ET NETBIOS PolarisOffice Insecure Library Loading - SMB ASCII

7.0.35.0SID: 2025790Rev: 2Enabled3 views
Sourceet/open
Fileemerging-netbios.rules
CreatedJuly 6, 2018
UpdatedSeptember 9, 2021
Classificationattempted-user
alert tcp $HOME_NET [445,139] -> any any (msg:"ET NETBIOS PolarisOffice Insecure Library Loading - SMB ASCII"; flow:from_server; content:"SMB"; offset:4; depth:5; byte_test:1,!&,0x80,7,relative; content:"puiframeworkproresenu|2E|dll"; nocase; distance:0; fast_pattern; reference:cve,2018-12589; reference:url,exploit-db.com/exploits/44985; classtype:attempted-user; sid:2025790; rev:2; metadata:attack_target Client_Endpoint, created_at 2018_07_06, cve CVE_2018_12589, deployment Perimeter, signature_severity Informational, updated_at 2021_09_09;)

Metadata

attack targetClient_Endpoint
created at2018_07_06
deploymentPerimeter
signature severityInformational
updated at2021_09_09

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!