10 - MS03-039

Executive Summary

Informations
Name	MS03-039	First vendor Publication	N/A
Vendor	Microsoft	Last vendor Modification	N/A
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score	10	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Buffer Overrun In RPCSS Service Could Allow Code Execution (824146)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:1118

Oval ID:	oval:org.mitre.oval:def:1118
Title:	MS Windows RPC DCOM DoS-based Privilege Escalation Vulnerability (Test 2)
Description:	The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause a NULL pointer to be passed to the PerformScmStage function.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2003-0605	Version:	7
Platform(s):	Microsoft Windows 2000	Product(s):	Remote Procedure Call (RPC)
Definition Synopsis:
Windows 2000 (sp4 or earlier) is installed Windows 2000 is installed AND NOT Win2K/XP/2003 service pack 5 (or later) is installed AND the version of rpcrt4.dll is less than 5.0.2195.6802 AND NOT the patch kb824146 is installed (Hotfix key)

Definition Id: oval:org.mitre.oval:def:1202

Oval ID:	oval:org.mitre.oval:def:1202
Title:	Windows Server 2003 (64-bit) RPCSS DCOM Buffer Overflow (Blaster)
Description:	Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed DCERPC DCOM object activation request packet with modified length fields, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0528.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2003-0715	Version:	1
Platform(s):	Microsoft Windows Server 2003	Product(s):	Distributed Component Object Model (DCOM)
Definition Synopsis:
Software section Windows Server 2003 or Windows XP 64-Bit Edition Version 2003 Windows Server 2003 is installed OR Windows XP 64-bit Windows XP is installed AND 64-Bit version of Windows is installed AND the version of rpcrt4.dll is less than 5.2.3790.76 AND NOT the patch kb824146 is installed (Hotfix key) AND Configuration section DCOM is enabled

Definition Id: oval:org.mitre.oval:def:127

Oval ID:	oval:org.mitre.oval:def:127
Title:	RPCSS DCOM Buffer Overflow (Windows 2000)
Description:	Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed RPC request with a long filename parameter, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0715.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2003-0528	Version:	6
Platform(s):	Microsoft Windows 2000	Product(s):	Remote Procedure Call (RPC)
Definition Synopsis:
Software section Windows 2000 is installed AND the version of rpcrt4.dll is less than 5.0.2195.6802 AND NOT the patch kb824146 is installed (Hotfix key) AND Configuration section DCOM is enabled on systems with SP3 or later Win2K/XP/2003 service pack 3 (or later) is installed AND DCOM is enabled

Definition Id: oval:org.mitre.oval:def:1813

Oval ID:	oval:org.mitre.oval:def:1813
Title:	Windows XP (32-bit, SP1) RPCSS DCOM Buffer Overflow (Blaster)
Description:	Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed DCERPC DCOM object activation request packet with modified length fields, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0528.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2003-0715	Version:	4
Platform(s):	Microsoft Windows XP	Product(s):	Distributed Component Object Model (DCOM)
Definition Synopsis:
Software section Windows XP 32-bit SP1 is installed Windows XP 32-bit edition is installed Windows XP is installed AND 32-Bit version of Windows is installed AND Win2K/XP/2003 service pack 1 is installed AND the version of rpcrt4.dll is less than 5.1.2600.1254 AND NOT the patch kb824146 is installed (Hotfix key) AND Configuration section DCOM is enabled

Definition Id: oval:org.mitre.oval:def:20

Oval ID:	oval:org.mitre.oval:def:20
Title:	Suppressed OVAL20
Description:	Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed DCERPC DCOM object activation request packet with modified length fields, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0528.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2003-0715	Version:	2
Platform(s):	Microsoft Windows 2000	Product(s):	Distributed Component Object Model (DCOM)
Definition Synopsis:
Windows 2000 is installed AND the version of rpcss.dll is less than 5.0.2195.6810 AND NOT the patch kb824146 is installed (Hotfix key)

Definition Id: oval:org.mitre.oval:def:264

Oval ID:	oval:org.mitre.oval:def:264
Title:	Windows 2000 RPCSS DCOM Buffer Overflow (Blaster, Test 1)
Description:	Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed DCERPC DCOM object activation request packet with modified length fields, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0528.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2003-0715	Version:	6
Platform(s):	Microsoft Windows 2000	Product(s):
Definition Synopsis:
Software section Windows 2000 is installed AND the version of rpcrt4.dll is less than 5.0.2195.6802 AND NOT the patch kb824146 is installed (Hotfix key) AND Configuration section DCOM is enabled on systems with SP3 or later Win2K/XP/2003 service pack 3 (or later) is installed AND DCOM is enabled

Definition Id: oval:org.mitre.oval:def:2884

Oval ID:	oval:org.mitre.oval:def:2884
Title:	RPCSS DCOM Buffer Overflow (XP, SP1)
Description:	Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed RPC request with a long filename parameter, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0715.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2003-0528	Version:	4
Platform(s):	Microsoft Windows XP	Product(s):	Distributed Component Object Model (DCOM)
Definition Synopsis:
Software section Windows XP 32-bit SP1 is installed Windows XP 32-bit edition is installed Windows XP is installed AND 32-Bit version of Windows is installed AND Win2K/XP/2003 service pack 1 is installed AND the version of rpcrt4.dll is less than 5.1.2600.1254 AND NOT the patch kb824146 is installed (Hotfix key) AND Configuration section DCOM is enabled

Definition Id: oval:org.mitre.oval:def:2968

Oval ID:	oval:org.mitre.oval:def:2968
Title:	RPCSS DCOM Buffer Overflow (XP)
Description:	Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed RPC request with a long filename parameter, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0715.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2003-0528	Version:	1
Platform(s):	Microsoft Windows XP	Product(s):	Distributed Component Object Model (DCOM)
Definition Synopsis:
Software section Windows XP 32-bit edition is installed Windows XP is installed AND 32-Bit version of Windows is installed AND the version of rpcrt4.dll is less than 5.1.2600.109 AND NOT the patch kb824146 is installed (Hotfix key) AND Configuration section DCOM is enabled

Definition Id: oval:org.mitre.oval:def:3966

Oval ID:	oval:org.mitre.oval:def:3966
Title:	RPCSS DCOM Buffer Overflow (Server 2003)
Description:	Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed RPC request with a long filename parameter, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0715.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2003-0528	Version:	1
Platform(s):	Microsoft Windows Server 2003	Product(s):	Distributed Component Object Model (DCOM)
Definition Synopsis:
Software section Windows Server 2003 or Windows XP 64-Bit Edition Version 2003 Windows Server 2003 is installed OR Windows XP 64-bit Windows XP is installed AND 64-Bit version of Windows is installed AND the version of rpcrt4.dll is less than 5.2.3790.76 AND NOT the patch kb824146 is installed (Hotfix key) AND Configuration section DCOM is enabled

Definition Id: oval:org.mitre.oval:def:4224

Oval ID:	oval:org.mitre.oval:def:4224
Title:	Windows XP (32-bit) RPCSS DCOM Buffer Overflow (Blaster)
Description:	Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed DCERPC DCOM object activation request packet with modified length fields, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0528.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2003-0715	Version:	1
Platform(s):	Microsoft Windows XP	Product(s):	Distributed Component Object Model (DCOM)
Definition Synopsis:
Software section Windows XP 32-bit edition is installed Windows XP is installed AND 32-Bit version of Windows is installed AND the version of rpcrt4.dll is less than 5.1.2600.109 AND NOT the patch kb824146 is installed (Hotfix key) AND Configuration section DCOM is enabled

Definition Id: oval:org.mitre.oval:def:494

Oval ID:	oval:org.mitre.oval:def:494
Title:	MS Windows RPC DCOM DoS-based Privilege Escalation Vulnerability
Description:	The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause a NULL pointer to be passed to the PerformScmStage function.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2003-0605	Version:	6
Platform(s):	Microsoft Windows 2000	Product(s):	Remote Procedure Call (RPC)
Definition Synopsis:
Software section Windows 2000 is installed AND the version of rpcrt4.dll is less than 5.0.2195.6802 AND NOT the patch kb824146 is installed (Hotfix key) AND Configuration section DCOM is enabled on systems with SP3 or later Win2K/XP/2003 service pack 3 (or later) is installed AND DCOM is enabled

CPE : Common Platform Enumeration

Type	Description	Count
Os	Microsoft Windows 2000 cpe:2.3:o:microsoft:windows_2000:::::::: cpe:2.3:o:microsoft:windows_2000::sp3::::::* cpe:2.3:o:microsoft:windows_2000::sp2::::::* cpe:2.3:o:microsoft:windows_2000::sp1::::::* cpe:2.3:o:microsoft:windows_2000::sp4::::::*	5
Os	Microsoft Windows 2003 Server cpe:2.3:o:microsoft:windows_2003_server:web:::::::* cpe:2.3:o:microsoft:windows_2003_server:standard::64-bit::::: cpe:2.3:o:microsoft:windows_2003_server:r2::64-bit::::: cpe:2.3:o:microsoft:windows_2003_server:r2::datacenter_64-bit::::: cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:::::::* cpe:2.3:o:microsoft:windows_2003_server:enterprise::64-bit:::::	6
Os	Microsoft Windows Nt cpe:2.3:o:microsoft:windows_nt:4.0:sp1:::workstation::x86: cpe:2.3:o:microsoft:windows_nt:4.0:sp6:::workstation::x86: cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:enterprise_server:::::* cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:::server::x86: cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:::workstation::x86: cpe:2.3:o:microsoft:windows_nt:4.0:sp1:enterprise_server:::::* cpe:2.3:o:microsoft:windows_nt:4.0:sp1:::server::x86: cpe:2.3:o:microsoft:windows_nt:4.0:sp4:::workstation::x86: cpe:2.3:o:microsoft:windows_nt:4.0:sp5:enterprise_server:::::* cpe:2.3:o:microsoft:windows_nt:4.0:sp5:::server::x86: cpe:2.3:o:microsoft:windows_nt:4.0:sp5:::terminal_server::x86: cpe:2.3:o:microsoft:windows_nt:4.0::enterprise_server::::: cpe:2.3:o:microsoft:windows_nt:4.0:sp6:::server::x86: cpe:2.3:o:microsoft:windows_nt:4.0:sp3:::terminal_server::x86: cpe:2.3:o:microsoft:windows_nt:4.0:sp4:enterprise_server:::::* cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:::terminal_server::x86: cpe:2.3:o:microsoft:windows_nt:4.0:sp4:::terminal_server::x86: cpe:2.3:o:microsoft:windows_nt:4.0:sp5:::workstation::x86: cpe:2.3:o:microsoft:windows_nt:4.0:sp3:enterprise_server:::::* cpe:2.3:o:microsoft:windows_nt:4.0::terminal_server::::: cpe:2.3:o:microsoft:windows_nt:4.0::server::::: cpe:2.3:o:microsoft:windows_nt:4.0::workstation::::: cpe:2.3:o:microsoft:windows_nt:4.0:sp2:::server::x86: cpe:2.3:o:microsoft:windows_nt:4.0:sp1:::terminal_server::x86: cpe:2.3:o:microsoft:windows_nt:4.0:sp2:enterprise_server:::::* cpe:2.3:o:microsoft:windows_nt:4.0:sp3:::workstation::x86: cpe:2.3:o:microsoft:windows_nt:4.0:sp4:::server::x86: cpe:2.3:o:microsoft:windows_nt:4.0:sp6:enterprise_server:::::* cpe:2.3:o:microsoft:windows_nt:4.0:sp6:::terminal_server::x86: cpe:2.3:o:microsoft:windows_nt:4.0:sp2:::terminal_server::x86: cpe:2.3:o:microsoft:windows_nt:4.0:sp2:::workstation::x86: cpe:2.3:o:microsoft:windows_nt:4.0:sp3:::server::x86:	32
Os	Microsoft Windows Xp cpe:2.3:o:microsoft:windows_xp::sp1:64-bit::::: cpe:2.3:o:microsoft:windows_xp::sp1:home::::: cpe:2.3:o:microsoft:windows_xp:::home:::::* cpe:2.3:o:microsoft:windows_xp:::64-bit:::::* cpe:2.3:o:microsoft:windows_xp::gold:professional:::::	5

ExploitDB Exploits

id	Description
2003-10-09	MS Windows (RPC2) Universal Exploit & DoS (RPC3) (MS03-039)
2003-09-16	MS Windows (RPC DCOM) Long Filename Overflow Exploit (MS03-026)
2003-09-12	MS Windows (RPC DCOM) Scanner (MS03-039)

OpenVAS Exploits

Date	Description
2009-11-16	Name : Microsoft RPC Interface Buffer Overrun (KB824146) File : nvt/msrpc_dcom2.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
11797	Microsoft Windows DCOM RPCSS Service DCERPC Packet Overflow A remote overflow exists in Windows. The DCOM RPC interface fails to validate DCERPC object activation request packets resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.
11750	Microsoft Windows 2000 Message Queue Manager Queue Registration Request Overf... Microsoft Windows 2000 Message Queue Manager contains a flaw that may allow a remote denial of service. The issue is triggered when a specially crafted RPC packet queue registration request is processed by the Message Queue Manager, and will result in loss of availability for the RPC service.
11460	Microsoft Windows RPC DCOM Interface epmapper Pipe Hijack Local Privilege Esc... Windows contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a malformed message is sent to the DCOM __RemoteGetClassObject interface, causing the RPC service to crash. If the attacker has a local account, he can hijack the epmapper map and gain the privileges of the RPC service after the crash. This flaw may lead to a loss of integrity and/or availability.
2535	Microsoft Windows DCOM RPCSS Service Filename Parameter Overflow A remote overflow exists in Windows. The RPC DCOM interface fails to validate filename parameters resulting in a heap overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Snort® IPS/IDS

Date	Description
2014-01-10	DCERPC DIRECT ISystemActivator CoGetInstanceFromFile object call attempt RuleID : 9759 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP ISystemActivator CoGetInstanceFromFile little endian obje... RuleID : 9758 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP ISystemActivator CoGetInstanceFromFile little endian obje... RuleID : 9757 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP ISystemActivator CoGetInstanceFromFile object call attempt RuleID : 9756 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP ISystemActivator CoGetInstanceFromFile little endian object... RuleID : 9755 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP ISystemActivator CoGetInstanceFromFile object call attempt RuleID : 9754 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP ISystemActivator CoGetInstanceFromFile object call attempt RuleID : 9753 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC DIRECT ISystemActivator CoGetInstanceFromFile little endian object cal... RuleID : 9752 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC DIRECT ISystemActivator CoGetInstanceFromFile attempt RuleID : 9751 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP ISystemActivator CoGetInstanceFromFile little endian attempt RuleID : 9750 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP ISystemActivator CoGetInstanceFromFile little endian attempt RuleID : 9749 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP ISystemActivator CoGetInstanceFromFile attempt RuleID : 9748 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP ISystemActivator CoGetInstanceFromFile little endian attempt RuleID : 9747 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC DIRECT v4 ISystemActivator CoGetInstanceFromFile attempt RuleID : 9746 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP ISystemActivator CoGetInstanceFromFile attempt RuleID : 9745 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP v4 ISystemActivator CoGetInstanceFromFile little endian a... RuleID : 9744 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP v4 ISystemActivator CoGetInstanceFromFile little endian att... RuleID : 9743 - Revision : 5 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP v4 ISystemActivator CoGetInstanceFromFile little endian a... RuleID : 9742 - Revision : 5 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP v4 ISystemActivator CoGetInstanceFromFile attempt RuleID : 9741 - Revision : 5 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP ISystemActivator CoGetInstanceFromFile attempt RuleID : 9740 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC DIRECT v4 ISystemActivator CoGetInstanceFromFile little endian attempt RuleID : 9739 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC DIRECT ISystemActivator CoGetInstanceFromFile little endian attempt RuleID : 9738 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP v4 ISystemActivator CoGetInstanceFromFile attempt RuleID : 9737 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP v4 ISystemActivator CoGetInstanceFromFile attempt RuleID : 9736 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB ISystemActivator CoGetInstanceFromFile WriteAndX unicode andx object call... RuleID : 9735 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB ISystemActivator CoGetInstanceFromFile little endian andx object call att... RuleID : 9734 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS ISystemActivator CoGetInstanceFromFile unicode little endian andx attempt RuleID : 9733 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX little endian andx at... RuleID : 9732 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB ISystemActivator CoGetInstanceFromFile unicode little endian andx attempt RuleID : 9731 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB ISystemActivator CoGetInstanceFromFile WriteAndX unicode little endian an... RuleID : 9730 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB ISystemActivator CoGetInstanceFromFile WriteAndX little endian andx attempt RuleID : 9729 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS ISystemActivator CoGetInstanceFromFile andx attempt RuleID : 9728 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX unicode little endian... RuleID : 9727 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX andx attempt RuleID : 9726 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB ISystemActivator CoGetInstanceFromFile andx attempt RuleID : 9725 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB ISystemActivator CoGetInstanceFromFile unicode andx attempt RuleID : 9724 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB ISystemActivator CoGetInstanceFromFile WriteAndX andx attempt RuleID : 9723 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX unicode andx attempt RuleID : 9722 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS v4 ISystemActivator CoGetInstanceFromFile WriteAndX little endian andx... RuleID : 9721 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 ISystemActivator CoGetInstanceFromFile unicode little endian andx a... RuleID : 9720 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 ISystemActivator CoGetInstanceFromFile little endian andx attempt RuleID : 9719 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 ISystemActivator CoGetInstanceFromFile little endian andx attempt RuleID : 9718 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 ISystemActivator CoGetInstanceFromFile andx attempt RuleID : 9717 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 ISystemActivator CoGetInstanceFromFile unicode little endian andx attempt RuleID : 9716 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS v4 ISystemActivator CoGetInstanceFromFile unicode andx attempt RuleID : 9715 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 ISystemActivator CoGetInstanceFromFile WriteAndX unicode little end... RuleID : 9714 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 ISystemActivator CoGetInstanceFromFile unicode andx attempt RuleID : 9713 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 ISystemActivator CoGetInstanceFromFile WriteAndX unicode andx attempt RuleID : 9712 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 ISystemActivator CoGetInstanceFromFile WriteAndX andx attempt RuleID : 9711 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 ISystemActivator CoGetInstanceFromFile andx attempt RuleID : 9710 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB ISystemActivator CoGetInstanceFromFile little endian andx attempt RuleID : 9709 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB v4 ISystemActivator CoGetInstanceFromFile WriteAndX andx attempt RuleID : 9708 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB ISystemActivator CoGetInstanceFromFile WriteAndX unicode andx attempt RuleID : 9707 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX unicode little endian... RuleID : 9706 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS ISystemActivator CoGetInstanceFromFile andx object call attempt RuleID : 9705 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB ISystemActivator CoGetInstanceFromFile unicode andx object call attempt RuleID : 9704 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB-DS ISystemActivator CoGetInstanceFromFile unicode andx object call attempt RuleID : 9703 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB ISystemActivator CoGetInstanceFromFile WriteAndX andx object call attempt RuleID : 9702 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX unicode andx object c... RuleID : 9701 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB v4 ISystemActivator CoGetInstanceFromFile WriteAndX little endian andx at... RuleID : 9700 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS ISystemActivator CoGetInstanceFromFile little endian andx attempt RuleID : 9699 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS ISystemActivator CoGetInstanceFromFile unicode andx attempt RuleID : 9698 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB v4 ISystemActivator CoGetInstanceFromFile WriteAndX unicode little endian... RuleID : 9697 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 ISystemActivator CoGetInstanceFromFile WriteAndX unicode andx attempt RuleID : 9696 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX little endian andx ob... RuleID : 9695 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS ISystemActivator CoGetInstanceFromFile little endian andx object call ... RuleID : 9694 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB ISystemActivator CoGetInstanceFromFile unicode little endian andx object ... RuleID : 9693 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB ISystemActivator CoGetInstanceFromFile WriteAndX unicode little endian an... RuleID : 9692 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS ISystemActivator CoGetInstanceFromFile unicode little endian andx obje... RuleID : 9691 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB ISystemActivator CoGetInstanceFromFile andx object call attempt RuleID : 9690 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX andx object call attempt RuleID : 9689 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB ISystemActivator CoGetInstanceFromFile WriteAndX little endian andx objec... RuleID : 9688 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB ISystemActivator CoGetInstanceFromFile WriteAndX unicode object call attempt RuleID : 9687 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB ISystemActivator CoGetInstanceFromFile little endian object call attempt RuleID : 9686 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS ISystemActivator CoGetInstanceFromFile unicode little endian attempt RuleID : 9685 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX little endian attempt RuleID : 9684 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB ISystemActivator CoGetInstanceFromFile unicode little endian attempt RuleID : 9683 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB ISystemActivator CoGetInstanceFromFile WriteAndX unicode little endian at... RuleID : 9682 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB ISystemActivator CoGetInstanceFromFile WriteAndX little endian attempt RuleID : 9681 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS ISystemActivator CoGetInstanceFromFile attempt RuleID : 9680 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX unicode little endian... RuleID : 9679 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX attempt RuleID : 9678 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB ISystemActivator CoGetInstanceFromFile attempt RuleID : 9677 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB ISystemActivator CoGetInstanceFromFile unicode attempt RuleID : 9676 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB ISystemActivator CoGetInstanceFromFile WriteAndX attempt RuleID : 9675 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX unicode attempt RuleID : 9674 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP IActivation remoteactivation object call overflow attempt RuleID : 8699 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP IActivation remoteactivation object call overflow attempt RuleID : 8698 - Revision : 4 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP IActivation remoteactivation little endian object call ov... RuleID : 8697 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP IActivation remoteactivation little endian object call over... RuleID : 8696 - Revision : 4 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP v4 IActivation remoteactivation little endian overflow at... RuleID : 8695 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP IActivation remoteactivation overflow attempt RuleID : 8694 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP IActivation remoteactivation overflow attempt RuleID : 8693 - Revision : 4 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP v4 IActivation remoteactivation overflow attempt RuleID : 8692 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP v4 IActivation remoteactivation overflow attempt RuleID : 8691 - Revision : 4 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP IActivation remoteactivation little endian overflow attempt RuleID : 8690 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP IActivation remoteactivation little endian overflow attempt RuleID : 8689 - Revision : 4 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP v4 IActivation remoteactivation little endian overflow attempt RuleID : 8688 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB v4 IActivation remoteactivation WriteAndX unicode andx overflow attempt RuleID : 8687 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB-DS v4 IActivation remoteactivation WriteAndX unicode little endian andx o... RuleID : 8686 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 IActivation remoteactivation little endian andx overflow attempt RuleID : 8685 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 IActivation remoteactivation WriteAndX little endian andx overflow att... RuleID : 8684 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB-DS v4 IActivation remoteactivation WriteAndX little endian andx overflow ... RuleID : 8683 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation WriteAndX andx object call overflow attempt RuleID : 8682 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation andx object call overflow attempt RuleID : 8681 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation WriteAndX unicode andx object call overfl... RuleID : 8680 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation unicode andx object call overflow attempt RuleID : 8679 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation WriteAndX andx object call overflow attempt RuleID : 8678 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation WriteAndX unicode andx object call overflow ... RuleID : 8677 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation WriteAndX unicode little endian andx obje... RuleID : 8676 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation little endian andx object call overflow a... RuleID : 8675 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation unicode andx object call overflow attempt RuleID : 8674 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation andx object call overflow attempt RuleID : 8673 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation unicode little endian andx object call overf... RuleID : 8672 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation WriteAndX little endian andx object call ove... RuleID : 8671 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation WriteAndX little endian andx object call ... RuleID : 8670 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation unicode little endian andx object call ov... RuleID : 8669 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation WriteAndX unicode little endian andx object ... RuleID : 8668 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation little endian andx object call overflow attempt RuleID : 8667 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation WriteAndX andx overflow attempt RuleID : 8666 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation andx overflow attempt RuleID : 8665 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation WriteAndX unicode andx overflow attempt RuleID : 8664 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation unicode andx overflow attempt RuleID : 8663 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation WriteAndX andx overflow attempt RuleID : 8662 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation WriteAndX unicode andx overflow attempt RuleID : 8661 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation WriteAndX unicode little endian andx over... RuleID : 8660 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation little endian andx overflow attempt RuleID : 8659 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation unicode andx overflow attempt RuleID : 8658 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation andx overflow attempt RuleID : 8657 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB v4 IActivation remoteactivation little endian andx overflow attempt RuleID : 8656 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB v4 IActivation remoteactivation unicode andx overflow attempt RuleID : 8655 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB v4 IActivation remoteactivation WriteAndX andx overflow attempt RuleID : 8654 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB-DS v4 IActivation remoteactivation unicode little endian andx overflow at... RuleID : 8653 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 IActivation remoteactivation unicode little endian andx overflow attempt RuleID : 8652 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation WriteAndX little endian andx overflow attempt RuleID : 8651 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation WriteAndX little endian andx overflow att... RuleID : 8650 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation little endian andx overflow attempt RuleID : 8649 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB-DS v4 IActivation remoteactivation WriteAndX unicode andx overflow attempt RuleID : 8648 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 IActivation remoteactivation WriteAndX andx overflow attempt RuleID : 8647 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation unicode little endian andx overflow attempt RuleID : 8646 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB v4 IActivation remoteactivation WriteAndX unicode little endian andx over... RuleID : 8645 - Revision : 8 - Type : NETBIOS
2014-01-10	SMB v4 IActivation remoteactivation andx overflow attempt RuleID : 8644 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation WriteAndX unicode little endian andx overflo... RuleID : 8643 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB-DS v4 IActivation remoteactivation andx overflow attempt RuleID : 8642 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation unicode little endian andx overflow attempt RuleID : 8641 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB-DS v4 IActivation remoteactivation unicode andx overflow attempt RuleID : 8640 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 IActivation remoteactivation WriteAndX unicode overflow attempt RuleID : 8639 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB-DS v4 IActivation remoteactivation WriteAndX unicode little endian overfl... RuleID : 8638 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS v4 IActivation remoteactivation little endian overflow attempt RuleID : 8637 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB v4 IActivation remoteactivation WriteAndX little endian overflow attempt RuleID : 8636 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB-DS v4 IActivation remoteactivation WriteAndX little endian overflow attempt RuleID : 8635 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation WriteAndX object call overflow attempt RuleID : 8634 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation object call overflow attempt RuleID : 8633 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation WriteAndX unicode object call overflow at... RuleID : 8632 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation unicode object call overflow attempt RuleID : 8631 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation WriteAndX object call overflow attempt RuleID : 8630 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation WriteAndX unicode object call overflow attempt RuleID : 8629 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation WriteAndX unicode little endian object ca... RuleID : 8628 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation little endian object call overflow attempt RuleID : 8627 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation unicode object call overflow attempt RuleID : 8626 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation object call overflow attempt RuleID : 8625 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation unicode little endian object call overflow a... RuleID : 8624 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation WriteAndX little endian object call overflow... RuleID : 8623 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation WriteAndX little endian object call overf... RuleID : 8622 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation unicode little endian object call overflo... RuleID : 8621 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation WriteAndX unicode little endian object call ... RuleID : 8620 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation little endian object call overflow attempt RuleID : 8619 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation WriteAndX overflow attempt RuleID : 8618 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation overflow attempt RuleID : 8617 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation WriteAndX unicode overflow attempt RuleID : 8616 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation unicode overflow attempt RuleID : 8615 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation WriteAndX overflow attempt RuleID : 8614 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation WriteAndX unicode overflow attempt RuleID : 8613 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation WriteAndX unicode little endian overflow ... RuleID : 8612 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation little endian overflow attempt RuleID : 8611 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation unicode overflow attempt RuleID : 8610 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation overflow attempt RuleID : 8609 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB v4 IActivation remoteactivation little endian overflow attempt RuleID : 8608 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB-DS v4 ISystemActivator CoGetInstanceFromFile WriteAndX little endian attempt RuleID : 3440 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS v4 ISystemActivator CoGetInstanceFromFile unicode little endian attempt RuleID : 3439 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB v4 ISystemActivator CoGetInstanceFromFile little endian attempt RuleID : 3438 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS v4 ISystemActivator CoGetInstanceFromFile little endian attempt RuleID : 3437 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS v4 ISystemActivator CoGetInstanceFromFile attempt RuleID : 3436 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB v4 ISystemActivator CoGetInstanceFromFile unicode little endian attempt RuleID : 3435 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS v4 ISystemActivator CoGetInstanceFromFile unicode attempt RuleID : 3434 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS v4 ISystemActivator CoGetInstanceFromFile WriteAndX unicode little end... RuleID : 3433 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB v4 ISystemActivator CoGetInstanceFromFile unicode attempt RuleID : 3432 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB v4 ISystemActivator CoGetInstanceFromFile WriteAndX unicode attempt RuleID : 3431 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS v4 ISystemActivator CoGetInstanceFromFile WriteAndX attempt RuleID : 3430 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB v4 ISystemActivator CoGetInstanceFromFile attempt RuleID : 3429 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB ISystemActivator CoGetInstanceFromFile little endian attempt RuleID : 3428 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB v4 ISystemActivator CoGetInstanceFromFile WriteAndX attempt RuleID : 3427 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB ISystemActivator CoGetInstanceFromFile WriteAndX unicode attempt RuleID : 3426 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX unicode little endian... RuleID : 3425 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB v4 IActivation remoteactivation unicode overflow attempt RuleID : 3424 - Revision : 11 - Type : NETBIOS
2014-01-10	SMB v4 IActivation remoteactivation WriteAndX overflow attempt RuleID : 3423 - Revision : 10 - Type : NETBIOS
2014-01-10	SMB-DS v4 IActivation remoteactivation unicode little endian overflow attempt RuleID : 3422 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB v4 IActivation remoteactivation unicode little endian overflow attempt RuleID : 3421 - Revision : 11 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation WriteAndX little endian overflow attempt RuleID : 3420 - Revision : 11 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation WriteAndX little endian overflow attempt RuleID : 3419 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation little endian overflow attempt RuleID : 3418 - Revision : 11 - Type : NETBIOS
2014-01-10	SMB-DS v4 IActivation remoteactivation WriteAndX unicode overflow attempt RuleID : 3417 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS v4 IActivation remoteactivation WriteAndX overflow attempt RuleID : 3416 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS IActivation remoteactivation unicode little endian overflow attempt RuleID : 3415 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB v4 IActivation remoteactivation WriteAndX unicode little endian overflow ... RuleID : 3414 - Revision : 11 - Type : NETBIOS
2014-01-10	SMB v4 IActivation remoteactivation overflow attempt RuleID : 3413 - Revision : 11 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation WriteAndX unicode little endian overflow att... RuleID : 3412 - Revision : 11 - Type : NETBIOS
2014-01-10	SMB-DS v4 IActivation remoteactivation overflow attempt RuleID : 3411 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB IActivation remoteactivation unicode little endian overflow attempt RuleID : 3410 - Revision : 11 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP IActivation remoteactivation overflow attempt RuleID : 3409-community - Revision : 18 - Type : OS-WINDOWS
2014-01-10	DCERPC NCACN-IP-TCP IActivation remoteactivation overflow attempt RuleID : 3409 - Revision : 18 - Type : OS-WINDOWS
2014-01-10	DCERPC NCADG-IP-UDP ISystemActivator RemoteCreateInstance attempt RuleID : 3398-community - Revision : 17 - Type : OS-WINDOWS
2014-01-10	DCERPC NCADG-IP-UDP ISystemActivator RemoteCreateInstance attempt RuleID : 3398 - Revision : 17 - Type : OS-WINDOWS
2014-01-10	DCERPC NCACN-IP-TCP ISystemActivator RemoteCreateInstance attempt RuleID : 3397-community - Revision : 18 - Type : OS-WINDOWS
2014-01-10	DCERPC NCACN-IP-TCP ISystemActivator RemoteCreateInstance attempt RuleID : 3397 - Revision : 18 - Type : OS-WINDOWS
2014-01-10	SMB-DS ISystemActivator CoGetInstanceFromFile object call attempt RuleID : 3191 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB ISystemActivator CoGetInstanceFromFile unicode object call attempt RuleID : 3190 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB-DS ISystemActivator CoGetInstanceFromFile unicode object call attempt RuleID : 3189 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB ISystemActivator CoGetInstanceFromFile WriteAndX object call attempt RuleID : 3188 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX unicode object call a... RuleID : 3187 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB v4 ISystemActivator CoGetInstanceFromFile WriteAndX little endian attempt RuleID : 3186 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS ISystemActivator CoGetInstanceFromFile little endian attempt RuleID : 3185 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB-DS ISystemActivator CoGetInstanceFromFile unicode attempt RuleID : 3184 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB v4 ISystemActivator CoGetInstanceFromFile WriteAndX unicode little endian... RuleID : 3183 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS v4 ISystemActivator CoGetInstanceFromFile WriteAndX unicode attempt RuleID : 3182 - Revision : 7 - Type : NETBIOS
2014-01-10	SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX little endian object ... RuleID : 3181 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB-DS ISystemActivator CoGetInstanceFromFile little endian object call attempt RuleID : 3180 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB ISystemActivator CoGetInstanceFromFile unicode little endian object call ... RuleID : 3179 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB ISystemActivator CoGetInstanceFromFile WriteAndX unicode little endian ob... RuleID : 3178 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB-DS ISystemActivator CoGetInstanceFromFile unicode little endian object ca... RuleID : 3177 - Revision : 9 - Type : NETBIOS
2014-01-10	SMB ISystemActivator CoGetInstanceFromFile object call attempt RuleID : 3176 - Revision : 9 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP ISystemActivator CoGetInstanceFromFile attempt RuleID : 3159-community - Revision : 17 - Type : OS-WINDOWS
2014-01-10	DCERPC NCADG-IP-UDP ISystemActivator CoGetInstanceFromFile attempt RuleID : 3159 - Revision : 17 - Type : OS-WINDOWS
2014-01-10	DCERPC NCACN-IP-TCP ISystemActivator CoGetInstanceFromFile attempt RuleID : 3158-community - Revision : 17 - Type : OS-WINDOWS
2014-01-10	DCERPC NCACN-IP-TCP ISystemActivator CoGetInstanceFromFile attempt RuleID : 3158 - Revision : 17 - Type : OS-WINDOWS
2014-01-10	Microsoft Windows SMB-DS DCERPC Remote Activation bind attempt RuleID : 2252-community - Revision : 22 - Type : OS-WINDOWS
2014-01-10	Microsoft Windows SMB-DS DCERPC Remote Activation bind attempt RuleID : 2252 - Revision : 22 - Type : OS-WINDOWS
2014-01-10	DCERPC Remote Activation bind attempt RuleID : 2251 - Revision : 18 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP rpcss2_RemoteGetClassObject attempt RuleID : 18267 - Revision : 8 - Type : OS-WINDOWS
2014-01-10	DCERPC NCADG-IP-UDP rpcss2_RemoteGetClassObject attempt RuleID : 18266 - Revision : 6 - Type : OS-WINDOWS
2014-01-10	DCERPC rpcss2 _RemoteGetClassObject attempt RuleID : 17112 - Revision : 6 - Type : OS-WINDOWS
2014-01-10	x86 PoC CVE-2003-0605 RuleID : 15903 - Revision : 7 - Type : INDICATOR-SHELLCODE
2014-01-10	DCERPC NCADG-IP-UDP rpcss2_RemoteGetClassObject attempt RuleID : 15513 - Revision : 9 - Type : OS-WINDOWS
2014-01-10	DCERPC NCACN-IP-TCP rpcss2_RemoteGetClassObject attempt RuleID : 15512 - Revision : 11 - Type : OS-WINDOWS
2014-01-10	DCERPC NCACN-IP-TCP rpcss _RemoteGetClassObject object call attempt RuleID : 11174 - Revision : 4 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP rpcss _RemoteGetClassObject little endian object call att... RuleID : 11173 - Revision : 4 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP v4 rpcss _RemoteGetClassObject little endian attempt RuleID : 11172 - Revision : 4 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP rpcss _RemoteGetClassObject attempt RuleID : 11171 - Revision : 4 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP v4 rpcss _RemoteGetClassObject attempt RuleID : 11170 - Revision : 4 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP rpcss _RemoteGetClassObject little endian attempt RuleID : 11169 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS rpcss _RemoteGetClassObject unicode andx object call attempt RuleID : 11168 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS rpcss _RemoteGetClassObject WriteAndX unicode little endian andx objec... RuleID : 11167 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject unicode little endian andx object call attempt RuleID : 11166 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS rpcss _RemoteGetClassObject WriteAndX little endian andx object call a... RuleID : 11165 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject little endian andx object call attempt RuleID : 11164 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject WriteAndX unicode little endian andx object c... RuleID : 11163 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject unicode andx object call attempt RuleID : 11162 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS rpcss _RemoteGetClassObject WriteAndX andx object call attempt RuleID : 11161 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject andx object call attempt RuleID : 11160 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject WriteAndX andx object call attempt RuleID : 11159 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS rpcss _RemoteGetClassObject WriteAndX unicode andx object call attempt RuleID : 11158 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS rpcss _RemoteGetClassObject unicode little endian andx object call att... RuleID : 11157 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS rpcss _RemoteGetClassObject little endian andx object call attempt RuleID : 11156 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject WriteAndX unicode andx object call attempt RuleID : 11155 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject WriteAndX little endian andx object call attempt RuleID : 11154 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS rpcss _RemoteGetClassObject andx object call attempt RuleID : 11153 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject unicode little endian andx attempt RuleID : 11152 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS rpcss _RemoteGetClassObject WriteAndX little endian andx attempt RuleID : 11151 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject little endian andx attempt RuleID : 11150 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject WriteAndX unicode little endian andx attempt RuleID : 11149 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject unicode andx attempt RuleID : 11148 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS rpcss _RemoteGetClassObject WriteAndX andx attempt RuleID : 11147 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject andx attempt RuleID : 11146 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS v4 rpcss _RemoteGetClassObject WriteAndX little endian andx attempt RuleID : 11145 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB v4 rpcss _RemoteGetClassObject WriteAndX little endian andx attempt RuleID : 11144 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject WriteAndX andx attempt RuleID : 11143 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS rpcss _RemoteGetClassObject WriteAndX unicode andx attempt RuleID : 11142 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB v4 rpcss _RemoteGetClassObject WriteAndX unicode little endian andx attempt RuleID : 11141 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB v4 rpcss _RemoteGetClassObject little endian andx attempt RuleID : 11140 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB v4 rpcss _RemoteGetClassObject unicode little endian andx attempt RuleID : 11139 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS v4 rpcss _RemoteGetClassObject WriteAndX unicode little endian andx at... RuleID : 11138 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS rpcss _RemoteGetClassObject unicode little endian andx attempt RuleID : 11137 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS rpcss _RemoteGetClassObject little endian andx attempt RuleID : 11136 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject WriteAndX unicode andx attempt RuleID : 11135 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject WriteAndX little endian andx attempt RuleID : 11134 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS rpcss _RemoteGetClassObject andx attempt RuleID : 11133 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS v4 rpcss _RemoteGetClassObject WriteAndX unicode andx attempt RuleID : 11132 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB v4 rpcss _RemoteGetClassObject unicode andx attempt RuleID : 11131 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS v4 rpcss _RemoteGetClassObject WriteAndX andx attempt RuleID : 11130 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB v4 rpcss _RemoteGetClassObject andx attempt RuleID : 11129 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB v4 rpcss _RemoteGetClassObject WriteAndX unicode andx attempt RuleID : 11128 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS v4 rpcss _RemoteGetClassObject little endian andx attempt RuleID : 11127 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS v4 rpcss _RemoteGetClassObject andx attempt RuleID : 11126 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS v4 rpcss _RemoteGetClassObject unicode andx attempt RuleID : 11125 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB v4 rpcss _RemoteGetClassObject WriteAndX andx attempt RuleID : 11124 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS rpcss _RemoteGetClassObject unicode andx attempt RuleID : 11123 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS v4 rpcss _RemoteGetClassObject unicode little endian andx attempt RuleID : 11122 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS rpcss _RemoteGetClassObject WriteAndX unicode little endian andx attempt RuleID : 11121 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS rpcss _RemoteGetClassObject unicode object call attempt RuleID : 11120 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS rpcss _RemoteGetClassObject WriteAndX unicode little endian object cal... RuleID : 11119 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject unicode little endian object call attempt RuleID : 11118 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS rpcss _RemoteGetClassObject WriteAndX little endian object call attempt RuleID : 11117 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject little endian object call attempt RuleID : 11116 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject WriteAndX unicode little endian object call a... RuleID : 11115 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject unicode object call attempt RuleID : 11114 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS rpcss _RemoteGetClassObject WriteAndX object call attempt RuleID : 11113 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject object call attempt RuleID : 11112 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject WriteAndX object call attempt RuleID : 11111 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS rpcss _RemoteGetClassObject WriteAndX unicode object call attempt RuleID : 11110 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS rpcss _RemoteGetClassObject unicode little endian object call attempt RuleID : 11109 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS rpcss _RemoteGetClassObject little endian object call attempt RuleID : 11108 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject WriteAndX unicode object call attempt RuleID : 11107 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject WriteAndX little endian object call attempt RuleID : 11106 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS rpcss _RemoteGetClassObject object call attempt RuleID : 11105 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject unicode little endian attempt RuleID : 11104 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS rpcss _RemoteGetClassObject WriteAndX little endian attempt RuleID : 11103 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject little endian attempt RuleID : 11102 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject WriteAndX unicode little endian attempt RuleID : 11101 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject unicode attempt RuleID : 11100 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS rpcss _RemoteGetClassObject WriteAndX attempt RuleID : 11099 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject attempt RuleID : 11098 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS v4 rpcss _RemoteGetClassObject WriteAndX little endian attempt RuleID : 11097 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB v4 rpcss _RemoteGetClassObject WriteAndX little endian attempt RuleID : 11096 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject WriteAndX attempt RuleID : 11095 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS rpcss _RemoteGetClassObject WriteAndX unicode attempt RuleID : 11094 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB v4 rpcss _RemoteGetClassObject WriteAndX unicode little endian attempt RuleID : 11093 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB v4 rpcss _RemoteGetClassObject little endian attempt RuleID : 11092 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB v4 rpcss _RemoteGetClassObject unicode little endian attempt RuleID : 11091 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS v4 rpcss _RemoteGetClassObject WriteAndX unicode little endian attempt RuleID : 11090 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS rpcss _RemoteGetClassObject unicode little endian attempt RuleID : 11089 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS rpcss _RemoteGetClassObject little endian attempt RuleID : 11088 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject WriteAndX unicode attempt RuleID : 11087 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB rpcss _RemoteGetClassObject WriteAndX little endian attempt RuleID : 11086 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS rpcss _RemoteGetClassObject attempt RuleID : 11085 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS v4 rpcss _RemoteGetClassObject WriteAndX unicode attempt RuleID : 11084 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB v4 rpcss _RemoteGetClassObject unicode attempt RuleID : 11083 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS v4 rpcss _RemoteGetClassObject WriteAndX attempt RuleID : 11082 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB v4 rpcss _RemoteGetClassObject attempt RuleID : 11081 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB v4 rpcss _RemoteGetClassObject WriteAndX unicode attempt RuleID : 11080 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS v4 rpcss _RemoteGetClassObject little endian attempt RuleID : 11079 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS v4 rpcss _RemoteGetClassObject attempt RuleID : 11078 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS v4 rpcss _RemoteGetClassObject unicode attempt RuleID : 11077 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB v4 rpcss _RemoteGetClassObject WriteAndX attempt RuleID : 11076 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS rpcss _RemoteGetClassObject unicode attempt RuleID : 11075 - Revision : 4 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP rpcss _RemoteGetClassObject attempt RuleID : 11074 - Revision : 10 - Type : OS-WINDOWS
2014-01-10	DCERPC NCACN-IP-TCP rpcss _RemoteGetClassObject attempt RuleID : 11073 - Revision : 12 - Type : OS-WINDOWS

Nessus® Vulnerability Scanner

Date	Description
2003-09-17	Name : The remote host has evidence of being compromised by a widely known exploit. File : smb_login_as_e.nasl - Type : ACT_GATHER_INFO
2003-09-10	Name : Arbitrary code can be executed on the remote host. File : msrpc_dcom2.nasl - Type : ACT_GATHER_INFO
2003-08-11	Name : The remote host is infected by a virus. File : smb_msblast.nasl - Type : ACT_GATHER_INFO
2003-07-22	Name : The remote Windows host has a denial of service vulnerability that may lead t... File : dcom_rpc_dos.nasl - Type : ACT_KILL_HOST
2003-07-17	Name : Arbitrary code can be executed on the remote host. File : smb_nt_ms03-026.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-02-17 11:44:54	Multiple Updates
2014-01-19 21:29:49	Multiple Updates

Global Informations

Type	Count
Oval ID(s)	11
CPE ID(s)	48
osvdb(s)	4
ExploitDB Exploit(s)	3
Openvas Exploit(s)	1
Snort® Rule(s)	346
Nessus® Exploit(s)	5

	Related
10	CVE-2003-0715
10	CVE-2003-0528
7.5	CVE-2003-0995
7.5	CVE-2003-0605
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 4 more Alert(s)

10 - MS03-039

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

OVAL Definitions

CPE : Common Platform Enumeration

ExploitDB Exploits

OpenVAS Exploits

Open Source Vulnerability Database (OSVDB)

Snort® IPS/IDS

Nessus® Vulnerability Scanner

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU