GPL NETBIOS DCERPC LSASS DsRolerUpgradeDownlevelServer Exploit attempt
Sourceet/open
Fileemerging-netbios.rules
CreatedSeptember 23, 2010
UpdatedMarch 14, 2024
Classificationattempted-admin
alert tcp $EXTERNAL_NET any -> $HOME_NET 135 (msg:"GPL NETBIOS DCERPC LSASS DsRolerUpgradeDownlevelServer Exploit attempt"; flow:established,to_server ; flowbits:isset,netbios.lsass.bind.attempt ; content:"|05|"; content:"|00|"; within:1; distance:1; content:"|09 00|"; within:2; distance:19; reference:bugtraq,10108 ; reference:cve,2003-0533 ; reference:url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx ; classtype:attempted-admin; sid:2102508; rev:10; metadata:created_at 2010_09_23, signature_severity Informational, updated_at 2024_03_14;)
References
Metadata
created at2010_09_23
signature severityInformational
updated at2024_03_14
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!