7.5 - CVE-2003-0533

Executive Summary

Informations
Name	CVE-2003-0533	First vendor Publication	2004-06-01
Vendor	Cve	Last vendor Modification	2018-10-12

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score	7.5	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0533

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:883

Oval ID:	oval:org.mitre.oval:def:883
Title:	Windows 2000 LSASS Buffer Overflow (Sasser Worm Vulnerability)
Description:	Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2003-0533	Version:	1
Platform(s):	Microsoft Windows 2000	Product(s):	Local Security Authority Subsystem Service (LSASS)
Definition Synopsis:
Windows 2000 is installed AND the version of lsasrv.dll is less than 5.0.2195.6902 AND NOT the patch kb835732 is installed

Definition Id: oval:org.mitre.oval:def:898

Oval ID:	oval:org.mitre.oval:def:898
Title:	Windows XP LSASS Buffer Overflow (Sasser Worm Vulnerability)
Description:	Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2003-0533	Version:	9
Platform(s):	Microsoft Windows XP	Product(s):
Definition Synopsis:
a vulnerable version of lsasrv.dll exists depending on service pack level no service pack is installed and lsasrv.dll is less than 5.1.2600.134 Microsoft Windows XP (32-bit) is installed AND NOT Win2K/XP/2003 is patched AND the version of lsasrv.dll is less than 5.1.2600.134 OR service pack 1 is installed and lsasrv.dll is less than 5.1.2600.1361 Microsoft Windows XP SP1 (32-bit) is installed AND the version of lsasrv.dll is less than 5.1.2600.1361 AND NOT the patch kb835732 is installed

Definition Id: oval:org.mitre.oval:def:919

Oval ID:	oval:org.mitre.oval:def:919
Title:	Windows Server 2003 LSASS Buffer Overflow (Sasser Worm Vulnerability
Description:	Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2003-0533	Version:	3
Platform(s):	Microsoft Windows Server 2003	Product(s):
Definition Synopsis:
Microsoft Windows Server 2003 is installed AND the version of lsasrv.dll is less than 5.2.3790.134 AND NOT the patch kb835732 is installed

CPE : Common Platform Enumeration

Type	Description	Count
Application	Microsoft Netmeeting cpe:2.3:a:microsoft:netmeeting::::::::	1
Os	Microsoft Windows 2000 cpe:2.3:o:microsoft:windows_2000::sp2::::::* cpe:2.3:o:microsoft:windows_2000::sp4::fr::::	2
Os	Microsoft Windows 2003 Server cpe:2.3:o:microsoft:windows_2003_server:r2:::::::*	1
Os	Microsoft Windows 98 cpe:2.3:o:microsoft:windows_98::gold::::::*	1
Os	Microsoft Windows Me cpe:2.3:o:microsoft:windows_me::::::::	1
Os	Microsoft Windows Nt cpe:2.3:o:microsoft:windows_nt:4.0:sp6a::::::	1
Os	Microsoft Windows Xp cpe:2.3:o:microsoft:windows_xp::sp1:tablet_pc:::::	1

SAINT Exploits

Description	Link
Windows LSASS buffer overflow	More info here

ExploitDB Exploits

id	Description
2004-04-18	Microsoft Windows 2000/NT 4 Local Descriptor Table Local Privilege Escalation...
2010-07-03	Microsoft LSASS Service DsRolerUpgradeDownlevelServer Overflow
2010-09-20	Microsoft Private Communications Transport Overflow
2004-04-14	MS Windows IIS SSL Remote Denial of Service Exploit (MS04-011)

OpenVAS Exploits

Date	Description
2009-03-15	Name : MS04-011 security check File : nvt/remote-MS04-011.nasl
2005-11-03	Name : Dabber worm detection File : nvt/dabber_worm.nasl
2005-11-03	Name : Korgo worm detection File : nvt/korgo.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
5248	Microsoft Windows LSASS Remote Overflow A remote overflow exists in Windows. The LSA (Local Security Authority) Service fails to validate some input received on the LSARPC named pipe over TCP ports 139 and 445 resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Snort® IPS/IDS

Date	Description
2014-01-10	korgo attempt RuleID : 9420 - Revision : 13 - Type : MALWARE-OTHER
2014-01-10	sasser attempt RuleID : 9419 - Revision : 10 - Type : MALWARE-OTHER
2014-01-10	DCERPC NCACN-HTTP lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 5315 - Revision : 5 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 5314 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC DIRECT lsass DsRolerUpgradeDownlevelServer little endian overflow attempt RuleID : 5313 - Revision : 5 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 5312 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP lsass DsRolerUpgradeDownlevelServer little endian overflo... RuleID : 5311 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP lsass DsRolerUpgradeDownlevelServer little endian overflow ... RuleID : 5310 - Revision : 5 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP lsass DsRolerUpgradeDownlevelServer little endian overflo... RuleID : 5309 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC DIRECT lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 5308 - Revision : 5 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP v4 lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 5307 - Revision : 5 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP v4 lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 5306 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC DIRECT v4 lsass DsRolerUpgradeDownlevelServer little endian overflow a... RuleID : 5305 - Revision : 5 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP v4 lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 5304 - Revision : 5 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP v4 lsass DsRolerUpgradeDownlevelServer little endian over... RuleID : 5303 - Revision : 5 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP v4 lsass DsRolerUpgradeDownlevelServer little endian overfl... RuleID : 5302 - Revision : 5 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP v4 lsass DsRolerUpgradeDownlevelServer little endian over... RuleID : 5301 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC DIRECT v4 lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 5300 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX little endian andx overf... RuleID : 5299 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian an... RuleID : 5298 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer unicode little endian andx overflo... RuleID : 5297 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer little endian andx overflow attempt RuleID : 5296 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX little endian andx ov... RuleID : 5295 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsass DsRolerUpgradeDownlevelServer little endian andx overflow att... RuleID : 5294 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsass DsRolerUpgradeDownlevelServer unicode little endian andx over... RuleID : 5293 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer unicode little endian andx overflo... RuleID : 5292 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer little endian andx overflow attempt RuleID : 5291 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX little endian andx overf... RuleID : 5290 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian... RuleID : 5289 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode andx overflow at... RuleID : 5288 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer andx overflow attempt RuleID : 5287 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer unicode andx overflow attempt RuleID : 5286 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode andx overflow at... RuleID : 5285 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX andx overflow attempt RuleID : 5284 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsass DsRolerUpgradeDownlevelServer unicode andx overflow attempt RuleID : 5283 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsass DsRolerUpgradeDownlevelServer andx overflow attempt RuleID : 5282 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer andx overflow attempt RuleID : 5281 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode andx overflow... RuleID : 5280 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer WriteAndX andx overflow attempt RuleID : 5279 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsass DsRolerUpgradeDownlevelServer WriteAndX andx overflow attempt RuleID : 5278 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode andx overflow attempt RuleID : 5277 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer unicode little endian andx overflow a... RuleID : 5276 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS lsass DsRolerUpgradeDownlevelServer unicode andx overflow attempt RuleID : 5275 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian an... RuleID : 5274 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX andx overflow attempt RuleID : 5273 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer andx overflow attempt RuleID : 5272 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer WriteAndX andx overflow attempt RuleID : 5271 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS lsass DsRolerUpgradeDownlevelServer WriteAndX unicode andx overflow at... RuleID : 5270 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer little endian andx overflow attempt RuleID : 5269 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsass DsRolerUpgradeDownlevelServer WriteAndX little endian andx overf... RuleID : 5268 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS lsass DsRolerUpgradeDownlevelServer unicode little endian andx overflo... RuleID : 5267 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer unicode andx overflow attempt RuleID : 5266 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer unicode andx overflow attempt RuleID : 5265 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer little endian andx overflow attempt RuleID : 5264 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer unicode andx overflow attempt RuleID : 5263 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer WriteAndX little endian andx overflow... RuleID : 5262 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer WriteAndX little endian andx overflow... RuleID : 5261 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer unicode little endian andx overflow a... RuleID : 5260 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian andx ... RuleID : 5259 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsass DsRolerUpgradeDownlevelServer little endian andx overflow attempt RuleID : 5258 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer andx overflow attempt RuleID : 5257 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX andx overflow attempt RuleID : 5256 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode andx overflow attempt RuleID : 5255 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian andx ... RuleID : 5254 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian an... RuleID : 5253 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS lsass DsRolerUpgradeDownlevelServer andx overflow attempt RuleID : 5252 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX little endian overflow a... RuleID : 5251 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian ov... RuleID : 5250 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer unicode little endian overflow att... RuleID : 5249 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer little endian overflow attempt RuleID : 5248 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX little endian overflo... RuleID : 5247 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsass DsRolerUpgradeDownlevelServer little endian overflow attempt RuleID : 5246 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsass DsRolerUpgradeDownlevelServer unicode little endian overflow ... RuleID : 5245 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer unicode little endian overflow att... RuleID : 5244 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer little endian overflow attempt RuleID : 5243 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX little endian overflow a... RuleID : 5242 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian... RuleID : 5241 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode overflow attempt RuleID : 5240 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 5239 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer unicode overflow attempt RuleID : 5238 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode overflow attempt RuleID : 5237 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX overflow attempt RuleID : 5236 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsass DsRolerUpgradeDownlevelServer unicode overflow attempt RuleID : 5235 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 5234 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 5233 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode overflow attempt RuleID : 5232 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer WriteAndX overflow attempt RuleID : 5231 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsass DsRolerUpgradeDownlevelServer WriteAndX overflow attempt RuleID : 5230 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode overflow attempt RuleID : 5229 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer unicode little endian overflow attempt RuleID : 5228 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS lsass DsRolerUpgradeDownlevelServer unicode overflow attempt RuleID : 5227 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian ov... RuleID : 5226 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX overflow attempt RuleID : 5225 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 5224 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer WriteAndX overflow attempt RuleID : 5223 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS lsass DsRolerUpgradeDownlevelServer WriteAndX unicode overflow attempt RuleID : 5222 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer little endian overflow attempt RuleID : 5221 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsass DsRolerUpgradeDownlevelServer WriteAndX little endian overflow a... RuleID : 5220 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS lsass DsRolerUpgradeDownlevelServer unicode little endian overflow att... RuleID : 5219 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer unicode overflow attempt RuleID : 5218 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer unicode overflow attempt RuleID : 5217 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer little endian overflow attempt RuleID : 5216 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer unicode overflow attempt RuleID : 5215 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer WriteAndX little endian overflow attempt RuleID : 5214 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer WriteAndX little endian overflow attempt RuleID : 5213 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer unicode little endian overflow attempt RuleID : 5212 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian overf... RuleID : 5211 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsass DsRolerUpgradeDownlevelServer little endian overflow attempt RuleID : 5210 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 5209 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX overflow attempt RuleID : 5208 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode overflow attempt RuleID : 5207 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	DCERPC NCADG-IP-UDP lsass DsRolerGetPrimaryDomainInformation little endian at... RuleID : 5206 - Revision : 5 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP lsass DsRolerGetPrimaryDomainInformation little endian attempt RuleID : 5205 - Revision : 5 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP lsass DsRolerGetPrimaryDomainInformation little endian at... RuleID : 5204 - Revision : 5 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP lsass DsRolerGetPrimaryDomainInformation attempt RuleID : 5203 - Revision : 5 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP lsass DsRolerGetPrimaryDomainInformation attempt RuleID : 5202 - Revision : 5 - Type : NETBIOS
2014-01-10	DCERPC DIRECT lsass DsRolerGetPrimaryDomainInformation little endian attempt RuleID : 5201 - Revision : 5 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP lsass DsRolerGetPrimaryDomainInformation attempt RuleID : 5200 - Revision : 5 - Type : NETBIOS
2014-01-10	DCERPC DIRECT lsass DsRolerGetPrimaryDomainInformation attempt RuleID : 5199 - Revision : 5 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP v4 lsass DsRolerGetPrimaryDomainInformation little endian... RuleID : 5198 - Revision : 5 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP v4 lsass DsRolerGetPrimaryDomainInformation little endian a... RuleID : 5197 - Revision : 5 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP v4 lsass DsRolerGetPrimaryDomainInformation little endian... RuleID : 5196 - Revision : 5 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP v4 lsass DsRolerGetPrimaryDomainInformation attempt RuleID : 5195 - Revision : 5 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP v4 lsass DsRolerGetPrimaryDomainInformation attempt RuleID : 5194 - Revision : 5 - Type : NETBIOS
2014-01-10	DCERPC DIRECT v4 lsass DsRolerGetPrimaryDomainInformation little endian attempt RuleID : 5193 - Revision : 5 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP v4 lsass DsRolerGetPrimaryDomainInformation attempt RuleID : 5192 - Revision : 5 - Type : NETBIOS
2014-01-10	DCERPC DIRECT v4 lsass DsRolerGetPrimaryDomainInformation attempt RuleID : 5191 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little e... RuleID : 5190 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endi... RuleID : 5189 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode little endian andx at... RuleID : 5188 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode little endian andx at... RuleID : 5187 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian an... RuleID : 5186 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian andx ... RuleID : 5185 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation little endian andx attempt RuleID : 5184 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode andx attempt RuleID : 5183 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode andx attempt RuleID : 5182 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX andx attempt RuleID : 5181 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX andx attempt RuleID : 5180 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode andx attempt RuleID : 5179 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode andx attempt RuleID : 5178 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX andx attempt RuleID : 5177 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation andx attempt RuleID : 5176 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation little endian andx attempt RuleID : 5175 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation unicode little endian andx... RuleID : 5174 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation andx attempt RuleID : 5173 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation andx attempt RuleID : 5172 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endi... RuleID : 5171 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode andx attempt RuleID : 5170 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endian ... RuleID : 5169 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode andx attempt RuleID : 5168 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerGetPrimaryDomainInformation unicode little endian andx attempt RuleID : 5167 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode andx attempt RuleID : 5166 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB lsass DsRolerGetPrimaryDomainInformation unicode andx attempt RuleID : 5165 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX andx attempt RuleID : 5164 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS lsass DsRolerGetPrimaryDomainInformation unicode andx attempt RuleID : 5163 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerGetPrimaryDomainInformation little endian andx attempt RuleID : 5162 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX andx attempt RuleID : 5161 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode andx att... RuleID : 5160 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian andx ... RuleID : 5159 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsass DsRolerGetPrimaryDomainInformation unicode little endian andx at... RuleID : 5158 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation unicode andx attempt RuleID : 5157 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerGetPrimaryDomainInformation andx attempt RuleID : 5156 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB lsass DsRolerGetPrimaryDomainInformation little endian andx attempt RuleID : 5155 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endi... RuleID : 5154 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX andx attempt RuleID : 5153 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsass DsRolerGetPrimaryDomainInformation andx attempt RuleID : 5152 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerGetPrimaryDomainInformation unicode andx attempt RuleID : 5151 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian andx att... RuleID : 5150 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB lsass DsRolerGetPrimaryDomainInformation unicode little endian andx attempt RuleID : 5149 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endian ... RuleID : 5148 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsass DsRolerGetPrimaryDomainInformation little endian andx attempt RuleID : 5147 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation little endian andx attempt RuleID : 5146 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian andx ... RuleID : 5145 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian andx att... RuleID : 5144 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerGetPrimaryDomainInformation andx attempt RuleID : 5143 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little e... RuleID : 5142 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endi... RuleID : 5141 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode little endian attempt RuleID : 5140 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode little endian attempt RuleID : 5139 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian at... RuleID : 5138 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian attempt RuleID : 5137 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation little endian attempt RuleID : 5136 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode attempt RuleID : 5135 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode attempt RuleID : 5134 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX attempt RuleID : 5133 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX attempt RuleID : 5132 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode attempt RuleID : 5131 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode attempt RuleID : 5130 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX attempt RuleID : 5129 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation attempt RuleID : 5128 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation little endian attempt RuleID : 5127 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation unicode little endian attempt RuleID : 5126 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation attempt RuleID : 5125 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation attempt RuleID : 5124 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endi... RuleID : 5123 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode attempt RuleID : 5122 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endian ... RuleID : 5121 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode attempt RuleID : 5120 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerGetPrimaryDomainInformation unicode little endian attempt RuleID : 5119 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode attempt RuleID : 5118 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB lsass DsRolerGetPrimaryDomainInformation unicode attempt RuleID : 5117 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX attempt RuleID : 5116 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS lsass DsRolerGetPrimaryDomainInformation unicode attempt RuleID : 5115 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerGetPrimaryDomainInformation little endian attempt RuleID : 5114 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX attempt RuleID : 5113 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode attempt RuleID : 5112 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian attempt RuleID : 5111 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsass DsRolerGetPrimaryDomainInformation unicode little endian attempt RuleID : 5110 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation unicode attempt RuleID : 5109 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerGetPrimaryDomainInformation attempt RuleID : 5108 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB lsass DsRolerGetPrimaryDomainInformation little endian attempt RuleID : 5107 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endi... RuleID : 5106 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX attempt RuleID : 5105 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsass DsRolerGetPrimaryDomainInformation attempt RuleID : 5104 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB lsass DsRolerGetPrimaryDomainInformation unicode attempt RuleID : 5103 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian attempt RuleID : 5102 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB lsass DsRolerGetPrimaryDomainInformation unicode little endian attempt RuleID : 5101 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endian ... RuleID : 5100 - Revision : 5 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsass DsRolerGetPrimaryDomainInformation little endian attempt RuleID : 5099 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 lsass DsRolerGetPrimaryDomainInformation little endian attempt RuleID : 5098 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian attempt RuleID : 5097 - Revision : 5 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP lsass DsRolerGetPrimaryDomainInformation attempt RuleID : 5096 - Revision : 11 - Type : OS-WINDOWS
2014-01-10	DCERPC NCACN-IP-TCP lsass DsRolerGetPrimaryDomainInformation attempt RuleID : 5095 - Revision : 12 - Type : OS-WINDOWS
2014-01-10	PCT Client_Hello overflow attempt RuleID : 3511 - Revision : 23 - Type : SMTP
2014-01-10	Microsoft Windows SSLv3 invalid data version attempt RuleID : 3486 - Revision : 11 - Type : OS-WINDOWS
2016-03-14	Microsoft emf file download request RuleID : 33740-community - Revision : 2 - Type : FILE-IMAGE
2015-04-10	Microsoft emf file download request RuleID : 33740 - Revision : 2 - Type : FILE-IMAGE
2014-01-10	TLS1 Client_Hello with pad via SSLv2 handshake request RuleID : 3060 - Revision : 4 - Type : WEB-MISC
2014-01-10	SSLv3 invalid Client_Hello attempt RuleID : 2544 - Revision : 13 - Type : SMTP
2014-01-10	TLS SSLv3 invalid data version attempt RuleID : 2541 - Revision : 13 - Type : SMTP
2014-01-10	SSLv3 invalid Client_Hello attempt RuleID : 2540 - Revision : 4 - Type : SMTP
2014-01-10	SSLv3 Server_Hello request RuleID : 2539 - Revision : 4 - Type : SMTP
2014-01-10	SSLv3 Client_Hello request RuleID : 2538 - Revision : 4 - Type : SMTP
2014-01-10	SSLv3 invalid Client_Hello attempt RuleID : 2537 - Revision : 12 - Type : POP3
2014-01-10	SSLv3 invalid Client_Hello attempt RuleID : 2534 - Revision : 9 - Type : POP3
2014-01-10	SSLv3 invalid Client_Hello attempt RuleID : 2531 - Revision : 13 - Type : IMAP
2014-01-10	PCT Client_Hello overflow attempt RuleID : 2528 - Revision : 25 - Type : SMTP
2014-01-10	SSLv3 invalid Client_Hello attempt RuleID : 2522 - Revision : 18 - Type : WEB-MISC
2014-01-10	Client_Hello overflow attempt RuleID : 2519 - Revision : 4 - Type : SMTP
2014-01-10	PCT Client_Hello overflow attempt RuleID : 2518 - Revision : 24 - Type : POP3
2014-01-10	PCT Client_Hello overflow attempt RuleID : 2517 - Revision : 25 - Type : IMAP
2014-01-10	PCT Client_Hello overflow attempt RuleID : 2516 - Revision : 15 - Type : POP3
2014-01-10	PCT Client_Hello overflow attempt RuleID : 2515 - Revision : 27 - Type : OS-WINDOWS
2014-01-10	SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian overf... RuleID : 2514 - Revision : 14 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 2511-community - Revision : 22 - Type : OS-WINDOWS
2014-01-10	DCERPC NCADG-IP-UDP lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 2511 - Revision : 22 - Type : OS-WINDOWS
2014-01-10	DCERPC NCACN-IP-TCP lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 2508-community - Revision : 24 - Type : OS-WINDOWS
2014-01-10	DCERPC NCACN-IP-TCP lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 2508 - Revision : 24 - Type : OS-WINDOWS
2014-01-10	SSLv3 invalid timestamp attempt RuleID : 2506 - Revision : 12 - Type : WEB-MISC
2014-01-10	SSLv3 invalid data version attempt RuleID : 2505 - Revision : 11 - Type : WEB-MISC
2014-01-10	SSLv3 invalid data version attempt RuleID : 2504 - Revision : 16 - Type : SMTP
2014-01-10	SSLv3 invalid timestamp attempt RuleID : 2503 - Revision : 12 - Type : SMTP
2014-01-10	SSLv3 invalid data version attempt RuleID : 2502 - Revision : 17 - Type : POP3
2014-01-10	SSLv3 invalid timestamp attempt RuleID : 2501 - Revision : 13 - Type : POP3
2014-01-10	SSLv3 invalid data version attempt RuleID : 2500 - Revision : 8 - Type : POP3
2014-01-10	LDAP SSLv3 invalid timestamp attempt RuleID : 2499 - Revision : 11 - Type : MISC
2014-01-10	SSLv3 invalid timestamp attempt RuleID : 2498 - Revision : 11 - Type : IMAP
2014-01-10	SSLv3 invalid data version attempt RuleID : 2497 - Revision : 17 - Type : IMAP
2014-01-10	PCT Client_Hello overflow attempt RuleID : 24401 - Revision : 3 - Type : OS-WINDOWS
2014-01-10	Microsoft emf file download request RuleID : 2435-community - Revision : 33 - Type : FILE-IDENTIFY
2014-01-10	Microsoft emf file download request RuleID : 2435 - Revision : 33 - Type : FILE-IDENTIFY

Nessus® Vulnerability Scanner

Date	Description
2004-06-10	Name : The remote host has been compromised. File : dabber_worm.nasl - Type : ACT_GATHER_INFO
2004-05-26	Name : The remote host is probably infected with the Korgo worm. File : korgo.nasl - Type : ACT_GATHER_INFO
2004-05-01	Name : The remote host is infected by a virus. File : sasser_virus.nasl - Type : ACT_GATHER_INFO
2004-04-15	Name : Arbitrary code can be executed on the remote host due to a flaw in the LSASS ... File : smb_kb835732.nasl - Type : ACT_GATHER_INFO
2004-04-13	Name : Arbitrary code can be executed on the remote host. File : ms_kb835732_ssl.nasl - Type : ACT_GATHER_INFO
2004-04-13	Name : Arbitrary code can be executed on the remote host. File : smb_nt_ms04-011.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source	Url
BID	http://www.securityfocus.com/bid/10108
BUGTRAQ	http://marc.info/?l=bugtraq&m=108325860431471&w=2
CERT	http://www.us-cert.gov/cas/techalerts/TA04-104A.html
CERT-VN	http://www.kb.cert.org/vuls/id/753212
CIAC	http://www.ciac.org/ciac/bulletins/o-114.shtml
EEYE	http://www.eeye.com/html/Research/Advisories/AD20040413C.html
FULLDISC	http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/020069.html
MS	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04...
OVAL	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova... https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova... https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
XF	https://exchange.xforce.ibmcloud.com/vulnerabilities/15699

Alert History

If you want to see full details history, please login or register.

Date	Informations
2021-05-04 12:02:04	Multiple Updates
2021-04-22 01:02:11	Multiple Updates
2020-05-23 13:16:44	Multiple Updates
2020-05-23 00:15:26	Multiple Updates
2018-10-13 00:22:27	Multiple Updates
2017-10-11 09:23:17	Multiple Updates
2017-07-11 12:01:17	Multiple Updates
2016-10-18 12:01:12	Multiple Updates
2016-04-26 12:34:56	Multiple Updates
2014-02-17 10:26:21	Multiple Updates
2014-01-19 21:21:58	Multiple Updates
2013-05-11 11:51:41	Multiple Updates

Global Informations

Type	Count
Oval ID(s)	3
CPE ID(s)	8
Sources(s)	12
Saint Exploit(s)	1
osvdb(s)	1
ExploitDB Exploit(s)	4
Openvas Exploit(s)	3
Snort® Rule(s)	261
Nessus® Exploit(s)	6

	Related
7.6	MS04-011
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 1 more Alert(s)