GPL NETBIOS DCERPC LSASS DsRolerUpgradeDownlevelServer Exploit attempt
Sourceet/open
Fileemerging-netbios.rules
CreatedSeptember 23, 2010
UpdatedJuly 26, 2019
Classificationattempted-admin
alert tcp $EXTERNAL_NET any -> $HOME_NET 135 (msg:"GPL NETBIOS DCERPC LSASS DsRolerUpgradeDownlevelServer Exploit attempt"; flow:to_server,established ; content:"|05|"; content:"|00|"; within:1; distance:1; content:"|09 00|"; within:2; distance:19; flowbits:isset,netbios.lsass.bind.attempt ; reference:bugtraq,10108 ; reference:cve,2003-0533 ; reference:url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx ; classtype:attempted-admin; sid:2102508; rev:8; metadata:created_at 2010_09_23, signature_severity Informational, updated_at 2019_07_26;)
References
Metadata
created at2010_09_23
signature severityInformational
updated at2019_07_26
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!