Executive Summary
Informations | |||
---|---|---|---|
Name | MS04-011 | First vendor Publication | N/A |
Vendor | Microsoft | Last vendor Modification | N/A |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:H/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.6 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | High |
Cvss Expoit Score | 4.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Security Update for Microsoft Windows (835732) |
CAPEC : Common Attack Pattern Enumeration & Classification
Id | Name |
---|---|
CAPEC-41 | Using Meta-characters in E-mail Headers to Inject Malicious Payloads |
CAPEC-88 | OS Command Injection |
CAPEC-133 | Try All Common Application Switches and Options |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
33 % | CWE-476 | NULL Pointer Dereference |
33 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
33 % | CWE-88 | Argument Injection or Modification |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:1000 | |||
Oval ID: | oval:org.mitre.oval:def:1000 | ||
Title: | Windows XP Help Center Command Insertion Vulnerability | ||
Description: | Help and Support Center in Microsoft Windows XP SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code via quotation marks in an hcp:// URL, which are not quoted when constructing the argument list to HelpCtr.exe. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2003-0907 | Version: | 8 |
Platform(s): | Microsoft Windows XP | Product(s): | Help and Support Center (HSC) |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1004 | |||
Oval ID: | oval:org.mitre.oval:def:1004 | ||
Title: | WinXP Management Vulnerability | ||
Description: | Windows XP allows local users to execute arbitrary programs by creating a task at an elevated privilege level through the eventtriggers.exe command-line tool or the Task Scheduler service, aka "Windows Management Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2003-0909 | Version: | 9 |
Platform(s): | Microsoft Windows XP | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1007 | |||
Oval ID: | oval:org.mitre.oval:def:1007 | ||
Title: | Windows XP ASN.1 Library Double-free Memory Corruption Vulnerability | ||
Description: | Double free vulnerability in the ASN.1 library as used in Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service and possibly execute arbitrary code. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0123 | Version: | 7 |
Platform(s): | Microsoft Windows XP | Product(s): | Microsoft ASN.1 Library |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1016 | |||
Oval ID: | oval:org.mitre.oval:def:1016 | ||
Title: | Win2k Domain Controller LSASS Denial of Service | ||
Description: | Unknown vulnerability in the Local Security Authority Subsystem Service (LSASS) in Windows 2000 domain controllers allows remote attackers to cause a denial of service via a crafted LDAP message. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2003-0663 | Version: | 2 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Lightweight Directory Access Protocol (LDAP) |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1046 | |||
Oval ID: | oval:org.mitre.oval:def:1046 | ||
Title: | Windows Utility Manager Shatter Message Vulnerability | ||
Description: | The Utility Manager in Microsoft Windows 2000 executes winhlp32.exe with system privileges, which allows local users to execute arbitrary code via a "Shatter" style attack using a Windows message that accesses the context sensitive help button in the GUI, as demonstrated using the File Open dialog in the Help window, a different vulnerability than CVE-2004-0213. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2003-0908 | Version: | 1 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Utility Manager |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:1054 | |||
Oval ID: | oval:org.mitre.oval:def:1054 | ||
Title: | Windows XP winlogon Remote Buffer Overflow | ||
Description: | Buffer overflow in the Windows logon process (winlogon) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1, when a member of a domain, allows remote attackers to execute arbitrary code. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2003-0806 | Version: | 7 |
Platform(s): | Microsoft Windows XP | Product(s): | Windows logon process (winlogon) |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1064 | |||
Oval ID: | oval:org.mitre.oval:def:1064 | ||
Title: | Windows XP WMF/EMF Buffer Overflow | ||
Description: | Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers to execute arbitrary code via a malformed WMF or EMF image. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2003-0906 | Version: | 7 |
Platform(s): | Microsoft Windows XP | Product(s): | Enhanced Metafile (EMF) Windows Metafile (WMF) |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1076 | |||
Oval ID: | oval:org.mitre.oval:def:1076 | ||
Title: | Windows NT/2000 ASN.1 Library Double-free Memory Corruption Vulnerability | ||
Description: | Double free vulnerability in the ASN.1 library as used in Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service and possibly execute arbitrary code. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0123 | Version: | 2 |
Platform(s): | Microsoft Windows NT Microsoft Windows 2000 | Product(s): | Microsoft ASN.1 Library |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:1093 | |||
Oval ID: | oval:org.mitre.oval:def:1093 | ||
Title: | Windows Server 2003 SSL PCT Handshake Vulnerability | ||
Description: | Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2003-0719 | Version: | 2 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | Private Communications Transport (PCT) |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1512 | |||
Oval ID: | oval:org.mitre.oval:def:1512 | ||
Title: | Windows Virtual DOS Machine Local Privilege Escalation Vulnerability (Test 1) | ||
Description: | The component for the Virtual DOS Machine (VDM) subsystem in Windows NT 4.0 and Windows 2000 does not properly validate system structures, which allows local users to access protected kernel memory and execute arbitrary code. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0118 | Version: | 3 |
Platform(s): | Microsoft Windows NT Microsoft Windows 2000 | Product(s): | VDM |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:1718 | |||
Oval ID: | oval:org.mitre.oval:def:1718 | ||
Title: | Windows Virtual DOS Machine Local Privilege Escalation Vulnerability (Test 2) | ||
Description: | The component for the Virtual DOS Machine (VDM) subsystem in Windows NT 4.0 and Windows 2000 does not properly validate system structures, which allows local users to access protected kernel memory and execute arbitrary code. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0118 | Version: | 1 |
Platform(s): | Microsoft Windows NT | Product(s): | VDM |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1808 | |||
Oval ID: | oval:org.mitre.oval:def:1808 | ||
Title: | Windows 2000 Negotiate Security Software Provider Denial of Service Vulnerability | ||
Description: | The Negotiate Security Software Provider (SSP) interface in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service (crash from null dereference) or execute arbitrary code via a crafted SPNEGO NegTokenInit request during authentication protocol selection. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0119 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Negotiate SSP interface |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1962 | |||
Oval ID: | oval:org.mitre.oval:def:1962 | ||
Title: | Windows Server 2003 Negotiate Security Software Provider Denial of Service Vulnerability | ||
Description: | The Negotiate Security Software Provider (SSP) interface in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service (crash from null dereference) or execute arbitrary code via a crafted SPNEGO NegTokenInit request during authentication protocol selection. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0119 | Version: | 3 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | Negotiate Security Software Provider |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1997 | |||
Oval ID: | oval:org.mitre.oval:def:1997 | ||
Title: | Windows XP Negotiate Security Software Provider Denial of Service Vulnerability | ||
Description: | The Negotiate Security Software Provider (SSP) interface in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service (crash from null dereference) or execute arbitrary code via a crafted SPNEGO NegTokenInit request during authentication protocol selection. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0119 | Version: | 9 |
Platform(s): | Microsoft Windows XP | Product(s): | Negotiate SSP interface |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:883 | |||
Oval ID: | oval:org.mitre.oval:def:883 | ||
Title: | Windows 2000 LSASS Buffer Overflow (Sasser Worm Vulnerability) | ||
Description: | Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2003-0533 | Version: | 1 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Local Security Authority Subsystem Service (LSASS) |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:885 | |||
Oval ID: | oval:org.mitre.oval:def:885 | ||
Title: | Windows Server 2003 SSL Library Denial of Service | ||
Description: | The Microsoft Secure Sockets Layer (SSL) library, as used in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service via malformed SSL messages. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0120 | Version: | 4 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:886 | |||
Oval ID: | oval:org.mitre.oval:def:886 | ||
Title: | Windows XP SSL Library Denial of Service | ||
Description: | The Microsoft Secure Sockets Layer (SSL) library, as used in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service via malformed SSL messages. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0120 | Version: | 10 |
Platform(s): | Microsoft Windows XP | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:889 | |||
Oval ID: | oval:org.mitre.oval:def:889 | ||
Title: | Windows XP SSL PCT Handshake Vulnerability | ||
Description: | Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2003-0719 | Version: | 8 |
Platform(s): | Microsoft Windows XP | Product(s): | Private Communications Transport (PCT) |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:890 | |||
Oval ID: | oval:org.mitre.oval:def:890 | ||
Title: | Windows 2000 Local Descriptor Table Kernel Access Vulnerability | ||
Description: | The NtSetLdtEntries function in the programming interface for the Local Descriptor Table (LDT) in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points to protected memory. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2003-0910 | Version: | 1 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Local Descriptor Table (LDT) |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:892 | |||
Oval ID: | oval:org.mitre.oval:def:892 | ||
Title: | Windows 2000 SSL Library Denial of Service | ||
Description: | The Microsoft Secure Sockets Layer (SSL) library, as used in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service via malformed SSL messages. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0120 | Version: | 2 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Secure Sockets Layer (SSL) |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:895 | |||
Oval ID: | oval:org.mitre.oval:def:895 | ||
Title: | Windows NT winlogon Remote Buffer Overflow | ||
Description: | Buffer overflow in the Windows logon process (winlogon) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1, when a member of a domain, allows remote attackers to execute arbitrary code. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2003-0806 | Version: | 2 |
Platform(s): | Microsoft Windows NT | Product(s): | Windows logon process (winlogon) |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:896 | |||
Oval ID: | oval:org.mitre.oval:def:896 | ||
Title: | Windows 2000 winlogon Remote Buffer Overflow | ||
Description: | Buffer overflow in the Windows logon process (winlogon) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1, when a member of a domain, allows remote attackers to execute arbitrary code. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2003-0806 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Windows logon process (winlogon) |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:897 | |||
Oval ID: | oval:org.mitre.oval:def:897 | ||
Title: | Windows NT WMF/EMF Buffer Overflow | ||
Description: | Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers to execute arbitrary code via a malformed WMF or EMF image. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2003-0906 | Version: | 2 |
Platform(s): | Microsoft Windows NT | Product(s): | Enhanced Metafile (EMF) Windows Metafile (WMF) |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:898 | |||
Oval ID: | oval:org.mitre.oval:def:898 | ||
Title: | Windows XP LSASS Buffer Overflow (Sasser Worm Vulnerability) | ||
Description: | Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2003-0533 | Version: | 9 |
Platform(s): | Microsoft Windows XP | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:903 | |||
Oval ID: | oval:org.mitre.oval:def:903 | ||
Title: | Windows NT SSL PCT Handshake Vulnerability | ||
Description: | Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2003-0719 | Version: | 3 |
Platform(s): | Microsoft Windows NT | Product(s): | Private Communications Transport (PCT) |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:904 | |||
Oval ID: | oval:org.mitre.oval:def:904 | ||
Title: | Windows Server 2003 Help Center Command Insertion Vulnerability | ||
Description: | Help and Support Center in Microsoft Windows XP SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code via quotation marks in an hcp:// URL, which are not quoted when constructing the argument list to HelpCtr.exe. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2003-0907 | Version: | 2 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | Help and Support Center (HSC) |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:907 | |||
Oval ID: | oval:org.mitre.oval:def:907 | ||
Title: | Windows 2000 H.323 Protocol Remote Code Execution Vulnerability | ||
Description: | Unknown vulnerability in the H.323 protocol implementation in Windows 98, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0117 | Version: | 1 |
Platform(s): | Microsoft Windows 2000 | Product(s): | H.323 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:911 | |||
Oval ID: | oval:org.mitre.oval:def:911 | ||
Title: | Windows NT Local Descriptor Table Kernel Access Vulnerability | ||
Description: | The NtSetLdtEntries function in the programming interface for the Local Descriptor Table (LDT) in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points to protected memory. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2003-0910 | Version: | 2 |
Platform(s): | Microsoft Windows NT | Product(s): | Local Descriptor Table (LDT) |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:919 | |||
Oval ID: | oval:org.mitre.oval:def:919 | ||
Title: | Windows Server 2003 LSASS Buffer Overflow (Sasser Worm Vulnerability | ||
Description: | Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2003-0533 | Version: | 3 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:924 | |||
Oval ID: | oval:org.mitre.oval:def:924 | ||
Title: | Windows Server 2003 ASN.1 Library Double-free Memory Corruption Vulnerability | ||
Description: | Double free vulnerability in the ASN.1 library as used in Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service and possibly execute arbitrary code. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0123 | Version: | 1 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | Microsoft ASN.1 Library |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:946 | |||
Oval ID: | oval:org.mitre.oval:def:946 | ||
Title: | Windows Server 2003 H.323 Protocol Remote Code Execution Vulnerability | ||
Description: | Unknown vulnerability in the H.323 protocol implementation in Windows 98, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0117 | Version: | 3 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:951 | |||
Oval ID: | oval:org.mitre.oval:def:951 | ||
Title: | Windows 2000 SSL PCT Handshake Vulnerability | ||
Description: | Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2003-0719 | Version: | 2 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Private Communications Transport (PCT) |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:959 | |||
Oval ID: | oval:org.mitre.oval:def:959 | ||
Title: | Windows 2000 WMF/EMF Buffer Overflow | ||
Description: | Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers to execute arbitrary code via a malformed WMF or EMF image. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2003-0906 | Version: | 1 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Enhanced Metafile (EMF) Windows Metafile (WMF) |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:964 | |||
Oval ID: | oval:org.mitre.oval:def:964 | ||
Title: | Windows XP H.323 Protocol Remote Code Execution Vulnerability | ||
Description: | Unknown vulnerability in the H.323 protocol implementation in Windows 98, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0117 | Version: | 6 |
Platform(s): | Microsoft Windows XP | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 2 | |
Os | 5 | |
Os | 1 | |
Os | 1 | |
Os | 1 | |
Os | 1 | |
Os | 2 | |
Os | 1 | |
Os | 3 |
SAINT Exploits
Description | Link |
---|---|
Windows LSASS buffer overflow | More info here |
Microsoft SSL library PCT buffer overflow | More info here |
ExploitDB Exploits
id | Description |
---|---|
2004-04-18 | Microsoft Windows 2000/NT 4 Local Descriptor Table Local Privilege Escalation... |
2010-07-03 | Microsoft LSASS Service DsRolerUpgradeDownlevelServer Overflow |
2010-09-20 | Microsoft Private Communications Transport Overflow |
2004-04-14 | MS Windows IIS SSL Remote Denial of Service Exploit (MS04-011) |
OpenVAS Exploits
Date | Description |
---|---|
2009-03-15 | Name : MS04-011 security check File : nvt/remote-MS04-011.nasl |
2005-11-03 | Name : Dabber worm detection File : nvt/dabber_worm.nasl |
2005-11-03 | Name : Korgo worm detection File : nvt/korgo.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
5261 | Microsoft Windows ASN.1 Double Free Code Execution Microsoft's ASN.1 implementation contains a flaw that may allow a malicious user to cause denial-of-service conditions or possibly execute arbitrary code. The issue is triggered when a specially crafted authentication request is sent to the ASN.1 parser, causing it to free memory that has already been freed. It is possible that the flaw may allow memory corruption, denial of service, or the execution of arbitrary code, resulting in a loss of confidentiality, integrity, and/or availability. |
5260 | Microsoft Windows SSL Library Malformed Message Remote DoS Windows contains a flaw that may allow a remote denial of service. The issue is triggered when a malformed SSL packet is processed by the Microsoft SSL Library, and will result in loss of availability for the platform. |
5259 | Microsoft Windows Negotiate SSP Code Execution A remote overflow exists in Windows. The Negotiate Security Software Provider interface fails to validate NegTokenInit requests resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity. |
5258 | Microsoft Windows Virtual DOS Machine Privilege Escalation Windows contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when an attacker causes code to run in Virtual86 mode without first initializing a Virtual DOS Machine, which may allow the attacker to derefernce a null pointer and execute arbitrary code in kernel space. This flaw may lead to a loss of integrity. |
5257 | Microsoft Windows Local Descriptor Table Privilege Escalation Windows contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when the NtSetLdtEntries API function fails to validate user-supplied input, which can then be passed to kernel code which also fails to validate the input. This flaw may allow an attacker to execute arbitrary code in kernel space, and lead to a loss of integrity. |
5256 | Microsoft Windows Unspecified H.323 Code Execution Windows contains a flaw related to the handling of malformed H.323 requests in NetMeeting that may allow a remote attacker to execute arbitrary code. No further details have been provided. |
5255 | Microsoft Windows Management Privilege Escalation Windows contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when an attacker is able to create a task which will execute with System privileges. This flaw may lead to a loss of integrity. |
5254 | Microsoft Windows Utility Manager Privilege Escalation Windows contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when Utility Manager is launched, and does not release System privileges. An attacker may be able to cause Utility Manager to launch an application under System privileges, leading to a loss of integrity. |
5253 | Microsoft Windows Help and Support Center Command Execution Windows contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to Help and Support Center not properly sanitizing user input supplied as part of the HCP:// URL variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script. |
5252 | Microsoft Windows Metafile Code Execution A remote overflow exists in Windows. The GDI32.dll PlayMetaFileRecord() API fails to validate Windows metafile-format images resulting in a heap overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity. |
5251 | Microsoft Windows Winlogon Command Execution A remote overflow exists in Windows. The Windows logon process fails to validate a user-supplied value resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity. |
5250 | Microsoft Windows SSL Library Private Communications Transport (PCT) Remote O... A remote overflow exists in the Microsoft Windows SSL library. The library fails to verify a field length during PCT 1.0 protocol negotiation. Any application which negotiates SSL using the Windows API may be vulnerable to this attack. With a specially crafted request, an attacker can execute arbitrary code with LocalSystem privileges, resulting in a loss of integrity. |
5249 | Microsoft Windows LDAP Crafted Request Remote DoS Windows contains a flaw that may allow a remote denial of service. The issue is triggered when a specially crafted LDAP request is sent to a Windows 2000 server functioning as a domain controller, and will result in loss of availability for the service. |
5248 | Microsoft Windows LSASS Remote Overflow A remote overflow exists in Windows. The LSA (Local Security Authority) Service fails to validate some input received on the LSARPC named pipe over TCP ports 139 and 445 resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | korgo attempt RuleID : 9420 - Revision : 13 - Type : MALWARE-OTHER |
2014-01-10 | sasser attempt RuleID : 9419 - Revision : 10 - Type : MALWARE-OTHER |
2014-01-10 | DCERPC NCACN-HTTP lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 5315 - Revision : 5 - Type : NETBIOS |
2014-01-10 | DCERPC NCADG-IP-UDP lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 5314 - Revision : 7 - Type : NETBIOS |
2014-01-10 | DCERPC DIRECT lsass DsRolerUpgradeDownlevelServer little endian overflow attempt RuleID : 5313 - Revision : 5 - Type : NETBIOS |
2014-01-10 | DCERPC NCACN-IP-TCP lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 5312 - Revision : 7 - Type : NETBIOS |
2014-01-10 | DCERPC NCACN-IP-TCP lsass DsRolerUpgradeDownlevelServer little endian overflo... RuleID : 5311 - Revision : 7 - Type : NETBIOS |
2014-01-10 | DCERPC NCACN-HTTP lsass DsRolerUpgradeDownlevelServer little endian overflow ... RuleID : 5310 - Revision : 5 - Type : NETBIOS |
2014-01-10 | DCERPC NCADG-IP-UDP lsass DsRolerUpgradeDownlevelServer little endian overflo... RuleID : 5309 - Revision : 7 - Type : NETBIOS |
2014-01-10 | DCERPC DIRECT lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 5308 - Revision : 5 - Type : NETBIOS |
2014-01-10 | DCERPC NCACN-HTTP v4 lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 5307 - Revision : 5 - Type : NETBIOS |
2014-01-10 | DCERPC NCADG-IP-UDP v4 lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 5306 - Revision : 7 - Type : NETBIOS |
2014-01-10 | DCERPC DIRECT v4 lsass DsRolerUpgradeDownlevelServer little endian overflow a... RuleID : 5305 - Revision : 5 - Type : NETBIOS |
2014-01-10 | DCERPC NCACN-IP-TCP v4 lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 5304 - Revision : 5 - Type : NETBIOS |
2014-01-10 | DCERPC NCACN-IP-TCP v4 lsass DsRolerUpgradeDownlevelServer little endian over... RuleID : 5303 - Revision : 5 - Type : NETBIOS |
2014-01-10 | DCERPC NCACN-HTTP v4 lsass DsRolerUpgradeDownlevelServer little endian overfl... RuleID : 5302 - Revision : 5 - Type : NETBIOS |
2014-01-10 | DCERPC NCADG-IP-UDP v4 lsass DsRolerUpgradeDownlevelServer little endian over... RuleID : 5301 - Revision : 7 - Type : NETBIOS |
2014-01-10 | DCERPC DIRECT v4 lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 5300 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX little endian andx overf... RuleID : 5299 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian an... RuleID : 5298 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer unicode little endian andx overflo... RuleID : 5297 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer little endian andx overflow attempt RuleID : 5296 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX little endian andx ov... RuleID : 5295 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 lsass DsRolerUpgradeDownlevelServer little endian andx overflow att... RuleID : 5294 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 lsass DsRolerUpgradeDownlevelServer unicode little endian andx over... RuleID : 5293 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer unicode little endian andx overflo... RuleID : 5292 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer little endian andx overflow attempt RuleID : 5291 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX little endian andx overf... RuleID : 5290 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian... RuleID : 5289 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode andx overflow at... RuleID : 5288 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer andx overflow attempt RuleID : 5287 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer unicode andx overflow attempt RuleID : 5286 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode andx overflow at... RuleID : 5285 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX andx overflow attempt RuleID : 5284 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 lsass DsRolerUpgradeDownlevelServer unicode andx overflow attempt RuleID : 5283 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 lsass DsRolerUpgradeDownlevelServer andx overflow attempt RuleID : 5282 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer andx overflow attempt RuleID : 5281 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode andx overflow... RuleID : 5280 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer WriteAndX andx overflow attempt RuleID : 5279 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB-DS lsass DsRolerUpgradeDownlevelServer WriteAndX andx overflow attempt RuleID : 5278 - Revision : 7 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode andx overflow attempt RuleID : 5277 - Revision : 7 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer unicode little endian andx overflow a... RuleID : 5276 - Revision : 7 - Type : NETBIOS |
2014-01-10 | SMB-DS lsass DsRolerUpgradeDownlevelServer unicode andx overflow attempt RuleID : 5275 - Revision : 7 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian an... RuleID : 5274 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX andx overflow attempt RuleID : 5273 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer andx overflow attempt RuleID : 5272 - Revision : 7 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer WriteAndX andx overflow attempt RuleID : 5271 - Revision : 7 - Type : NETBIOS |
2014-01-10 | SMB-DS lsass DsRolerUpgradeDownlevelServer WriteAndX unicode andx overflow at... RuleID : 5270 - Revision : 7 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer little endian andx overflow attempt RuleID : 5269 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB-DS lsass DsRolerUpgradeDownlevelServer WriteAndX little endian andx overf... RuleID : 5268 - Revision : 7 - Type : NETBIOS |
2014-01-10 | SMB-DS lsass DsRolerUpgradeDownlevelServer unicode little endian andx overflo... RuleID : 5267 - Revision : 7 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer unicode andx overflow attempt RuleID : 5266 - Revision : 7 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer unicode andx overflow attempt RuleID : 5265 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer little endian andx overflow attempt RuleID : 5264 - Revision : 7 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer unicode andx overflow attempt RuleID : 5263 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer WriteAndX little endian andx overflow... RuleID : 5262 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer WriteAndX little endian andx overflow... RuleID : 5261 - Revision : 7 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer unicode little endian andx overflow a... RuleID : 5260 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian andx ... RuleID : 5259 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB-DS lsass DsRolerUpgradeDownlevelServer little endian andx overflow attempt RuleID : 5258 - Revision : 7 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer andx overflow attempt RuleID : 5257 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX andx overflow attempt RuleID : 5256 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode andx overflow attempt RuleID : 5255 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian andx ... RuleID : 5254 - Revision : 7 - Type : NETBIOS |
2014-01-10 | SMB-DS lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian an... RuleID : 5253 - Revision : 7 - Type : NETBIOS |
2014-01-10 | SMB-DS lsass DsRolerUpgradeDownlevelServer andx overflow attempt RuleID : 5252 - Revision : 7 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX little endian overflow a... RuleID : 5251 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian ov... RuleID : 5250 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer unicode little endian overflow att... RuleID : 5249 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer little endian overflow attempt RuleID : 5248 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX little endian overflo... RuleID : 5247 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 lsass DsRolerUpgradeDownlevelServer little endian overflow attempt RuleID : 5246 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 lsass DsRolerUpgradeDownlevelServer unicode little endian overflow ... RuleID : 5245 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer unicode little endian overflow att... RuleID : 5244 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer little endian overflow attempt RuleID : 5243 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX little endian overflow a... RuleID : 5242 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian... RuleID : 5241 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode overflow attempt RuleID : 5240 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 5239 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer unicode overflow attempt RuleID : 5238 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode overflow attempt RuleID : 5237 - Revision : 4 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX overflow attempt RuleID : 5236 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 lsass DsRolerUpgradeDownlevelServer unicode overflow attempt RuleID : 5235 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 5234 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 5233 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode overflow attempt RuleID : 5232 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer WriteAndX overflow attempt RuleID : 5231 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB-DS lsass DsRolerUpgradeDownlevelServer WriteAndX overflow attempt RuleID : 5230 - Revision : 7 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode overflow attempt RuleID : 5229 - Revision : 7 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer unicode little endian overflow attempt RuleID : 5228 - Revision : 7 - Type : NETBIOS |
2014-01-10 | SMB-DS lsass DsRolerUpgradeDownlevelServer unicode overflow attempt RuleID : 5227 - Revision : 7 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian ov... RuleID : 5226 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX overflow attempt RuleID : 5225 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 5224 - Revision : 7 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer WriteAndX overflow attempt RuleID : 5223 - Revision : 7 - Type : NETBIOS |
2014-01-10 | SMB-DS lsass DsRolerUpgradeDownlevelServer WriteAndX unicode overflow attempt RuleID : 5222 - Revision : 7 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer little endian overflow attempt RuleID : 5221 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB-DS lsass DsRolerUpgradeDownlevelServer WriteAndX little endian overflow a... RuleID : 5220 - Revision : 7 - Type : NETBIOS |
2014-01-10 | SMB-DS lsass DsRolerUpgradeDownlevelServer unicode little endian overflow att... RuleID : 5219 - Revision : 7 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer unicode overflow attempt RuleID : 5218 - Revision : 7 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer unicode overflow attempt RuleID : 5217 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer little endian overflow attempt RuleID : 5216 - Revision : 7 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer unicode overflow attempt RuleID : 5215 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer WriteAndX little endian overflow attempt RuleID : 5214 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer WriteAndX little endian overflow attempt RuleID : 5213 - Revision : 7 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer unicode little endian overflow attempt RuleID : 5212 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian overf... RuleID : 5211 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB-DS lsass DsRolerUpgradeDownlevelServer little endian overflow attempt RuleID : 5210 - Revision : 7 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 5209 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX overflow attempt RuleID : 5208 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode overflow attempt RuleID : 5207 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | DCERPC NCADG-IP-UDP lsass DsRolerGetPrimaryDomainInformation little endian at... RuleID : 5206 - Revision : 5 - Type : NETBIOS |
2014-01-10 | DCERPC NCACN-HTTP lsass DsRolerGetPrimaryDomainInformation little endian attempt RuleID : 5205 - Revision : 5 - Type : NETBIOS |
2014-01-10 | DCERPC NCACN-IP-TCP lsass DsRolerGetPrimaryDomainInformation little endian at... RuleID : 5204 - Revision : 5 - Type : NETBIOS |
2014-01-10 | DCERPC NCADG-IP-UDP lsass DsRolerGetPrimaryDomainInformation attempt RuleID : 5203 - Revision : 5 - Type : NETBIOS |
2014-01-10 | DCERPC NCACN-HTTP lsass DsRolerGetPrimaryDomainInformation attempt RuleID : 5202 - Revision : 5 - Type : NETBIOS |
2014-01-10 | DCERPC DIRECT lsass DsRolerGetPrimaryDomainInformation little endian attempt RuleID : 5201 - Revision : 5 - Type : NETBIOS |
2014-01-10 | DCERPC NCACN-IP-TCP lsass DsRolerGetPrimaryDomainInformation attempt RuleID : 5200 - Revision : 5 - Type : NETBIOS |
2014-01-10 | DCERPC DIRECT lsass DsRolerGetPrimaryDomainInformation attempt RuleID : 5199 - Revision : 5 - Type : NETBIOS |
2014-01-10 | DCERPC NCADG-IP-UDP v4 lsass DsRolerGetPrimaryDomainInformation little endian... RuleID : 5198 - Revision : 5 - Type : NETBIOS |
2014-01-10 | DCERPC NCACN-HTTP v4 lsass DsRolerGetPrimaryDomainInformation little endian a... RuleID : 5197 - Revision : 5 - Type : NETBIOS |
2014-01-10 | DCERPC NCACN-IP-TCP v4 lsass DsRolerGetPrimaryDomainInformation little endian... RuleID : 5196 - Revision : 5 - Type : NETBIOS |
2014-01-10 | DCERPC NCADG-IP-UDP v4 lsass DsRolerGetPrimaryDomainInformation attempt RuleID : 5195 - Revision : 5 - Type : NETBIOS |
2014-01-10 | DCERPC NCACN-HTTP v4 lsass DsRolerGetPrimaryDomainInformation attempt RuleID : 5194 - Revision : 5 - Type : NETBIOS |
2014-01-10 | DCERPC DIRECT v4 lsass DsRolerGetPrimaryDomainInformation little endian attempt RuleID : 5193 - Revision : 5 - Type : NETBIOS |
2014-01-10 | DCERPC NCACN-IP-TCP v4 lsass DsRolerGetPrimaryDomainInformation attempt RuleID : 5192 - Revision : 5 - Type : NETBIOS |
2014-01-10 | DCERPC DIRECT v4 lsass DsRolerGetPrimaryDomainInformation attempt RuleID : 5191 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little e... RuleID : 5190 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endi... RuleID : 5189 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode little endian andx at... RuleID : 5188 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode little endian andx at... RuleID : 5187 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian an... RuleID : 5186 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian andx ... RuleID : 5185 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation little endian andx attempt RuleID : 5184 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode andx attempt RuleID : 5183 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode andx attempt RuleID : 5182 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX andx attempt RuleID : 5181 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX andx attempt RuleID : 5180 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode andx attempt RuleID : 5179 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode andx attempt RuleID : 5178 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX andx attempt RuleID : 5177 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation andx attempt RuleID : 5176 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation little endian andx attempt RuleID : 5175 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation unicode little endian andx... RuleID : 5174 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation andx attempt RuleID : 5173 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation andx attempt RuleID : 5172 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endi... RuleID : 5171 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode andx attempt RuleID : 5170 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endian ... RuleID : 5169 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode andx attempt RuleID : 5168 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerGetPrimaryDomainInformation unicode little endian andx attempt RuleID : 5167 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode andx attempt RuleID : 5166 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB lsass DsRolerGetPrimaryDomainInformation unicode andx attempt RuleID : 5165 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX andx attempt RuleID : 5164 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS lsass DsRolerGetPrimaryDomainInformation unicode andx attempt RuleID : 5163 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerGetPrimaryDomainInformation little endian andx attempt RuleID : 5162 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX andx attempt RuleID : 5161 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode andx att... RuleID : 5160 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian andx ... RuleID : 5159 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB-DS lsass DsRolerGetPrimaryDomainInformation unicode little endian andx at... RuleID : 5158 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation unicode andx attempt RuleID : 5157 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerGetPrimaryDomainInformation andx attempt RuleID : 5156 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB lsass DsRolerGetPrimaryDomainInformation little endian andx attempt RuleID : 5155 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endi... RuleID : 5154 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX andx attempt RuleID : 5153 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB-DS lsass DsRolerGetPrimaryDomainInformation andx attempt RuleID : 5152 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerGetPrimaryDomainInformation unicode andx attempt RuleID : 5151 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian andx att... RuleID : 5150 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB lsass DsRolerGetPrimaryDomainInformation unicode little endian andx attempt RuleID : 5149 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endian ... RuleID : 5148 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB-DS lsass DsRolerGetPrimaryDomainInformation little endian andx attempt RuleID : 5147 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation little endian andx attempt RuleID : 5146 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian andx ... RuleID : 5145 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian andx att... RuleID : 5144 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerGetPrimaryDomainInformation andx attempt RuleID : 5143 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little e... RuleID : 5142 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endi... RuleID : 5141 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode little endian attempt RuleID : 5140 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode little endian attempt RuleID : 5139 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian at... RuleID : 5138 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian attempt RuleID : 5137 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation little endian attempt RuleID : 5136 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode attempt RuleID : 5135 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode attempt RuleID : 5134 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX attempt RuleID : 5133 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX attempt RuleID : 5132 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode attempt RuleID : 5131 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode attempt RuleID : 5130 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX attempt RuleID : 5129 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation attempt RuleID : 5128 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation little endian attempt RuleID : 5127 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation unicode little endian attempt RuleID : 5126 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation attempt RuleID : 5125 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation attempt RuleID : 5124 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endi... RuleID : 5123 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode attempt RuleID : 5122 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endian ... RuleID : 5121 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode attempt RuleID : 5120 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerGetPrimaryDomainInformation unicode little endian attempt RuleID : 5119 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode attempt RuleID : 5118 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB lsass DsRolerGetPrimaryDomainInformation unicode attempt RuleID : 5117 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX attempt RuleID : 5116 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS lsass DsRolerGetPrimaryDomainInformation unicode attempt RuleID : 5115 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerGetPrimaryDomainInformation little endian attempt RuleID : 5114 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX attempt RuleID : 5113 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode attempt RuleID : 5112 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian attempt RuleID : 5111 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB-DS lsass DsRolerGetPrimaryDomainInformation unicode little endian attempt RuleID : 5110 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation unicode attempt RuleID : 5109 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerGetPrimaryDomainInformation attempt RuleID : 5108 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB lsass DsRolerGetPrimaryDomainInformation little endian attempt RuleID : 5107 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endi... RuleID : 5106 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX attempt RuleID : 5105 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB-DS lsass DsRolerGetPrimaryDomainInformation attempt RuleID : 5104 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB lsass DsRolerGetPrimaryDomainInformation unicode attempt RuleID : 5103 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian attempt RuleID : 5102 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB lsass DsRolerGetPrimaryDomainInformation unicode little endian attempt RuleID : 5101 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endian ... RuleID : 5100 - Revision : 5 - Type : NETBIOS-DG |
2014-01-10 | SMB-DS lsass DsRolerGetPrimaryDomainInformation little endian attempt RuleID : 5099 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB v4 lsass DsRolerGetPrimaryDomainInformation little endian attempt RuleID : 5098 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian attempt RuleID : 5097 - Revision : 5 - Type : NETBIOS |
2014-01-10 | DCERPC NCADG-IP-UDP lsass DsRolerGetPrimaryDomainInformation attempt RuleID : 5096 - Revision : 11 - Type : OS-WINDOWS |
2014-01-10 | DCERPC NCACN-IP-TCP lsass DsRolerGetPrimaryDomainInformation attempt RuleID : 5095 - Revision : 12 - Type : OS-WINDOWS |
2014-01-10 | PCT Client_Hello overflow attempt RuleID : 3511 - Revision : 23 - Type : SMTP |
2014-01-10 | Microsoft Windows SSLv3 invalid data version attempt RuleID : 3486 - Revision : 11 - Type : OS-WINDOWS |
2016-03-14 | Microsoft emf file download request RuleID : 33740-community - Revision : 2 - Type : FILE-IMAGE |
2015-04-10 | Microsoft emf file download request RuleID : 33740 - Revision : 2 - Type : FILE-IMAGE |
2014-01-10 | TLS1 Client_Hello with pad via SSLv2 handshake request RuleID : 3060 - Revision : 4 - Type : WEB-MISC |
2014-01-10 | SSLv3 invalid Client_Hello attempt RuleID : 2544 - Revision : 13 - Type : SMTP |
2014-01-10 | TLS SSLv3 invalid data version attempt RuleID : 2541 - Revision : 13 - Type : SMTP |
2014-01-10 | SSLv3 invalid Client_Hello attempt RuleID : 2540 - Revision : 4 - Type : SMTP |
2014-01-10 | SSLv3 Server_Hello request RuleID : 2539 - Revision : 4 - Type : SMTP |
2014-01-10 | SSLv3 Client_Hello request RuleID : 2538 - Revision : 4 - Type : SMTP |
2014-01-10 | SSLv3 invalid Client_Hello attempt RuleID : 2537 - Revision : 12 - Type : POP3 |
2014-01-10 | SSLv3 invalid Client_Hello attempt RuleID : 2534 - Revision : 9 - Type : POP3 |
2014-01-10 | SSLv3 invalid Client_Hello attempt RuleID : 2531 - Revision : 13 - Type : IMAP |
2014-01-10 | PCT Client_Hello overflow attempt RuleID : 2528 - Revision : 25 - Type : SMTP |
2014-01-10 | SSLv3 invalid Client_Hello attempt RuleID : 2522 - Revision : 18 - Type : WEB-MISC |
2014-01-10 | Client_Hello overflow attempt RuleID : 2519 - Revision : 4 - Type : SMTP |
2014-01-10 | PCT Client_Hello overflow attempt RuleID : 2518 - Revision : 24 - Type : POP3 |
2014-01-10 | PCT Client_Hello overflow attempt RuleID : 2517 - Revision : 25 - Type : IMAP |
2014-01-10 | PCT Client_Hello overflow attempt RuleID : 2516 - Revision : 15 - Type : POP3 |
2014-01-10 | PCT Client_Hello overflow attempt RuleID : 2515 - Revision : 27 - Type : OS-WINDOWS |
2014-01-10 | SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian overf... RuleID : 2514 - Revision : 14 - Type : NETBIOS |
2014-01-10 | DCERPC NCADG-IP-UDP lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 2511-community - Revision : 22 - Type : OS-WINDOWS |
2014-01-10 | DCERPC NCADG-IP-UDP lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 2511 - Revision : 22 - Type : OS-WINDOWS |
2014-01-10 | DCERPC NCACN-IP-TCP lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 2508-community - Revision : 24 - Type : OS-WINDOWS |
2014-01-10 | DCERPC NCACN-IP-TCP lsass DsRolerUpgradeDownlevelServer overflow attempt RuleID : 2508 - Revision : 24 - Type : OS-WINDOWS |
2014-01-10 | SSLv3 invalid timestamp attempt RuleID : 2506 - Revision : 12 - Type : WEB-MISC |
2014-01-10 | SSLv3 invalid data version attempt RuleID : 2505 - Revision : 11 - Type : WEB-MISC |
2014-01-10 | SSLv3 invalid data version attempt RuleID : 2504 - Revision : 16 - Type : SMTP |
2014-01-10 | SSLv3 invalid timestamp attempt RuleID : 2503 - Revision : 12 - Type : SMTP |
2014-01-10 | SSLv3 invalid data version attempt RuleID : 2502 - Revision : 17 - Type : POP3 |
2014-01-10 | SSLv3 invalid timestamp attempt RuleID : 2501 - Revision : 13 - Type : POP3 |
2014-01-10 | SSLv3 invalid data version attempt RuleID : 2500 - Revision : 8 - Type : POP3 |
2014-01-10 | LDAP SSLv3 invalid timestamp attempt RuleID : 2499 - Revision : 11 - Type : MISC |
2014-01-10 | SSLv3 invalid timestamp attempt RuleID : 2498 - Revision : 11 - Type : IMAP |
2014-01-10 | SSLv3 invalid data version attempt RuleID : 2497 - Revision : 17 - Type : IMAP |
2014-01-10 | PCT Client_Hello overflow attempt RuleID : 24401 - Revision : 3 - Type : OS-WINDOWS |
2014-01-10 | Microsoft emf file download request RuleID : 2435-community - Revision : 33 - Type : FILE-IDENTIFY |
2014-01-10 | Microsoft emf file download request RuleID : 2435 - Revision : 33 - Type : FILE-IDENTIFY |
2014-01-10 | Microsoft Windows Help Centre escape sequence XSS attempt RuleID : 16665 - Revision : 13 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Negotiate SSP buffer overflow attempt RuleID : 15996 - Revision : 9 - Type : OS-WINDOWS |
Metasploit Database
id | Description |
---|---|
2004-04-13 | MS04-011 Microsoft Private Communications Transport Overflow |
2004-04-13 | MS04-011 Microsoft LSASS Service DsRolerUpgradeDownlevelServer Overflow |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2004-06-10 | Name : The remote host has been compromised. File : dabber_worm.nasl - Type : ACT_GATHER_INFO |
2004-05-26 | Name : The remote host is probably infected with the Korgo worm. File : korgo.nasl - Type : ACT_GATHER_INFO |
2004-05-01 | Name : The remote host is infected by a virus. File : sasser_virus.nasl - Type : ACT_GATHER_INFO |
2004-04-15 | Name : Arbitrary code can be executed on the remote host due to a flaw in the LSASS ... File : smb_kb835732.nasl - Type : ACT_GATHER_INFO |
2004-04-13 | Name : Arbitrary code can be executed on the remote host. File : ms_kb835732_ssl.nasl - Type : ACT_GATHER_INFO |
2004-04-13 | Name : Arbitrary code can be executed on the remote host. File : smb_nt_ms04-011.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2020-05-23 13:17:12 |
|
2016-03-12 09:23:41 |
|
2016-03-12 05:23:51 |
|
2015-04-10 21:25:50 |
|
2014-02-17 11:44:58 |
|
2014-01-19 21:29:51 |
|