBIOS; reference:cve,2018-12589; classtype:attempted-user; sid:2025790; rev:1; metadata:attack_target Client_Endpoint, deployment Perimeter, created_at 2018_07_06, updated_at 2018_07_18;)

Added 2018-07-18 17:37:10 UTC


Topic revision: r1 - 2021-09-09 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats