Executive Summary

Informations
Name MS04-011 First vendor Publication N/A
Vendor Microsoft Last vendor Modification N/A
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:H/Au:N/C:C/I:C/A:C)
Cvss Base Score 7.6 Attack Range Network
Cvss Impact Score 10 Attack Complexity High
Cvss Expoit Score 4.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Security Update for Microsoft Windows (835732)

CAPEC : Common Attack Pattern Enumeration & Classification

Id Name
CAPEC-41 Using Meta-characters in E-mail Headers to Inject Malicious Payloads
CAPEC-88 OS Command Injection
CAPEC-133 Try All Common Application Switches and Options

CWE : Common Weakness Enumeration

% Id Name
33 % CWE-476 NULL Pointer Dereference
33 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
33 % CWE-88 Argument Injection or Modification

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:1000
 
Oval ID: oval:org.mitre.oval:def:1000
Title: Windows XP Help Center Command Insertion Vulnerability
Description: Help and Support Center in Microsoft Windows XP SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code via quotation marks in an hcp:// URL, which are not quoted when constructing the argument list to HelpCtr.exe.
Family: windows Class: vulnerability
Reference(s): CVE-2003-0907
Version: 8
Platform(s): Microsoft Windows XP
Product(s): Help and Support Center (HSC)
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:1004
 
Oval ID: oval:org.mitre.oval:def:1004
Title: WinXP Management Vulnerability
Description: Windows XP allows local users to execute arbitrary programs by creating a task at an elevated privilege level through the eventtriggers.exe command-line tool or the Task Scheduler service, aka "Windows Management Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2003-0909
Version: 9
Platform(s): Microsoft Windows XP
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:1007
 
Oval ID: oval:org.mitre.oval:def:1007
Title: Windows XP ASN.1 Library Double-free Memory Corruption Vulnerability
Description: Double free vulnerability in the ASN.1 library as used in Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service and possibly execute arbitrary code.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0123
Version: 7
Platform(s): Microsoft Windows XP
Product(s): Microsoft ASN.1 Library
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:1016
 
Oval ID: oval:org.mitre.oval:def:1016
Title: Win2k Domain Controller LSASS Denial of Service
Description: Unknown vulnerability in the Local Security Authority Subsystem Service (LSASS) in Windows 2000 domain controllers allows remote attackers to cause a denial of service via a crafted LDAP message.
Family: windows Class: vulnerability
Reference(s): CVE-2003-0663
Version: 2
Platform(s): Microsoft Windows 2000
Product(s): Lightweight Directory Access Protocol (LDAP)
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:1046
 
Oval ID: oval:org.mitre.oval:def:1046
Title: Windows Utility Manager Shatter Message Vulnerability
Description: The Utility Manager in Microsoft Windows 2000 executes winhlp32.exe with system privileges, which allows local users to execute arbitrary code via a "Shatter" style attack using a Windows message that accesses the context sensitive help button in the GUI, as demonstrated using the File Open dialog in the Help window, a different vulnerability than CVE-2004-0213.
Family: windows Class: vulnerability
Reference(s): CVE-2003-0908
Version: 1
Platform(s): Microsoft Windows 2000
Product(s): Utility Manager
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:1054
 
Oval ID: oval:org.mitre.oval:def:1054
Title: Windows XP winlogon Remote Buffer Overflow
Description: Buffer overflow in the Windows logon process (winlogon) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1, when a member of a domain, allows remote attackers to execute arbitrary code.
Family: windows Class: vulnerability
Reference(s): CVE-2003-0806
Version: 7
Platform(s): Microsoft Windows XP
Product(s): Windows logon process (winlogon)
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:1064
 
Oval ID: oval:org.mitre.oval:def:1064
Title: Windows XP WMF/EMF Buffer Overflow
Description: Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers to execute arbitrary code via a malformed WMF or EMF image.
Family: windows Class: vulnerability
Reference(s): CVE-2003-0906
Version: 7
Platform(s): Microsoft Windows XP
Product(s): Enhanced Metafile (EMF)
Windows Metafile (WMF)
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:1076
 
Oval ID: oval:org.mitre.oval:def:1076
Title: Windows NT/2000 ASN.1 Library Double-free Memory Corruption Vulnerability
Description: Double free vulnerability in the ASN.1 library as used in Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service and possibly execute arbitrary code.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0123
Version: 2
Platform(s): Microsoft Windows NT
Microsoft Windows 2000
Product(s): Microsoft ASN.1 Library
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:1093
 
Oval ID: oval:org.mitre.oval:def:1093
Title: Windows Server 2003 SSL PCT Handshake Vulnerability
Description: Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets.
Family: windows Class: vulnerability
Reference(s): CVE-2003-0719
Version: 2
Platform(s): Microsoft Windows Server 2003
Product(s): Private Communications Transport (PCT)
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:1512
 
Oval ID: oval:org.mitre.oval:def:1512
Title: Windows Virtual DOS Machine Local Privilege Escalation Vulnerability (Test 1)
Description: The component for the Virtual DOS Machine (VDM) subsystem in Windows NT 4.0 and Windows 2000 does not properly validate system structures, which allows local users to access protected kernel memory and execute arbitrary code.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0118
Version: 3
Platform(s): Microsoft Windows NT
Microsoft Windows 2000
Product(s): VDM
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:1718
 
Oval ID: oval:org.mitre.oval:def:1718
Title: Windows Virtual DOS Machine Local Privilege Escalation Vulnerability (Test 2)
Description: The component for the Virtual DOS Machine (VDM) subsystem in Windows NT 4.0 and Windows 2000 does not properly validate system structures, which allows local users to access protected kernel memory and execute arbitrary code.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0118
Version: 1
Platform(s): Microsoft Windows NT
Product(s): VDM
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:1808
 
Oval ID: oval:org.mitre.oval:def:1808
Title: Windows 2000 Negotiate Security Software Provider Denial of Service Vulnerability
Description: The Negotiate Security Software Provider (SSP) interface in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service (crash from null dereference) or execute arbitrary code via a crafted SPNEGO NegTokenInit request during authentication protocol selection.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0119
Version: 3
Platform(s): Microsoft Windows 2000
Product(s): Negotiate SSP interface
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:1962
 
Oval ID: oval:org.mitre.oval:def:1962
Title: Windows Server 2003 Negotiate Security Software Provider Denial of Service Vulnerability
Description: The Negotiate Security Software Provider (SSP) interface in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service (crash from null dereference) or execute arbitrary code via a crafted SPNEGO NegTokenInit request during authentication protocol selection.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0119
Version: 3
Platform(s): Microsoft Windows Server 2003
Product(s): Negotiate Security Software Provider
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:1997
 
Oval ID: oval:org.mitre.oval:def:1997
Title: Windows XP Negotiate Security Software Provider Denial of Service Vulnerability
Description: The Negotiate Security Software Provider (SSP) interface in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service (crash from null dereference) or execute arbitrary code via a crafted SPNEGO NegTokenInit request during authentication protocol selection.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0119
Version: 9
Platform(s): Microsoft Windows XP
Product(s): Negotiate SSP interface
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:883
 
Oval ID: oval:org.mitre.oval:def:883
Title: Windows 2000 LSASS Buffer Overflow (Sasser Worm Vulnerability)
Description: Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm.
Family: windows Class: vulnerability
Reference(s): CVE-2003-0533
Version: 1
Platform(s): Microsoft Windows 2000
Product(s): Local Security Authority Subsystem Service (LSASS)
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:885
 
Oval ID: oval:org.mitre.oval:def:885
Title: Windows Server 2003 SSL Library Denial of Service
Description: The Microsoft Secure Sockets Layer (SSL) library, as used in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service via malformed SSL messages.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0120
Version: 4
Platform(s): Microsoft Windows Server 2003
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:886
 
Oval ID: oval:org.mitre.oval:def:886
Title: Windows XP SSL Library Denial of Service
Description: The Microsoft Secure Sockets Layer (SSL) library, as used in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service via malformed SSL messages.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0120
Version: 10
Platform(s): Microsoft Windows XP
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:889
 
Oval ID: oval:org.mitre.oval:def:889
Title: Windows XP SSL PCT Handshake Vulnerability
Description: Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets.
Family: windows Class: vulnerability
Reference(s): CVE-2003-0719
Version: 8
Platform(s): Microsoft Windows XP
Product(s): Private Communications Transport (PCT)
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:890
 
Oval ID: oval:org.mitre.oval:def:890
Title: Windows 2000 Local Descriptor Table Kernel Access Vulnerability
Description: The NtSetLdtEntries function in the programming interface for the Local Descriptor Table (LDT) in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points to protected memory.
Family: windows Class: vulnerability
Reference(s): CVE-2003-0910
Version: 1
Platform(s): Microsoft Windows 2000
Product(s): Local Descriptor Table (LDT)
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:892
 
Oval ID: oval:org.mitre.oval:def:892
Title: Windows 2000 SSL Library Denial of Service
Description: The Microsoft Secure Sockets Layer (SSL) library, as used in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service via malformed SSL messages.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0120
Version: 2
Platform(s): Microsoft Windows 2000
Product(s): Secure Sockets Layer (SSL)
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:895
 
Oval ID: oval:org.mitre.oval:def:895
Title: Windows NT winlogon Remote Buffer Overflow
Description: Buffer overflow in the Windows logon process (winlogon) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1, when a member of a domain, allows remote attackers to execute arbitrary code.
Family: windows Class: vulnerability
Reference(s): CVE-2003-0806
Version: 2
Platform(s): Microsoft Windows NT
Product(s): Windows logon process (winlogon)
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:896
 
Oval ID: oval:org.mitre.oval:def:896
Title: Windows 2000 winlogon Remote Buffer Overflow
Description: Buffer overflow in the Windows logon process (winlogon) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1, when a member of a domain, allows remote attackers to execute arbitrary code.
Family: windows Class: vulnerability
Reference(s): CVE-2003-0806
Version: 3
Platform(s): Microsoft Windows 2000
Product(s): Windows logon process (winlogon)
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:897
 
Oval ID: oval:org.mitre.oval:def:897
Title: Windows NT WMF/EMF Buffer Overflow
Description: Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers to execute arbitrary code via a malformed WMF or EMF image.
Family: windows Class: vulnerability
Reference(s): CVE-2003-0906
Version: 2
Platform(s): Microsoft Windows NT
Product(s): Enhanced Metafile (EMF)
Windows Metafile (WMF)
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:898
 
Oval ID: oval:org.mitre.oval:def:898
Title: Windows XP LSASS Buffer Overflow (Sasser Worm Vulnerability)
Description: Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm.
Family: windows Class: vulnerability
Reference(s): CVE-2003-0533
Version: 9
Platform(s): Microsoft Windows XP
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:903
 
Oval ID: oval:org.mitre.oval:def:903
Title: Windows NT SSL PCT Handshake Vulnerability
Description: Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets.
Family: windows Class: vulnerability
Reference(s): CVE-2003-0719
Version: 3
Platform(s): Microsoft Windows NT
Product(s): Private Communications Transport (PCT)
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:904
 
Oval ID: oval:org.mitre.oval:def:904
Title: Windows Server 2003 Help Center Command Insertion Vulnerability
Description: Help and Support Center in Microsoft Windows XP SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code via quotation marks in an hcp:// URL, which are not quoted when constructing the argument list to HelpCtr.exe.
Family: windows Class: vulnerability
Reference(s): CVE-2003-0907
Version: 2
Platform(s): Microsoft Windows Server 2003
Product(s): Help and Support Center (HSC)
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:907
 
Oval ID: oval:org.mitre.oval:def:907
Title: Windows 2000 H.323 Protocol Remote Code Execution Vulnerability
Description: Unknown vulnerability in the H.323 protocol implementation in Windows 98, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0117
Version: 1
Platform(s): Microsoft Windows 2000
Product(s): H.323
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:911
 
Oval ID: oval:org.mitre.oval:def:911
Title: Windows NT Local Descriptor Table Kernel Access Vulnerability
Description: The NtSetLdtEntries function in the programming interface for the Local Descriptor Table (LDT) in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points to protected memory.
Family: windows Class: vulnerability
Reference(s): CVE-2003-0910
Version: 2
Platform(s): Microsoft Windows NT
Product(s): Local Descriptor Table (LDT)
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:919
 
Oval ID: oval:org.mitre.oval:def:919
Title: Windows Server 2003 LSASS Buffer Overflow (Sasser Worm Vulnerability
Description: Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm.
Family: windows Class: vulnerability
Reference(s): CVE-2003-0533
Version: 3
Platform(s): Microsoft Windows Server 2003
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:924
 
Oval ID: oval:org.mitre.oval:def:924
Title: Windows Server 2003 ASN.1 Library Double-free Memory Corruption Vulnerability
Description: Double free vulnerability in the ASN.1 library as used in Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service and possibly execute arbitrary code.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0123
Version: 1
Platform(s): Microsoft Windows Server 2003
Product(s): Microsoft ASN.1 Library
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:946
 
Oval ID: oval:org.mitre.oval:def:946
Title: Windows Server 2003 H.323 Protocol Remote Code Execution Vulnerability
Description: Unknown vulnerability in the H.323 protocol implementation in Windows 98, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0117
Version: 3
Platform(s): Microsoft Windows Server 2003
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:951
 
Oval ID: oval:org.mitre.oval:def:951
Title: Windows 2000 SSL PCT Handshake Vulnerability
Description: Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets.
Family: windows Class: vulnerability
Reference(s): CVE-2003-0719
Version: 2
Platform(s): Microsoft Windows 2000
Product(s): Private Communications Transport (PCT)
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:959
 
Oval ID: oval:org.mitre.oval:def:959
Title: Windows 2000 WMF/EMF Buffer Overflow
Description: Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers to execute arbitrary code via a malformed WMF or EMF image.
Family: windows Class: vulnerability
Reference(s): CVE-2003-0906
Version: 1
Platform(s): Microsoft Windows 2000
Product(s): Enhanced Metafile (EMF)
Windows Metafile (WMF)
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:964
 
Oval ID: oval:org.mitre.oval:def:964
Title: Windows XP H.323 Protocol Remote Code Execution Vulnerability
Description: Unknown vulnerability in the H.323 protocol implementation in Windows 98, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0117
Version: 6
Platform(s): Microsoft Windows XP
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 2
Os 5
Os 1
Os 1
Os 1
Os 1
Os 2
Os 1
Os 3

SAINT Exploits

Description Link
Windows LSASS buffer overflow More info here
Microsoft SSL library PCT buffer overflow More info here

ExploitDB Exploits

id Description
2004-04-18 Microsoft Windows 2000/NT 4 Local Descriptor Table Local Privilege Escalation...
2010-07-03 Microsoft LSASS Service DsRolerUpgradeDownlevelServer Overflow
2010-09-20 Microsoft Private Communications Transport Overflow
2004-04-14 MS Windows IIS SSL Remote Denial of Service Exploit (MS04-011)

OpenVAS Exploits

Date Description
2009-03-15 Name : MS04-011 security check
File : nvt/remote-MS04-011.nasl
2005-11-03 Name : Dabber worm detection
File : nvt/dabber_worm.nasl
2005-11-03 Name : Korgo worm detection
File : nvt/korgo.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
5261 Microsoft Windows ASN.1 Double Free Code Execution

Microsoft's ASN.1 implementation contains a flaw that may allow a malicious user to cause denial-of-service conditions or possibly execute arbitrary code. The issue is triggered when a specially crafted authentication request is sent to the ASN.1 parser, causing it to free memory that has already been freed. It is possible that the flaw may allow memory corruption, denial of service, or the execution of arbitrary code, resulting in a loss of confidentiality, integrity, and/or availability.
5260 Microsoft Windows SSL Library Malformed Message Remote DoS

Windows contains a flaw that may allow a remote denial of service. The issue is triggered when a malformed SSL packet is processed by the Microsoft SSL Library, and will result in loss of availability for the platform.
5259 Microsoft Windows Negotiate SSP Code Execution

A remote overflow exists in Windows. The Negotiate Security Software Provider interface fails to validate NegTokenInit requests resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.
5258 Microsoft Windows Virtual DOS Machine Privilege Escalation

Windows contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when an attacker causes code to run in Virtual86 mode without first initializing a Virtual DOS Machine, which may allow the attacker to derefernce a null pointer and execute arbitrary code in kernel space. This flaw may lead to a loss of integrity.
5257 Microsoft Windows Local Descriptor Table Privilege Escalation

Windows contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when the NtSetLdtEntries API function fails to validate user-supplied input, which can then be passed to kernel code which also fails to validate the input. This flaw may allow an attacker to execute arbitrary code in kernel space, and lead to a loss of integrity.
5256 Microsoft Windows Unspecified H.323 Code Execution

Windows contains a flaw related to the handling of malformed H.323 requests in NetMeeting that may allow a remote attacker to execute arbitrary code. No further details have been provided.
5255 Microsoft Windows Management Privilege Escalation

Windows contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when an attacker is able to create a task which will execute with System privileges. This flaw may lead to a loss of integrity.
5254 Microsoft Windows Utility Manager Privilege Escalation

Windows contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when Utility Manager is launched, and does not release System privileges. An attacker may be able to cause Utility Manager to launch an application under System privileges, leading to a loss of integrity.
5253 Microsoft Windows Help and Support Center Command Execution

Windows contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to Help and Support Center not properly sanitizing user input supplied as part of the HCP:// URL variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.
5252 Microsoft Windows Metafile Code Execution

A remote overflow exists in Windows. The GDI32.dll PlayMetaFileRecord() API fails to validate Windows metafile-format images resulting in a heap overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.
5251 Microsoft Windows Winlogon Command Execution

A remote overflow exists in Windows. The Windows logon process fails to validate a user-supplied value resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.
5250 Microsoft Windows SSL Library Private Communications Transport (PCT) Remote O...

A remote overflow exists in the Microsoft Windows SSL library. The library fails to verify a field length during PCT 1.0 protocol negotiation. Any application which negotiates SSL using the Windows API may be vulnerable to this attack. With a specially crafted request, an attacker can execute arbitrary code with LocalSystem privileges, resulting in a loss of integrity.
5249 Microsoft Windows LDAP Crafted Request Remote DoS

Windows contains a flaw that may allow a remote denial of service. The issue is triggered when a specially crafted LDAP request is sent to a Windows 2000 server functioning as a domain controller, and will result in loss of availability for the service.
5248 Microsoft Windows LSASS Remote Overflow

A remote overflow exists in Windows. The LSA (Local Security Authority) Service fails to validate some input received on the LSARPC named pipe over TCP ports 139 and 445 resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Snort® IPS/IDS

Date Description
2014-01-10 korgo attempt
RuleID : 9420 - Revision : 13 - Type : MALWARE-OTHER
2014-01-10 sasser attempt
RuleID : 9419 - Revision : 10 - Type : MALWARE-OTHER
2014-01-10 DCERPC NCACN-HTTP lsass DsRolerUpgradeDownlevelServer overflow attempt
RuleID : 5315 - Revision : 5 - Type : NETBIOS
2014-01-10 DCERPC NCADG-IP-UDP lsass DsRolerUpgradeDownlevelServer overflow attempt
RuleID : 5314 - Revision : 7 - Type : NETBIOS
2014-01-10 DCERPC DIRECT lsass DsRolerUpgradeDownlevelServer little endian overflow attempt
RuleID : 5313 - Revision : 5 - Type : NETBIOS
2014-01-10 DCERPC NCACN-IP-TCP lsass DsRolerUpgradeDownlevelServer overflow attempt
RuleID : 5312 - Revision : 7 - Type : NETBIOS
2014-01-10 DCERPC NCACN-IP-TCP lsass DsRolerUpgradeDownlevelServer little endian overflo...
RuleID : 5311 - Revision : 7 - Type : NETBIOS
2014-01-10 DCERPC NCACN-HTTP lsass DsRolerUpgradeDownlevelServer little endian overflow ...
RuleID : 5310 - Revision : 5 - Type : NETBIOS
2014-01-10 DCERPC NCADG-IP-UDP lsass DsRolerUpgradeDownlevelServer little endian overflo...
RuleID : 5309 - Revision : 7 - Type : NETBIOS
2014-01-10 DCERPC DIRECT lsass DsRolerUpgradeDownlevelServer overflow attempt
RuleID : 5308 - Revision : 5 - Type : NETBIOS
2014-01-10 DCERPC NCACN-HTTP v4 lsass DsRolerUpgradeDownlevelServer overflow attempt
RuleID : 5307 - Revision : 5 - Type : NETBIOS
2014-01-10 DCERPC NCADG-IP-UDP v4 lsass DsRolerUpgradeDownlevelServer overflow attempt
RuleID : 5306 - Revision : 7 - Type : NETBIOS
2014-01-10 DCERPC DIRECT v4 lsass DsRolerUpgradeDownlevelServer little endian overflow a...
RuleID : 5305 - Revision : 5 - Type : NETBIOS
2014-01-10 DCERPC NCACN-IP-TCP v4 lsass DsRolerUpgradeDownlevelServer overflow attempt
RuleID : 5304 - Revision : 5 - Type : NETBIOS
2014-01-10 DCERPC NCACN-IP-TCP v4 lsass DsRolerUpgradeDownlevelServer little endian over...
RuleID : 5303 - Revision : 5 - Type : NETBIOS
2014-01-10 DCERPC NCACN-HTTP v4 lsass DsRolerUpgradeDownlevelServer little endian overfl...
RuleID : 5302 - Revision : 5 - Type : NETBIOS
2014-01-10 DCERPC NCADG-IP-UDP v4 lsass DsRolerUpgradeDownlevelServer little endian over...
RuleID : 5301 - Revision : 7 - Type : NETBIOS
2014-01-10 DCERPC DIRECT v4 lsass DsRolerUpgradeDownlevelServer overflow attempt
RuleID : 5300 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX little endian andx overf...
RuleID : 5299 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian an...
RuleID : 5298 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer unicode little endian andx overflo...
RuleID : 5297 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer little endian andx overflow attempt
RuleID : 5296 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX little endian andx ov...
RuleID : 5295 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB-DS v4 lsass DsRolerUpgradeDownlevelServer little endian andx overflow att...
RuleID : 5294 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB-DS v4 lsass DsRolerUpgradeDownlevelServer unicode little endian andx over...
RuleID : 5293 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer unicode little endian andx overflo...
RuleID : 5292 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer little endian andx overflow attempt
RuleID : 5291 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX little endian andx overf...
RuleID : 5290 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian...
RuleID : 5289 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode andx overflow at...
RuleID : 5288 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer andx overflow attempt
RuleID : 5287 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer unicode andx overflow attempt
RuleID : 5286 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode andx overflow at...
RuleID : 5285 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX andx overflow attempt
RuleID : 5284 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB-DS v4 lsass DsRolerUpgradeDownlevelServer unicode andx overflow attempt
RuleID : 5283 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB-DS v4 lsass DsRolerUpgradeDownlevelServer andx overflow attempt
RuleID : 5282 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer andx overflow attempt
RuleID : 5281 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode andx overflow...
RuleID : 5280 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer WriteAndX andx overflow attempt
RuleID : 5279 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB-DS lsass DsRolerUpgradeDownlevelServer WriteAndX andx overflow attempt
RuleID : 5278 - Revision : 7 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode andx overflow attempt
RuleID : 5277 - Revision : 7 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer unicode little endian andx overflow a...
RuleID : 5276 - Revision : 7 - Type : NETBIOS
2014-01-10 SMB-DS lsass DsRolerUpgradeDownlevelServer unicode andx overflow attempt
RuleID : 5275 - Revision : 7 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian an...
RuleID : 5274 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX andx overflow attempt
RuleID : 5273 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer andx overflow attempt
RuleID : 5272 - Revision : 7 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer WriteAndX andx overflow attempt
RuleID : 5271 - Revision : 7 - Type : NETBIOS
2014-01-10 SMB-DS lsass DsRolerUpgradeDownlevelServer WriteAndX unicode andx overflow at...
RuleID : 5270 - Revision : 7 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer little endian andx overflow attempt
RuleID : 5269 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB-DS lsass DsRolerUpgradeDownlevelServer WriteAndX little endian andx overf...
RuleID : 5268 - Revision : 7 - Type : NETBIOS
2014-01-10 SMB-DS lsass DsRolerUpgradeDownlevelServer unicode little endian andx overflo...
RuleID : 5267 - Revision : 7 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer unicode andx overflow attempt
RuleID : 5266 - Revision : 7 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer unicode andx overflow attempt
RuleID : 5265 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer little endian andx overflow attempt
RuleID : 5264 - Revision : 7 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer unicode andx overflow attempt
RuleID : 5263 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer WriteAndX little endian andx overflow...
RuleID : 5262 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer WriteAndX little endian andx overflow...
RuleID : 5261 - Revision : 7 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer unicode little endian andx overflow a...
RuleID : 5260 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian andx ...
RuleID : 5259 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB-DS lsass DsRolerUpgradeDownlevelServer little endian andx overflow attempt
RuleID : 5258 - Revision : 7 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer andx overflow attempt
RuleID : 5257 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX andx overflow attempt
RuleID : 5256 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode andx overflow attempt
RuleID : 5255 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian andx ...
RuleID : 5254 - Revision : 7 - Type : NETBIOS
2014-01-10 SMB-DS lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian an...
RuleID : 5253 - Revision : 7 - Type : NETBIOS
2014-01-10 SMB-DS lsass DsRolerUpgradeDownlevelServer andx overflow attempt
RuleID : 5252 - Revision : 7 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX little endian overflow a...
RuleID : 5251 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian ov...
RuleID : 5250 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer unicode little endian overflow att...
RuleID : 5249 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer little endian overflow attempt
RuleID : 5248 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX little endian overflo...
RuleID : 5247 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB-DS v4 lsass DsRolerUpgradeDownlevelServer little endian overflow attempt
RuleID : 5246 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB-DS v4 lsass DsRolerUpgradeDownlevelServer unicode little endian overflow ...
RuleID : 5245 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer unicode little endian overflow att...
RuleID : 5244 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer little endian overflow attempt
RuleID : 5243 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX little endian overflow a...
RuleID : 5242 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian...
RuleID : 5241 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode overflow attempt
RuleID : 5240 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer overflow attempt
RuleID : 5239 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer unicode overflow attempt
RuleID : 5238 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode overflow attempt
RuleID : 5237 - Revision : 4 - Type : NETBIOS
2014-01-10 SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX overflow attempt
RuleID : 5236 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB-DS v4 lsass DsRolerUpgradeDownlevelServer unicode overflow attempt
RuleID : 5235 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB-DS v4 lsass DsRolerUpgradeDownlevelServer overflow attempt
RuleID : 5234 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer overflow attempt
RuleID : 5233 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode overflow attempt
RuleID : 5232 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer WriteAndX overflow attempt
RuleID : 5231 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB-DS lsass DsRolerUpgradeDownlevelServer WriteAndX overflow attempt
RuleID : 5230 - Revision : 7 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode overflow attempt
RuleID : 5229 - Revision : 7 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer unicode little endian overflow attempt
RuleID : 5228 - Revision : 7 - Type : NETBIOS
2014-01-10 SMB-DS lsass DsRolerUpgradeDownlevelServer unicode overflow attempt
RuleID : 5227 - Revision : 7 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian ov...
RuleID : 5226 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX overflow attempt
RuleID : 5225 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer overflow attempt
RuleID : 5224 - Revision : 7 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer WriteAndX overflow attempt
RuleID : 5223 - Revision : 7 - Type : NETBIOS
2014-01-10 SMB-DS lsass DsRolerUpgradeDownlevelServer WriteAndX unicode overflow attempt
RuleID : 5222 - Revision : 7 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer little endian overflow attempt
RuleID : 5221 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB-DS lsass DsRolerUpgradeDownlevelServer WriteAndX little endian overflow a...
RuleID : 5220 - Revision : 7 - Type : NETBIOS
2014-01-10 SMB-DS lsass DsRolerUpgradeDownlevelServer unicode little endian overflow att...
RuleID : 5219 - Revision : 7 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer unicode overflow attempt
RuleID : 5218 - Revision : 7 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer unicode overflow attempt
RuleID : 5217 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer little endian overflow attempt
RuleID : 5216 - Revision : 7 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer unicode overflow attempt
RuleID : 5215 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer WriteAndX little endian overflow attempt
RuleID : 5214 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer WriteAndX little endian overflow attempt
RuleID : 5213 - Revision : 7 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer unicode little endian overflow attempt
RuleID : 5212 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian overf...
RuleID : 5211 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB-DS lsass DsRolerUpgradeDownlevelServer little endian overflow attempt
RuleID : 5210 - Revision : 7 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer overflow attempt
RuleID : 5209 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX overflow attempt
RuleID : 5208 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode overflow attempt
RuleID : 5207 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 DCERPC NCADG-IP-UDP lsass DsRolerGetPrimaryDomainInformation little endian at...
RuleID : 5206 - Revision : 5 - Type : NETBIOS
2014-01-10 DCERPC NCACN-HTTP lsass DsRolerGetPrimaryDomainInformation little endian attempt
RuleID : 5205 - Revision : 5 - Type : NETBIOS
2014-01-10 DCERPC NCACN-IP-TCP lsass DsRolerGetPrimaryDomainInformation little endian at...
RuleID : 5204 - Revision : 5 - Type : NETBIOS
2014-01-10 DCERPC NCADG-IP-UDP lsass DsRolerGetPrimaryDomainInformation attempt
RuleID : 5203 - Revision : 5 - Type : NETBIOS
2014-01-10 DCERPC NCACN-HTTP lsass DsRolerGetPrimaryDomainInformation attempt
RuleID : 5202 - Revision : 5 - Type : NETBIOS
2014-01-10 DCERPC DIRECT lsass DsRolerGetPrimaryDomainInformation little endian attempt
RuleID : 5201 - Revision : 5 - Type : NETBIOS
2014-01-10 DCERPC NCACN-IP-TCP lsass DsRolerGetPrimaryDomainInformation attempt
RuleID : 5200 - Revision : 5 - Type : NETBIOS
2014-01-10 DCERPC DIRECT lsass DsRolerGetPrimaryDomainInformation attempt
RuleID : 5199 - Revision : 5 - Type : NETBIOS
2014-01-10 DCERPC NCADG-IP-UDP v4 lsass DsRolerGetPrimaryDomainInformation little endian...
RuleID : 5198 - Revision : 5 - Type : NETBIOS
2014-01-10 DCERPC NCACN-HTTP v4 lsass DsRolerGetPrimaryDomainInformation little endian a...
RuleID : 5197 - Revision : 5 - Type : NETBIOS
2014-01-10 DCERPC NCACN-IP-TCP v4 lsass DsRolerGetPrimaryDomainInformation little endian...
RuleID : 5196 - Revision : 5 - Type : NETBIOS
2014-01-10 DCERPC NCADG-IP-UDP v4 lsass DsRolerGetPrimaryDomainInformation attempt
RuleID : 5195 - Revision : 5 - Type : NETBIOS
2014-01-10 DCERPC NCACN-HTTP v4 lsass DsRolerGetPrimaryDomainInformation attempt
RuleID : 5194 - Revision : 5 - Type : NETBIOS
2014-01-10 DCERPC DIRECT v4 lsass DsRolerGetPrimaryDomainInformation little endian attempt
RuleID : 5193 - Revision : 5 - Type : NETBIOS
2014-01-10 DCERPC NCACN-IP-TCP v4 lsass DsRolerGetPrimaryDomainInformation attempt
RuleID : 5192 - Revision : 5 - Type : NETBIOS
2014-01-10 DCERPC DIRECT v4 lsass DsRolerGetPrimaryDomainInformation attempt
RuleID : 5191 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little e...
RuleID : 5190 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endi...
RuleID : 5189 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode little endian andx at...
RuleID : 5188 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode little endian andx at...
RuleID : 5187 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian an...
RuleID : 5186 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian andx ...
RuleID : 5185 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation little endian andx attempt
RuleID : 5184 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode andx attempt
RuleID : 5183 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode andx attempt
RuleID : 5182 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX andx attempt
RuleID : 5181 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX andx attempt
RuleID : 5180 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode andx attempt
RuleID : 5179 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode andx attempt
RuleID : 5178 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX andx attempt
RuleID : 5177 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation andx attempt
RuleID : 5176 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation little endian andx attempt
RuleID : 5175 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation unicode little endian andx...
RuleID : 5174 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation andx attempt
RuleID : 5173 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation andx attempt
RuleID : 5172 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endi...
RuleID : 5171 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode andx attempt
RuleID : 5170 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endian ...
RuleID : 5169 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode andx attempt
RuleID : 5168 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerGetPrimaryDomainInformation unicode little endian andx attempt
RuleID : 5167 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode andx attempt
RuleID : 5166 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB lsass DsRolerGetPrimaryDomainInformation unicode andx attempt
RuleID : 5165 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX andx attempt
RuleID : 5164 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB-DS lsass DsRolerGetPrimaryDomainInformation unicode andx attempt
RuleID : 5163 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerGetPrimaryDomainInformation little endian andx attempt
RuleID : 5162 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX andx attempt
RuleID : 5161 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode andx att...
RuleID : 5160 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian andx ...
RuleID : 5159 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB-DS lsass DsRolerGetPrimaryDomainInformation unicode little endian andx at...
RuleID : 5158 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation unicode andx attempt
RuleID : 5157 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerGetPrimaryDomainInformation andx attempt
RuleID : 5156 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB lsass DsRolerGetPrimaryDomainInformation little endian andx attempt
RuleID : 5155 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endi...
RuleID : 5154 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX andx attempt
RuleID : 5153 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB-DS lsass DsRolerGetPrimaryDomainInformation andx attempt
RuleID : 5152 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerGetPrimaryDomainInformation unicode andx attempt
RuleID : 5151 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian andx att...
RuleID : 5150 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB lsass DsRolerGetPrimaryDomainInformation unicode little endian andx attempt
RuleID : 5149 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endian ...
RuleID : 5148 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB-DS lsass DsRolerGetPrimaryDomainInformation little endian andx attempt
RuleID : 5147 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation little endian andx attempt
RuleID : 5146 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian andx ...
RuleID : 5145 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian andx att...
RuleID : 5144 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerGetPrimaryDomainInformation andx attempt
RuleID : 5143 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little e...
RuleID : 5142 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endi...
RuleID : 5141 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode little endian attempt
RuleID : 5140 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode little endian attempt
RuleID : 5139 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian at...
RuleID : 5138 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian attempt
RuleID : 5137 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation little endian attempt
RuleID : 5136 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode attempt
RuleID : 5135 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode attempt
RuleID : 5134 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX attempt
RuleID : 5133 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX attempt
RuleID : 5132 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode attempt
RuleID : 5131 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode attempt
RuleID : 5130 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX attempt
RuleID : 5129 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation attempt
RuleID : 5128 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation little endian attempt
RuleID : 5127 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation unicode little endian attempt
RuleID : 5126 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation attempt
RuleID : 5125 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation attempt
RuleID : 5124 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endi...
RuleID : 5123 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode attempt
RuleID : 5122 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endian ...
RuleID : 5121 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode attempt
RuleID : 5120 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerGetPrimaryDomainInformation unicode little endian attempt
RuleID : 5119 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode attempt
RuleID : 5118 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB lsass DsRolerGetPrimaryDomainInformation unicode attempt
RuleID : 5117 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX attempt
RuleID : 5116 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB-DS lsass DsRolerGetPrimaryDomainInformation unicode attempt
RuleID : 5115 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerGetPrimaryDomainInformation little endian attempt
RuleID : 5114 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX attempt
RuleID : 5113 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode attempt
RuleID : 5112 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian attempt
RuleID : 5111 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB-DS lsass DsRolerGetPrimaryDomainInformation unicode little endian attempt
RuleID : 5110 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation unicode attempt
RuleID : 5109 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerGetPrimaryDomainInformation attempt
RuleID : 5108 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB lsass DsRolerGetPrimaryDomainInformation little endian attempt
RuleID : 5107 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endi...
RuleID : 5106 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX attempt
RuleID : 5105 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB-DS lsass DsRolerGetPrimaryDomainInformation attempt
RuleID : 5104 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB lsass DsRolerGetPrimaryDomainInformation unicode attempt
RuleID : 5103 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian attempt
RuleID : 5102 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB lsass DsRolerGetPrimaryDomainInformation unicode little endian attempt
RuleID : 5101 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endian ...
RuleID : 5100 - Revision : 5 - Type : NETBIOS-DG
2014-01-10 SMB-DS lsass DsRolerGetPrimaryDomainInformation little endian attempt
RuleID : 5099 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB v4 lsass DsRolerGetPrimaryDomainInformation little endian attempt
RuleID : 5098 - Revision : 5 - Type : NETBIOS
2014-01-10 SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian attempt
RuleID : 5097 - Revision : 5 - Type : NETBIOS
2014-01-10 DCERPC NCADG-IP-UDP lsass DsRolerGetPrimaryDomainInformation attempt
RuleID : 5096 - Revision : 11 - Type : OS-WINDOWS
2014-01-10 DCERPC NCACN-IP-TCP lsass DsRolerGetPrimaryDomainInformation attempt
RuleID : 5095 - Revision : 12 - Type : OS-WINDOWS
2014-01-10 PCT Client_Hello overflow attempt
RuleID : 3511 - Revision : 23 - Type : SMTP
2014-01-10 Microsoft Windows SSLv3 invalid data version attempt
RuleID : 3486 - Revision : 11 - Type : OS-WINDOWS
2016-03-14 Microsoft emf file download request
RuleID : 33740-community - Revision : 2 - Type : FILE-IMAGE
2015-04-10 Microsoft emf file download request
RuleID : 33740 - Revision : 2 - Type : FILE-IMAGE
2014-01-10 TLS1 Client_Hello with pad via SSLv2 handshake request
RuleID : 3060 - Revision : 4 - Type : WEB-MISC
2014-01-10 SSLv3 invalid Client_Hello attempt
RuleID : 2544 - Revision : 13 - Type : SMTP
2014-01-10 TLS SSLv3 invalid data version attempt
RuleID : 2541 - Revision : 13 - Type : SMTP
2014-01-10 SSLv3 invalid Client_Hello attempt
RuleID : 2540 - Revision : 4 - Type : SMTP
2014-01-10 SSLv3 Server_Hello request
RuleID : 2539 - Revision : 4 - Type : SMTP
2014-01-10 SSLv3 Client_Hello request
RuleID : 2538 - Revision : 4 - Type : SMTP
2014-01-10 SSLv3 invalid Client_Hello attempt
RuleID : 2537 - Revision : 12 - Type : POP3
2014-01-10 SSLv3 invalid Client_Hello attempt
RuleID : 2534 - Revision : 9 - Type : POP3
2014-01-10 SSLv3 invalid Client_Hello attempt
RuleID : 2531 - Revision : 13 - Type : IMAP
2014-01-10 PCT Client_Hello overflow attempt
RuleID : 2528 - Revision : 25 - Type : SMTP
2014-01-10 SSLv3 invalid Client_Hello attempt
RuleID : 2522 - Revision : 18 - Type : WEB-MISC
2014-01-10 Client_Hello overflow attempt
RuleID : 2519 - Revision : 4 - Type : SMTP
2014-01-10 PCT Client_Hello overflow attempt
RuleID : 2518 - Revision : 24 - Type : POP3
2014-01-10 PCT Client_Hello overflow attempt
RuleID : 2517 - Revision : 25 - Type : IMAP
2014-01-10 PCT Client_Hello overflow attempt
RuleID : 2516 - Revision : 15 - Type : POP3
2014-01-10 PCT Client_Hello overflow attempt
RuleID : 2515 - Revision : 27 - Type : OS-WINDOWS
2014-01-10 SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian overf...
RuleID : 2514 - Revision : 14 - Type : NETBIOS
2014-01-10 DCERPC NCADG-IP-UDP lsass DsRolerUpgradeDownlevelServer overflow attempt
RuleID : 2511-community - Revision : 22 - Type : OS-WINDOWS
2014-01-10 DCERPC NCADG-IP-UDP lsass DsRolerUpgradeDownlevelServer overflow attempt
RuleID : 2511 - Revision : 22 - Type : OS-WINDOWS
2014-01-10 DCERPC NCACN-IP-TCP lsass DsRolerUpgradeDownlevelServer overflow attempt
RuleID : 2508-community - Revision : 24 - Type : OS-WINDOWS
2014-01-10 DCERPC NCACN-IP-TCP lsass DsRolerUpgradeDownlevelServer overflow attempt
RuleID : 2508 - Revision : 24 - Type : OS-WINDOWS
2014-01-10 SSLv3 invalid timestamp attempt
RuleID : 2506 - Revision : 12 - Type : WEB-MISC
2014-01-10 SSLv3 invalid data version attempt
RuleID : 2505 - Revision : 11 - Type : WEB-MISC
2014-01-10 SSLv3 invalid data version attempt
RuleID : 2504 - Revision : 16 - Type : SMTP
2014-01-10 SSLv3 invalid timestamp attempt
RuleID : 2503 - Revision : 12 - Type : SMTP
2014-01-10 SSLv3 invalid data version attempt
RuleID : 2502 - Revision : 17 - Type : POP3
2014-01-10 SSLv3 invalid timestamp attempt
RuleID : 2501 - Revision : 13 - Type : POP3
2014-01-10 SSLv3 invalid data version attempt
RuleID : 2500 - Revision : 8 - Type : POP3
2014-01-10 LDAP SSLv3 invalid timestamp attempt
RuleID : 2499 - Revision : 11 - Type : MISC
2014-01-10 SSLv3 invalid timestamp attempt
RuleID : 2498 - Revision : 11 - Type : IMAP
2014-01-10 SSLv3 invalid data version attempt
RuleID : 2497 - Revision : 17 - Type : IMAP
2014-01-10 PCT Client_Hello overflow attempt
RuleID : 24401 - Revision : 3 - Type : OS-WINDOWS
2014-01-10 Microsoft emf file download request
RuleID : 2435-community - Revision : 33 - Type : FILE-IDENTIFY
2014-01-10 Microsoft emf file download request
RuleID : 2435 - Revision : 33 - Type : FILE-IDENTIFY
2014-01-10 Microsoft Windows Help Centre escape sequence XSS attempt
RuleID : 16665 - Revision : 13 - Type : OS-WINDOWS
2014-01-10 Microsoft Negotiate SSP buffer overflow attempt
RuleID : 15996 - Revision : 9 - Type : OS-WINDOWS

Metasploit Database

id Description
2004-04-13 MS04-011 Microsoft Private Communications Transport Overflow
2004-04-13 MS04-011 Microsoft LSASS Service DsRolerUpgradeDownlevelServer Overflow

Nessus® Vulnerability Scanner

Date Description
2004-06-10 Name : The remote host has been compromised.
File : dabber_worm.nasl - Type : ACT_GATHER_INFO
2004-05-26 Name : The remote host is probably infected with the Korgo worm.
File : korgo.nasl - Type : ACT_GATHER_INFO
2004-05-01 Name : The remote host is infected by a virus.
File : sasser_virus.nasl - Type : ACT_GATHER_INFO
2004-04-15 Name : Arbitrary code can be executed on the remote host due to a flaw in the LSASS ...
File : smb_kb835732.nasl - Type : ACT_GATHER_INFO
2004-04-13 Name : Arbitrary code can be executed on the remote host.
File : ms_kb835732_ssl.nasl - Type : ACT_GATHER_INFO
2004-04-13 Name : Arbitrary code can be executed on the remote host.
File : smb_nt_ms04-011.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
Date Informations
2020-05-23 13:17:12
  • Multiple Updates
2016-03-12 09:23:41
  • Multiple Updates
2016-03-12 05:23:51
  • Multiple Updates
2015-04-10 21:25:50
  • Multiple Updates
2014-02-17 11:44:58
  • Multiple Updates
2014-01-19 21:29:51
  • Multiple Updates