GPL NETBIOS DCERPC LSASS DsRolerUpgradeDownlevelServer Exploit attempt

7.0.35.0SID: 2102508Rev: 10Disabled3 views
Sourceet/open
Fileemerging-netbios.rules
CreatedSeptember 23, 2010
UpdatedMarch 14, 2024
Classificationattempted-admin
alert tcp $EXTERNAL_NET any -> $HOME_NET 135 (msg:"GPL NETBIOS DCERPC LSASS DsRolerUpgradeDownlevelServer Exploit attempt"; flow:established,to_server; flowbits:isset,netbios.lsass.bind.attempt; content:"|05|"; content:"|00|"; within:1; distance:1; content:"|09 00|"; within:2; distance:19; reference:bugtraq,10108; reference:cve,2003-0533; reference:url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx; classtype:attempted-admin; sid:2102508; rev:10; metadata:created_at 2010_09_23, signature_severity Informational, updated_at 2024_03_14;)

Metadata

created at2010_09_23
signature severityInformational
updated at2024_03_14

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!