10 - RHSA-2007:0354

Executive Summary

Summary
Title	samba security update

Informations
Name	RHSA-2007:0354	First vendor Publication	2007-05-14
Vendor	RedHat	Last vendor Modification	2007-05-14
Severity (Vendor)	Critical	Revision	01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score	10	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated samba packages that fix several security flaws are now available.

This update has been rated as having critical security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

3. Problem description:

Samba provides file and printer sharing services to SMB/CIFS clients.

Various bugs were found in NDR parsing, used to decode MS-RPC requests in Samba. A remote attacker could have sent carefully crafted requests causing a heap overflow, which may have led to the ability to execute arbitrary code on the server. (CVE-2007-2446)

Unescaped user input parameters were being passed as arguments to /bin/sh. A remote, authenticated, user could have triggered this flaw and executed arbitrary code on the server. Additionally, on Red Hat Enterprise Linux 5 only, this flaw could be triggered by a remote unauthenticated user if Samba was configured to use the non-default "username map script" option. (CVE-2007-2447)

Users of Samba should upgrade to these packages, which contain backported patches to correct these issues. After upgrading, Samba should be restarted using "service smb restart"

On Red Hat Enterprise Linux 5 the impact of these issues is reduced as Samba is constrained by the default SELinux "targeted" policy.

Red Hat would like to thank the Samba developers, TippingPoint, and iDefense for reporting these issues.

4. Solution:

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188

5. Bug IDs fixed (http://bugzilla.redhat.com/):

239429 - CVE-2007-2446 samba heap overflows 239774 - CVE-2007-2447 samba code injection

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2007-0354.html

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10062

Oval ID:	oval:org.mitre.oval:def:10062
Title:	The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.
Description:	The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2007-2447	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section samba-common is earlier than 0:3.0.9-1.3E.13.2 AND samba-swat is earlier than 0:3.0.9-1.3E.13.2 AND samba-client is earlier than 0:3.0.9-1.3E.13.2 AND samba is earlier than 0:3.0.9-1.3E.13.2 OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section samba-common is earlier than 0:3.0.10-1.4E.12.2 AND samba-swat is earlier than 0:3.0.10-1.4E.12.2 AND samba-client is earlier than 0:3.0.10-1.4E.12.2 AND samba is earlier than 0:3.0.10-1.4E.12.2 OR OS Section: RHEL5, CentOS5, Oracle Linux 5 RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section samba-common is earlier than 0:3.0.23c-2.el5.2.0.2 AND samba-swat is earlier than 0:3.0.23c-2.el5.2.0.2 AND samba-client is earlier than 0:3.0.23c-2.el5.2.0.2 AND samba is earlier than 0:3.0.23c-2.el5.2.0.2

Definition Id: oval:org.mitre.oval:def:11415

Oval ID:	oval:org.mitre.oval:def:11415
Title:	Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving (1) DFSEnum (netdfs_io_dfs_EnumInfo_d), (2) RFNPCNEX (smb_io_notify_option_type_data), (3) LsarAddPrivilegesToAccount (lsa_io_privilege_set), (4) NetSetFileSecurity (sec_io_acl), or (5) LsarLookupSids/LsarLookupSids2 (lsa_io_trans_names).
Description:	Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving (1) DFSEnum (netdfs_io_dfs_EnumInfo_d), (2) RFNPCNEX (smb_io_notify_option_type_data), (3) LsarAddPrivilegesToAccount (lsa_io_privilege_set), (4) NetSetFileSecurity (sec_io_acl), or (5) LsarLookupSids/LsarLookupSids2 (lsa_io_trans_names).
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2007-2446	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section samba-common is earlier than 0:3.0.9-1.3E.13.2 AND samba-swat is earlier than 0:3.0.9-1.3E.13.2 AND samba-client is earlier than 0:3.0.9-1.3E.13.2 AND samba is earlier than 0:3.0.9-1.3E.13.2 OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section samba-common is earlier than 0:3.0.10-1.4E.12.2 AND samba-swat is earlier than 0:3.0.10-1.4E.12.2 AND samba-client is earlier than 0:3.0.10-1.4E.12.2 AND samba is earlier than 0:3.0.10-1.4E.12.2 OR OS Section: RHEL5, CentOS5, Oracle Linux 5 RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section samba-common is earlier than 0:3.0.23c-2.el5.2.0.2 AND samba-swat is earlier than 0:3.0.23c-2.el5.2.0.2 AND samba-client is earlier than 0:3.0.23c-2.el5.2.0.2 AND samba is earlier than 0:3.0.23c-2.el5.2.0.2

Definition Id: oval:org.mitre.oval:def:20051

Oval ID:	oval:org.mitre.oval:def:20051
Title:	DSA-1291-2 samba
Description:	Several issues have been identified in Samba, the SMB/CIFS file- and print-server implementation for GNU/Linux.
Family:	unix	Class:	patch
Reference(s):	DSA-1291-2 CVE-2007-2444 CVE-2007-2446 CVE-2007-2447	Version:	5
Platform(s):	Debian GNU/Linux 4.0	Product(s):	samba
Definition Synopsis:
Debian GNU/Linux 4.0 is installed. AND samba DPKG is earlier than 0:3.0.24-6etch2

Definition Id: oval:org.mitre.oval:def:22405

Oval ID:	oval:org.mitre.oval:def:22405
Title:	ELSA-2007:0354: samba security update (Critical)
Description:	The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.
Family:	unix	Class:	patch
Reference(s):	ELSA-2007:0354-02 CVE-2007-2446 CVE-2007-2447	Version:	13
Platform(s):	Oracle Linux 5	Product(s):	samba
Definition Synopsis:
Oracle Linux 5.x rpm test samba-client is earlier than 0:3.0.23c-2.el5.2.0.2 AND samba-common is earlier than 0:3.0.23c-2.el5.2.0.2 AND samba is earlier than 0:3.0.23c-2.el5.2.0.2 AND samba-swat is earlier than 0:3.0.23c-2.el5.2.0.2

CPE : Common Platform Enumeration

Type	Description	Count
Application	Samba cpe:2.3:a:samba:samba:3.0.9:::::::* cpe:2.3:a:samba:samba:3.0.8:::::::* cpe:2.3:a:samba:samba:3.0.7:::::::* cpe:2.3:a:samba:samba:3.0.6:::::::* cpe:2.3:a:samba:samba:3.0.5:::::::* cpe:2.3:a:samba:samba:3.0.4:rc1:::::: cpe:2.3:a:samba:samba:3.0.4:-:::::: cpe:2.3:a:samba:samba:3.0.3:::::::* cpe:2.3:a:samba:samba:3.0.2a:::::::* cpe:2.3:a:samba:samba:3.0.25:rc3:::::: cpe:2.3:a:samba:samba:3.0.25:pre1:::::: cpe:2.3:a:samba:samba:3.0.25:rc2:::::: cpe:2.3:a:samba:samba:3.0.25:rc1:::::: cpe:2.3:a:samba:samba:3.0.25:pre2:::::: cpe:2.3:a:samba:samba:3.0.24:::::::* cpe:2.3:a:samba:samba:3.0.23d:::::::* cpe:2.3:a:samba:samba:3.0.23c:::::::* cpe:2.3:a:samba:samba:3.0.23b:::::::* cpe:2.3:a:samba:samba:3.0.23a:::::::* cpe:2.3:a:samba:samba:3.0.23:-:::::: cpe:2.3:a:samba:samba:3.0.22:::::::* cpe:2.3:a:samba:samba:3.0.21c:::::::* cpe:2.3:a:samba:samba:3.0.21b:::::::* cpe:2.3:a:samba:samba:3.0.21a:::::::* cpe:2.3:a:samba:samba:3.0.21:-:::::: cpe:2.3:a:samba:samba:3.0.20b:::::::* cpe:2.3:a:samba:samba:3.0.20a:::::::* cpe:2.3:a:samba:samba:3.0.20:-:::::: cpe:2.3:a:samba:samba:3.0.2:-:::::: cpe:2.3:a:samba:samba:3.0.19:::::::* cpe:2.3:a:samba:samba:3.0.18:::::::* cpe:2.3:a:samba:samba:3.0.17:::::::* cpe:2.3:a:samba:samba:3.0.16:::::::* cpe:2.3:a:samba:samba:3.0.15:::::::* cpe:2.3:a:samba:samba:3.0.14a:::::::* cpe:2.3:a:samba:samba:3.0.14:-:::::: cpe:2.3:a:samba:samba:3.0.13:::::::* cpe:2.3:a:samba:samba:3.0.12:::::::* cpe:2.3:a:samba:samba:3.0.11:::::::* cpe:2.3:a:samba:samba:3.0.10:::::::* cpe:2.3:a:samba:samba:3.0.1:::::::* cpe:2.3:a:samba:samba:3.0.0:::::::*	42

SAINT Exploits

Description	Link
Samba lsa_io_trans_names buffer overflow	More info here

ExploitDB Exploits

id	Description
2010-08-18	Samba "username map script" Command Execution

OpenVAS Exploits

Date	Description
2011-08-09	Name : CentOS Update for samba CESA-2009:1528 centos3 i386 File : nvt/gb_CESA-2009_1528_samba_centos3_i386.nasl
2010-02-15	Name : Solaris Update for Samba 114685-15 File : nvt/gb_solaris_114685_15.nasl
2010-02-15	Name : Solaris Update for Samba 114684-15 File : nvt/gb_solaris_114684_15.nasl
2009-11-17	Name : Mac OS X Version File : nvt/macosx_version.nasl
2009-11-11	Name : RedHat Security Advisory RHSA-2009:1528 File : nvt/RHSA_2009_1528.nasl
2009-10-13	Name : Solaris Update for Samba 119758-16 File : nvt/gb_solaris_119758_16.nasl
2009-10-13	Name : Solaris Update for Samba 119757-16 File : nvt/gb_solaris_119757_16.nasl
2009-10-13	Name : Solaris Update for Samba 114685-14 File : nvt/gb_solaris_114685_14.nasl
2009-10-13	Name : Solaris Update for Samba 114684-14 File : nvt/gb_solaris_114684_14.nasl
2009-10-10	Name : SLES9: Security update for Samba File : nvt/sles9p5019481.nasl
2009-10-10	Name : SLES9: Security update for Samba File : nvt/sles9p5009819.nasl
2009-09-23	Name : Solaris Update for Samba 119758-15 File : nvt/gb_solaris_119758_15.nasl
2009-09-23	Name : Solaris Update for Samba 119757-15 File : nvt/gb_solaris_119757_15.nasl
2009-06-03	Name : Solaris Update for Samba 114685-13 File : nvt/gb_solaris_114685_13.nasl
2009-06-03	Name : Solaris Update for Samba 119758-14 File : nvt/gb_solaris_119758_14.nasl
2009-06-03	Name : Solaris Update for Samba 119757-14 File : nvt/gb_solaris_119757_14.nasl
2009-06-03	Name : Solaris Update for Samba 114684-13 File : nvt/gb_solaris_114684_13.nasl
2009-05-05	Name : HP-UX Update for CIFS Server (Samba) HPSBUX02218 File : nvt/gb_hp_ux_HPSBUX02218.nasl
2009-04-09	Name : Mandriva Update for samba MDKSA-2007:104-1 (samba) File : nvt/gb_mandriva_MDKSA_2007_104_1.nasl
2009-04-09	Name : Mandriva Update for samba MDKSA-2007:104 (samba) File : nvt/gb_mandriva_MDKSA_2007_104.nasl
2009-03-23	Name : Ubuntu Update for samba vulnerabilities USN-460-1 File : nvt/gb_ubuntu_USN_460_1.nasl
2009-02-27	Name : Fedora Update for samba FEDORA-2007-507 File : nvt/gb_fedora_2007_507_samba_fc6.nasl
2009-02-27	Name : Fedora Update for samba FEDORA-2007-506 File : nvt/gb_fedora_2007_506_samba_fc5.nasl
2009-01-28	Name : SuSE Update for samba SUSE-SA:2007:031 File : nvt/gb_suse_2007_031.nasl
2008-09-24	Name : Gentoo Security Advisory GLSA 200705-15 (samba) File : nvt/glsa_200705_15.nasl
2008-09-04	Name : FreeBSD Ports: samba, ja-samba File : nvt/freebsd_samba12.nasl
2008-01-17	Name : Debian Security Advisory DSA 1291-4 (samba) File : nvt/deb_1291_4.nasl
2008-01-17	Name : Debian Security Advisory DSA 1291-3 (samba) File : nvt/deb_1291_3.nasl
2008-01-17	Name : Debian Security Advisory DSA 1291-2 (samba) File : nvt/deb_1291_2.nasl
0000-00-00	Name : Slackware Advisory SSA:2007-134-01 samba File : nvt/esoft_slk_ssa_2007_134_01.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
34733	Samba DFS RPC Interface DFSEnum Request Remote Overflow
34732	Samba SPOOLSS RPC Interface RFNPCNEX Request Remote Overflow A remote overflow exists in Samba. The application fails to properly verify user-suplied input when parsing RPC requests to the SPOOLSS RPC interface resulting in a heap-based overflow. With a specially crafted request to RFNPCNEX, an attacker can cause heap space to be overwritten and possible trigger the execution of arbitrary code resulting in a loss of integrity or availability.
34731	Samba SRVSVC RPC Interface NetSetFileSecurity Request Remote Overflow
34700	Samba Unfiltered MS-RPC Calls Arbitrary Remote Command Execution Samba contains a flaw that may allow a malicious user to execute arbitrary shell commands. The issue is triggered due to MS-RPC does not properly check user-supplied input when passing RPC messages from external scripts to '/bin/sh'. It is possible that the flaw may allow code execution resulting in a loss of integrity.
34699	Samba LSA RPC Interface Multiple Function Remote Overflow A remote overflow exists in Samba. The LSA RPC Interface fails to validate MS-RPC requests resulting in a heap overflow. With a specially crafted request, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

Snort® IPS/IDS

Date	Description
2016-09-13	DCERPC NCACN-IP-TCP lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 39875 - Revision : 2 - Type : NETBIOS
2014-01-10	Samba username map script command injection attempt RuleID : 21164 - Revision : 6 - Type : SERVER-SAMBA
2014-01-10	DCERPC NCACN-IP-TCP lsarpc LsarLookupSids lsa_io_trans_name heap overflow att... RuleID : 18472 - Revision : 9 - Type : NETBIOS
2014-01-10	Samba DCERPC NCACN-IP-TCP lsarpc LsarLookupSids lsa_io_trans_name heap overfl... RuleID : 18319 - Revision : 9 - Type : SERVER-SAMBA
2014-01-10	NETBIOS DCERPC NCACN-IP-TCP lsarpc LsarLookupSids lsa_io_trans_name heap over... RuleID : 18314 - Revision : 4 - Type : SPECIFIC-THREATS
2014-01-10	DCERPC NCADG-IP-UDP netdfs NetrDfsEnum attempt RuleID : 18192 - Revision : 8 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP netdfs NetrDfsEnum attempt RuleID : 18191 - Revision : 8 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP netdfs NetrDfsEnum attempt RuleID : 18190 - Revision : 8 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP netdfs NetrDfsEnum attempt RuleID : 18189 - Revision : 8 - Type : NETBIOS
2014-01-10	Samba spools RPC smb_io_notify_option_type_data request handling buffer overf... RuleID : 16034 - Revision : 6 - Type : SERVER-SAMBA
2014-01-10	DCERPC NCACN-IP-TCP spoolss RouteRefreshPrinterChangeNotification attempt RuleID : 15911 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP lsarpc LsarLookupSids translated_names overflow attempt RuleID : 15508 - Revision : 6 - Type : SERVER-OTHER
2014-01-10	DCERPC NCACN-IP-TCP lsarpc LsarLookupSids translated_names overflow attempt RuleID : 15507 - Revision : 5 - Type : SPECIFIC-THREATS
2014-01-10	DCERPC NCADG-IP-UDP netdfs NetrDfsEnum overflow attempt RuleID : 14988 - Revision : 11 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP netdfs NetrDfsEnum overflow attempt RuleID : 14900 - Revision : 15 - Type : NETBIOS
2014-01-10	DCERPC DIRECT srvsvc NetSetFileSecurity object call integer overflow attempt RuleID : 13157 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP srvsvc NetSetFileSecurity little endian object call integ... RuleID : 13156 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP srvsvc NetSetFileSecurity little endian object call integ... RuleID : 13155 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP srvsvc NetSetFileSecurity little endian object call integer... RuleID : 13154 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP srvsvc NetSetFileSecurity object call integer overflow attempt RuleID : 13153 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP srvsvc NetSetFileSecurity object call integer overflow at... RuleID : 13152 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT srvsvc NetSetFileSecurity little endian object call integer ove... RuleID : 13151 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP srvsvc NetSetFileSecurity little endian object call integer... RuleID : 13150 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP srvsvc NetSetFileSecurity object call integer overflow attempt RuleID : 13149 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP srvsvc NetSetFileSecurity object call integer overflow at... RuleID : 13148 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP v4 srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13147 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13146 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP srvsvc NetSetFileSecurity little endian integer overflow ... RuleID : 13145 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP srvsvc NetSetFileSecurity little endian integer overflow ... RuleID : 13144 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP v4 srvsvc NetSetFileSecurity little endian integer overfl... RuleID : 13143 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP v4 srvsvc NetSetFileSecurity little endian integer overflow... RuleID : 13142 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT v4 srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13141 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP v4 srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13140 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP v4 srvsvc NetSetFileSecurity little endian integer overfl... RuleID : 13139 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP v4 srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13138 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP srvsvc NetSetFileSecurity little endian integer overflow at... RuleID : 13137 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13136 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP v4 srvsvc NetSetFileSecurity little endian integer overflow... RuleID : 13135 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13134 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT srvsvc NetSetFileSecurity little endian integer overflow attempt RuleID : 13133 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP srvsvc NetSetFileSecurity little endian integer overflow at... RuleID : 13132 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13131 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13130 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP v4 srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13129 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT v4 srvsvc NetSetFileSecurity little endian integer overflow att... RuleID : 13128 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode little endian andx object cal... RuleID : 13127 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity unicode little endian andx object call integer ... RuleID : 13126 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX little endian andx object call intege... RuleID : 13125 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity little endian andx object call integer overflow... RuleID : 13124 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB-DS srvsvc NetSetFileSecurity WriteAndX unicode little endian andx object ... RuleID : 13123 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB-DS srvsvc NetSetFileSecurity unicode little endian andx object call integ... RuleID : 13122 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB-DS srvsvc NetSetFileSecurity WriteAndX little endian andx object call int... RuleID : 13121 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB-DS srvsvc NetSetFileSecurity little endian andx object call integer overf... RuleID : 13120 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode little endian andx object cal... RuleID : 13119 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity unicode little endian andx object call integer ... RuleID : 13118 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX little endian andx object call intege... RuleID : 13117 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity little endian andx object call integer overflow... RuleID : 13116 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode andx object call integer over... RuleID : 13115 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity unicode andx object call integer overflow attempt RuleID : 13114 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX andx object call integer overflow att... RuleID : 13113 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity andx object call integer overflow attempt RuleID : 13112 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB-DS srvsvc NetSetFileSecurity WriteAndX unicode andx object call integer o... RuleID : 13111 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB-DS srvsvc NetSetFileSecurity unicode andx object call integer overflow at... RuleID : 13110 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB-DS srvsvc NetSetFileSecurity WriteAndX andx object call integer overflow ... RuleID : 13109 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB-DS srvsvc NetSetFileSecurity andx object call integer overflow attempt RuleID : 13108 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode andx object call integer over... RuleID : 13107 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity unicode andx object call integer overflow attempt RuleID : 13106 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX andx object call integer overflow att... RuleID : 13105 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity andx object call integer overflow attempt RuleID : 13104 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode little endian andx integer ov... RuleID : 13103 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity unicode little endian andx integer overflow att... RuleID : 13102 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX little endian andx integer overflow a... RuleID : 13101 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity little endian andx integer overflow attempt RuleID : 13100 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB-DS srvsvc NetSetFileSecurity WriteAndX unicode little endian andx integer... RuleID : 13099 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB-DS srvsvc NetSetFileSecurity unicode little endian andx integer overflow ... RuleID : 13098 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP srvsvc NetSetFileSecurity little endian object call integer... RuleID : 13097 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP srvsvc NetSetFileSecurity object call integer overflow attempt RuleID : 13096 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP srvsvc NetSetFileSecurity object call integer overflow at... RuleID : 13095 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP srvsvc NetSetFileSecurity object call integer overflow at... RuleID : 13094 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP srvsvc NetSetFileSecurity little endian object call integ... RuleID : 13093 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP srvsvc NetSetFileSecurity little endian object call integ... RuleID : 13092 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP v4 srvsvc NetSetFileSecurity little endian integer overfl... RuleID : 13091 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP srvsvc NetSetFileSecurity little endian integer overflow at... RuleID : 13090 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13089 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP v4 srvsvc NetSetFileSecurity little endian integer overflow... RuleID : 13088 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP v4 srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13087 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP v4 srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13086 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13085 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13084 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP v4 srvsvc NetSetFileSecurity little endian integer overfl... RuleID : 13083 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP srvsvc NetSetFileSecurity little endian integer overflow ... RuleID : 13082 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP srvsvc NetSetFileSecurity little endian integer overflow ... RuleID : 13081 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP v4 srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13080 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode little endian andx object cal... RuleID : 13079 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity unicode little endian andx object call integer ... RuleID : 13078 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX little endian andx object call intege... RuleID : 13077 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity little endian andx object call integer overflow... RuleID : 13076 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode little endian andx object cal... RuleID : 13075 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity unicode little endian andx object call integer ... RuleID : 13074 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX little endian andx object call intege... RuleID : 13073 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity little endian andx object call integer overflow... RuleID : 13072 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode andx object call integer over... RuleID : 13071 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity unicode andx object call integer overflow attempt RuleID : 13070 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX andx object call integer overflow att... RuleID : 13069 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity andx object call integer overflow attempt RuleID : 13068 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode andx object call integer over... RuleID : 13067 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX andx object call integer overflow att... RuleID : 13066 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity unicode andx object call integer overflow attempt RuleID : 13065 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity andx object call integer overflow attempt RuleID : 13064 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode little endian andx integer ov... RuleID : 13063 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity unicode little endian andx integer overflow att... RuleID : 13062 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX little endian andx integer overflow a... RuleID : 13061 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity little endian andx integer overflow attempt RuleID : 13060 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode little endian andx integer ov... RuleID : 13059 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity unicode little endian andx integer overflow att... RuleID : 13058 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX little endian andx integer overflow a... RuleID : 13057 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity little endian andx integer overflow attempt RuleID : 13056 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode andx integer overflow attempt RuleID : 13055 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity unicode andx integer overflow attempt RuleID : 13054 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX andx integer overflow attempt RuleID : 13053 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity andx integer overflow attempt RuleID : 13052 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode andx integer overflow attempt RuleID : 13051 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX andx integer overflow attempt RuleID : 13050 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity unicode andx integer overflow attempt RuleID : 13049 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity andx integer overflow attempt RuleID : 13048 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB v4 srvsvc NetSetFileSecurity WriteAndX unicode little endian andx integer... RuleID : 13047 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB v4 srvsvc NetSetFileSecurity little endian andx integer overflow attempt RuleID : 13046 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB v4 srvsvc NetSetFileSecurity WriteAndX unicode andx integer overflow attempt RuleID : 13045 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB v4 srvsvc NetSetFileSecurity unicode andx integer overflow attempt RuleID : 13044 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB v4 srvsvc NetSetFileSecurity WriteAndX andx integer overflow attempt RuleID : 13043 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB v4 srvsvc NetSetFileSecurity andx integer overflow attempt RuleID : 13042 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB v4 srvsvc NetSetFileSecurity WriteAndX little endian andx integer overflo... RuleID : 13041 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB v4 srvsvc NetSetFileSecurity WriteAndX unicode andx integer overflow attempt RuleID : 13040 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB v4 srvsvc NetSetFileSecurity WriteAndX andx integer overflow attempt RuleID : 13039 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB v4 srvsvc NetSetFileSecurity unicode andx integer overflow attempt RuleID : 13038 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB v4 srvsvc NetSetFileSecurity little endian andx integer overflow attempt RuleID : 13037 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB v4 srvsvc NetSetFileSecurity WriteAndX unicode little endian andx integer... RuleID : 13036 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB v4 srvsvc NetSetFileSecurity unicode little endian andx integer overflow ... RuleID : 13035 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB v4 srvsvc NetSetFileSecurity unicode little endian andx integer overflow ... RuleID : 13034 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB v4 srvsvc NetSetFileSecurity WriteAndX little endian andx integer overflo... RuleID : 13033 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB v4 srvsvc NetSetFileSecurity andx integer overflow attempt RuleID : 13032 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode little endian object call int... RuleID : 13031 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity unicode little endian object call integer overf... RuleID : 13030 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX little endian object call integer ove... RuleID : 13029 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity little endian object call integer overflow attempt RuleID : 13028 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode little endian object call int... RuleID : 13027 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity unicode little endian object call integer overf... RuleID : 13026 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX little endian object call integer ove... RuleID : 13025 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity little endian object call integer overflow attempt RuleID : 13024 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode object call integer overflow ... RuleID : 13023 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity unicode object call integer overflow attempt RuleID : 13022 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX object call integer overflow attempt RuleID : 13021 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity object call integer overflow attempt RuleID : 13020 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode object call integer overflow ... RuleID : 13019 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX object call integer overflow attempt RuleID : 13018 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity unicode object call integer overflow attempt RuleID : 13017 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity object call integer overflow attempt RuleID : 13016 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode little endian integer overflo... RuleID : 13015 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity unicode little endian integer overflow attempt RuleID : 13014 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX little endian integer overflow attempt RuleID : 13013 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity little endian integer overflow attempt RuleID : 13012 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode little endian integer overflo... RuleID : 13011 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity unicode little endian integer overflow attempt RuleID : 13010 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX little endian integer overflow attempt RuleID : 13009 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity little endian integer overflow attempt RuleID : 13008 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode integer overflow attempt RuleID : 13007 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity unicode integer overflow attempt RuleID : 13006 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX integer overflow attempt RuleID : 13005 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13004 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode integer overflow attempt RuleID : 13003 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX integer overflow attempt RuleID : 13002 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity unicode integer overflow attempt RuleID : 13001 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13000 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB v4 srvsvc NetSetFileSecurity WriteAndX unicode little endian integer over... RuleID : 12999 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB v4 srvsvc NetSetFileSecurity little endian integer overflow attempt RuleID : 12998 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB v4 srvsvc NetSetFileSecurity WriteAndX unicode integer overflow attempt RuleID : 12997 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB v4 srvsvc NetSetFileSecurity unicode integer overflow attempt RuleID : 12996 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB v4 srvsvc NetSetFileSecurity WriteAndX integer overflow attempt RuleID : 12995 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB v4 srvsvc NetSetFileSecurity integer overflow attempt RuleID : 12994 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB v4 srvsvc NetSetFileSecurity WriteAndX little endian integer overflow att... RuleID : 12993 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB v4 srvsvc NetSetFileSecurity WriteAndX unicode integer overflow attempt RuleID : 12992 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB v4 srvsvc NetSetFileSecurity WriteAndX integer overflow attempt RuleID : 12991 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB v4 srvsvc NetSetFileSecurity unicode integer overflow attempt RuleID : 12990 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB v4 srvsvc NetSetFileSecurity little endian integer overflow attempt RuleID : 12989 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB v4 srvsvc NetSetFileSecurity WriteAndX unicode little endian integer over... RuleID : 12988 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB v4 srvsvc NetSetFileSecurity unicode little endian integer overflow attempt RuleID : 12987 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB v4 srvsvc NetSetFileSecurity unicode little endian integer overflow attempt RuleID : 12986 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	DCERPC NCADG-IP-UDP srvsvc NetSetFileSecurity integer overflow attempt RuleID : 12985 - Revision : 11 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP srvsvc NetSetFileSecurity integer overflow attempt RuleID : 12984 - Revision : 15 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP lsarpc LsarAddPrivilegesToAccount object call overflow attempt RuleID : 11615 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC DIRECT lsarpc LsarAddPrivilegesToAccount little endian object call ove... RuleID : 11614 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP lsarpc LsarAddPrivilegesToAccount object call overflow at... RuleID : 11613 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP lsarpc LsarAddPrivilegesToAccount little endian object ca... RuleID : 11612 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP lsarpc LsarAddPrivilegesToAccount little endian object call... RuleID : 11611 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP lsarpc LsarAddPrivilegesToAccount object call overflow at... RuleID : 11610 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP lsarpc LsarAddPrivilegesToAccount little endian object ca... RuleID : 11609 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP lsarpc LsarAddPrivilegesToAccount little endian object call... RuleID : 11608 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP lsarpc LsarAddPrivilegesToAccount object call overflow attempt RuleID : 11607 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC DIRECT lsarpc LsarAddPrivilegesToAccount object call overflow attempt RuleID : 11606 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP v4 lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11605 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11604 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC DIRECT v4 lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11603 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC DIRECT lsarpc LsarAddPrivilegesToAccount little endian overflow attempt RuleID : 11602 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11601 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP v4 lsarpc LsarAddPrivilegesToAccount little endian overflow... RuleID : 11600 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP v4 lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11599 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP lsarpc LsarAddPrivilegesToAccount little endian overflow ... RuleID : 11598 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP lsarpc LsarAddPrivilegesToAccount little endian overflow at... RuleID : 11597 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11596 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP lsarpc LsarAddPrivilegesToAccount little endian overflow ... RuleID : 11595 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP lsarpc LsarAddPrivilegesToAccount little endian overflow at... RuleID : 11594 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11593 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP v4 lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11592 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC DIRECT v4 lsarpc LsarAddPrivilegesToAccount little endian overflow att... RuleID : 11591 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP v4 lsarpc LsarAddPrivilegesToAccount little endian overfl... RuleID : 11590 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP v4 lsarpc LsarAddPrivilegesToAccount little endian overfl... RuleID : 11589 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP v4 lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11588 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC DIRECT lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11587 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP v4 lsarpc LsarAddPrivilegesToAccount little endian overflow... RuleID : 11586 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount little endian andx overflow attempt RuleID : 11585 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount little endian andx object call overflow... RuleID : 11584 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode little endian andx object call ... RuleID : 11583 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX little endian andx object cal... RuleID : 11582 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian andx ob... RuleID : 11581 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount unicode little endian andx object ca... RuleID : 11580 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount little endian andx object call overflow... RuleID : 11579 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX little endian andx object ... RuleID : 11578 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian andx... RuleID : 11577 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian andx ob... RuleID : 11576 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX little endian andx object cal... RuleID : 11575 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode little endian andx object call ... RuleID : 11574 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount andx object call overflow attempt RuleID : 11573 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode andx object call overflow attempt RuleID : 11572 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX andx object call overflow att... RuleID : 11571 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode andx object call over... RuleID : 11570 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount unicode andx object call overflow at... RuleID : 11569 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount andx object call overflow attempt RuleID : 11568 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount little endian andx object call overf... RuleID : 11567 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX andx object call overflow ... RuleID : 11566 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX unicode andx object call o... RuleID : 11565 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode andx object call over... RuleID : 11564 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode andx object call overflow attempt RuleID : 11563 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount andx object call overflow attempt RuleID : 11562 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX andx object call overflow att... RuleID : 11561 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode little endian andx overflow att... RuleID : 11560 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX little endian andx overflow a... RuleID : 11559 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian andx ov... RuleID : 11558 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount unicode little endian andx overflow ... RuleID : 11557 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount little endian andx overflow attempt RuleID : 11556 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX little endian andx overflo... RuleID : 11555 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian andx... RuleID : 11554 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian andx ov... RuleID : 11553 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX little endian andx overflow a... RuleID : 11552 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode little endian andx overflow att... RuleID : 11551 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount andx overflow attempt RuleID : 11550 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode andx overflow attempt RuleID : 11549 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX andx overflow attempt RuleID : 11548 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode andx overflow attempt RuleID : 11547 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount unicode andx overflow attempt RuleID : 11546 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount andx overflow attempt RuleID : 11545 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount andx overflow attempt RuleID : 11544 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX andx overflow attempt RuleID : 11543 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount little endian andx overflow attempt RuleID : 11542 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount andx overflow attempt RuleID : 11541 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX unicode andx overflow attempt RuleID : 11540 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount WriteAndX unicode andx overflow a... RuleID : 11539 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount andx overflow attempt RuleID : 11538 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX unicode andx overflow attempt RuleID : 11537 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX andx overflow attempt RuleID : 11536 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount little endian andx overflow attempt RuleID : 11535 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount unicode andx overflow attempt RuleID : 11534 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount unicode andx overflow attempt RuleID : 11533 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount unicode andx overflow attempt RuleID : 11532 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount WriteAndX andx overflow attempt RuleID : 11531 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX andx overflow attempt RuleID : 11530 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX unicode andx overflow attempt RuleID : 11529 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode andx overflow attempt RuleID : 11528 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode andx overflow attempt RuleID : 11527 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount andx overflow attempt RuleID : 11526 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX andx overflow attempt RuleID : 11525 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount little endian andx overflow attempt RuleID : 11524 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX little endian andx overflo... RuleID : 11523 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian andx... RuleID : 11522 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount unicode little endian andx overfl... RuleID : 11521 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount little endian andx overflow attempt RuleID : 11520 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount WriteAndX little endian andx over... RuleID : 11519 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian a... RuleID : 11518 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX little endian andx overflo... RuleID : 11517 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian andx... RuleID : 11516 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount unicode little endian andx overflow ... RuleID : 11515 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount unicode little endian andx overflow ... RuleID : 11514 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount little endian overflow attempt RuleID : 11513 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount little endian object call overflow attempt RuleID : 11512 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode little endian object call overf... RuleID : 11511 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX little endian object call ove... RuleID : 11510 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian object ... RuleID : 11509 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount unicode little endian object call ov... RuleID : 11508 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount little endian object call overflow attempt RuleID : 11507 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX little endian object call ... RuleID : 11506 - Revision : 2 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian obje... RuleID : 11505 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian object ... RuleID : 11504 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX little endian object call ove... RuleID : 11503 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode little endian object call overf... RuleID : 11502 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount object call overflow attempt RuleID : 11501 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode object call overflow attempt RuleID : 11500 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX object call overflow attempt RuleID : 11499 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode object call overflow ... RuleID : 11498 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount unicode object call overflow attempt RuleID : 11497 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount object call overflow attempt RuleID : 11496 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount little endian object call overflow a... RuleID : 11495 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX object call overflow attempt RuleID : 11494 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX unicode object call overfl... RuleID : 11493 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode object call overflow ... RuleID : 11492 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode object call overflow attempt RuleID : 11491 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount object call overflow attempt RuleID : 11490 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX object call overflow attempt RuleID : 11489 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode little endian overflow attempt RuleID : 11488 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX little endian overflow attempt RuleID : 11487 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian overflo... RuleID : 11486 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount unicode little endian overflow attempt RuleID : 11485 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount little endian overflow attempt RuleID : 11484 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX little endian overflow att... RuleID : 11483 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian over... RuleID : 11482 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian overflo... RuleID : 11481 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX little endian overflow attempt RuleID : 11480 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode little endian overflow attempt RuleID : 11479 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11478 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode overflow attempt RuleID : 11477 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX overflow attempt RuleID : 11476 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode overflow attempt RuleID : 11475 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount unicode overflow attempt RuleID : 11474 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11473 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11472 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX overflow attempt RuleID : 11471 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount little endian overflow attempt RuleID : 11470 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11469 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX unicode overflow attempt RuleID : 11468 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount WriteAndX unicode overflow attempt RuleID : 11467 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11466 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX unicode overflow attempt RuleID : 11465 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX overflow attempt RuleID : 11464 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount little endian overflow attempt RuleID : 11463 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount unicode overflow attempt RuleID : 11462 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount unicode overflow attempt RuleID : 11461 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount unicode overflow attempt RuleID : 11460 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount WriteAndX overflow attempt RuleID : 11459 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX overflow attempt RuleID : 11458 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX unicode overflow attempt RuleID : 11457 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode overflow attempt RuleID : 11456 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode overflow attempt RuleID : 11455 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11454 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX overflow attempt RuleID : 11453 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount little endian overflow attempt RuleID : 11452 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX little endian overflow att... RuleID : 11451 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian over... RuleID : 11450 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount unicode little endian overflow at... RuleID : 11449 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount little endian overflow attempt RuleID : 11448 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount WriteAndX little endian overflow ... RuleID : 11447 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian o... RuleID : 11446 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX little endian overflow att... RuleID : 11445 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian over... RuleID : 11444 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11443 - Revision : 10 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11442 - Revision : 14 - Type : NETBIOS

Nessus® Vulnerability Scanner

Date	Description
2015-04-06	Name : The file and print server running on the remote host is affected by a remote ... File : samba_3_login_rce.nasl - Type : ACT_ATTACK
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1528.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0354.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20070514_samba_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2009-10-28	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1528.nasl - Type : ACT_GATHER_INFO
2009-10-28	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1528.nasl - Type : ACT_GATHER_INFO
2009-07-27	Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2007-0006.nasl - Type : ACT_GATHER_INFO
2008-01-14	Name : The remote multi-function device is affected by multiple issues. File : xerox_xrx08_001.nasl - Type : ACT_GATHER_INFO
2007-12-13	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_samba-3829.nasl - Type : ACT_GATHER_INFO
2007-12-13	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_samba-3351.nasl - Type : ACT_GATHER_INFO
2007-11-10	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-460-1.nasl - Type : ACT_GATHER_INFO
2007-10-17	Name : The remote openSUSE host is missing a security update. File : suse_samba-3828.nasl - Type : ACT_GATHER_INFO
2007-10-17	Name : The remote openSUSE host is missing a security update. File : suse_samba-3827.nasl - Type : ACT_GATHER_INFO
2007-10-17	Name : The remote openSUSE host is missing a security update. File : suse_samba-3350.nasl - Type : ACT_GATHER_INFO
2007-10-17	Name : The remote openSUSE host is missing a security update. File : suse_samba-3349.nasl - Type : ACT_GATHER_INFO
2007-08-02	Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2007-007.nasl - Type : ACT_GATHER_INFO
2007-05-20	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_3546a83303ea11dca51d0019b95d4f14.nasl - Type : ACT_GATHER_INFO
2007-05-16	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2007-134-01.nasl - Type : ACT_GATHER_INFO
2007-05-16	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0354.nasl - Type : ACT_GATHER_INFO
2007-05-16	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1291.nasl - Type : ACT_GATHER_INFO
2007-05-16	Name : The remote Fedora Core host is missing a security update. File : fedora_2007-506.nasl - Type : ACT_GATHER_INFO
2007-05-16	Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-104.nasl - Type : ACT_GATHER_INFO
2007-05-16	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200705-15.nasl - Type : ACT_GATHER_INFO
2007-05-16	Name : The remote Fedora Core host is missing a security update. File : fedora_2007-507.nasl - Type : ACT_GATHER_INFO
2007-05-16	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0354.nasl - Type : ACT_GATHER_INFO
2007-05-15	Name : It is possible to execute code on the remote host through Samba. File : samba_overflow.nasl - Type : ACT_GATHER_INFO
2007-05-15	Name : The remote Samba server is affected by multiple vulnerabilities. File : samba_3_0_25.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-02-17 11:50:40	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	4
CPE ID(s)	42
Saint Exploit(s)	1
osvdb(s)	5
ExploitDB Exploit(s)	1
Openvas Exploit(s)	30
Snort® Rule(s)	363
Nessus® Exploit(s)	27

	Related
10	CVE-2007-2446
6	CVE-2007-2447
4	RHSA-2009:1528
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 3 more Alert(s)