ET EXPLOIT DOS Microsoft Windows SRV.SYS MAILSLOT
Sourceet/open
Fileemerging-exploit.rules
CreatedJuly 30, 2010
UpdatedMarch 6, 2024
Classificationattempted-dos
alert tcp $EXTERNAL_NET any -> $HOME_NET 445 (msg:"ET EXPLOIT DOS Microsoft Windows SRV.SYS MAILSLOT"; flow:established,to_server ; content:"|00|"; depth:1; content:"|FF|SMB%"; within:5; distance:3; byte_test:1,!&,128,6,relative ; pcre:"/^.{27}/sR"; content:"|03|"; distance:21; content:"|01 00 00 00 00 00|"; distance:1; within:6; byte_test:2,=,17,0,little,relative ; content:"|5C|MAILSLOT|5C|"; within:10; distance:2; reference:url,www.milw0rm.com/exploits/2057 ; reference:url,www.microsoft.com/technet/security/bulletin/MS06-035.mspx ; classtype:attempted-dos; sid:2003067; rev:6; metadata:created_at 2010_07_30, confidence Medium, signature_severity Major, updated_at 2024_03_06;)
References
Metadata
created at2010_07_30
confidenceMedium
signature severityMajor
updated at2024_03_06
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!