10 - SUN-102964

Executive Summary

Summary
Title	Sun Alert 102964 Multiple Security Vulnerabilities in samba(7) May Allow Remote Code Execution, Elevation of Privileges, Remote Shell Command Execution, or Denial of Service (DoS)

Informations
Name	SUN-102964	First vendor Publication	2007-09-28
Vendor	Sun	Last vendor Modification	2007-10-24
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score	10	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Product: Solaris 9 Operating System, Solaris 10 Operating System, SAMBA

Multiple security vulnerabilities in the Samba (samba(7)) software for Solaris may allow a local or remote user to issue unauthorized Samba operations or to execute arbitrary code or commands with elevated privileges. In addition, it may be possible for a remote authenticated user to cause the Samba service to consume excessive amounts of CPU and memory, resulting in a Denial of Service (DoS) to the system.

These issues are described in the following documents:

CVE-2007-2444 at http://www.security-database.com/detail.php?cve=CVE-2007-2444

CVE-2007-2446 at http://www.security-database.com/detail.php?cve=CVE-2007-2446

CVE-2007-2447 at http://www.security-database.com/detail.php?cve=CVE-2007-2447

CVE-2007-0452 at http://www.security-database.com/detail.php?cve=CVE-2007-0452

Avoidance: Patch, Workaround

State: Resolved

First released: 14-Jun-2007

Sun Alert Link:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1

Original Source

Url : http://blogs.sun.com/security/entry/sun_alert_102964_multiple_security

CWE : Common Weakness Enumeration

%	Id	Name
50 %	CWE-269	Improper Privilege Management
50 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10062

Oval ID:	oval:org.mitre.oval:def:10062
Title:	The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.
Description:	The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2007-2447	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section samba-common is earlier than 0:3.0.9-1.3E.13.2 AND samba-swat is earlier than 0:3.0.9-1.3E.13.2 AND samba-client is earlier than 0:3.0.9-1.3E.13.2 AND samba is earlier than 0:3.0.9-1.3E.13.2 OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section samba-common is earlier than 0:3.0.10-1.4E.12.2 AND samba-swat is earlier than 0:3.0.10-1.4E.12.2 AND samba-client is earlier than 0:3.0.10-1.4E.12.2 AND samba is earlier than 0:3.0.10-1.4E.12.2 OR OS Section: RHEL5, CentOS5, Oracle Linux 5 RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section samba-common is earlier than 0:3.0.23c-2.el5.2.0.2 AND samba-swat is earlier than 0:3.0.23c-2.el5.2.0.2 AND samba-client is earlier than 0:3.0.23c-2.el5.2.0.2 AND samba is earlier than 0:3.0.23c-2.el5.2.0.2

Definition Id: oval:org.mitre.oval:def:11415

Oval ID:	oval:org.mitre.oval:def:11415
Title:	Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving (1) DFSEnum (netdfs_io_dfs_EnumInfo_d), (2) RFNPCNEX (smb_io_notify_option_type_data), (3) LsarAddPrivilegesToAccount (lsa_io_privilege_set), (4) NetSetFileSecurity (sec_io_acl), or (5) LsarLookupSids/LsarLookupSids2 (lsa_io_trans_names).
Description:	Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving (1) DFSEnum (netdfs_io_dfs_EnumInfo_d), (2) RFNPCNEX (smb_io_notify_option_type_data), (3) LsarAddPrivilegesToAccount (lsa_io_privilege_set), (4) NetSetFileSecurity (sec_io_acl), or (5) LsarLookupSids/LsarLookupSids2 (lsa_io_trans_names).
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2007-2446	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section samba-common is earlier than 0:3.0.9-1.3E.13.2 AND samba-swat is earlier than 0:3.0.9-1.3E.13.2 AND samba-client is earlier than 0:3.0.9-1.3E.13.2 AND samba is earlier than 0:3.0.9-1.3E.13.2 OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section samba-common is earlier than 0:3.0.10-1.4E.12.2 AND samba-swat is earlier than 0:3.0.10-1.4E.12.2 AND samba-client is earlier than 0:3.0.10-1.4E.12.2 AND samba is earlier than 0:3.0.10-1.4E.12.2 OR OS Section: RHEL5, CentOS5, Oracle Linux 5 RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section samba-common is earlier than 0:3.0.23c-2.el5.2.0.2 AND samba-swat is earlier than 0:3.0.23c-2.el5.2.0.2 AND samba-client is earlier than 0:3.0.23c-2.el5.2.0.2 AND samba is earlier than 0:3.0.23c-2.el5.2.0.2

Definition Id: oval:org.mitre.oval:def:20051

Oval ID:	oval:org.mitre.oval:def:20051
Title:	DSA-1291-2 samba
Description:	Several issues have been identified in Samba, the SMB/CIFS file- and print-server implementation for GNU/Linux.
Family:	unix	Class:	patch
Reference(s):	DSA-1291-2 CVE-2007-2444 CVE-2007-2446 CVE-2007-2447	Version:	5
Platform(s):	Debian GNU/Linux 4.0	Product(s):	samba
Definition Synopsis:
Debian GNU/Linux 4.0 is installed. AND samba DPKG is earlier than 0:3.0.24-6etch2

Definition Id: oval:org.mitre.oval:def:21734

Oval ID:	oval:org.mitre.oval:def:21734
Title:	ELSA-2007:0061: samba security update (Moderate)
Description:	smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service (memory and CPU exhaustion) by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infinite loop.
Family:	unix	Class:	patch
Reference(s):	ELSA-2007:0061-02 CVE-2007-0452	Version:	6
Platform(s):	Oracle Linux 5	Product(s):	samba
Definition Synopsis:
Oracle Linux 5.x rpm test samba-client is earlier than 0:3.0.23c-2.el5.2 AND samba-common is earlier than 0:3.0.23c-2.el5.2 AND samba is earlier than 0:3.0.23c-2.el5.2 AND samba-swat is earlier than 0:3.0.23c-2.el5.2

Definition Id: oval:org.mitre.oval:def:22405

Oval ID:	oval:org.mitre.oval:def:22405
Title:	ELSA-2007:0354: samba security update (Critical)
Description:	The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.
Family:	unix	Class:	patch
Reference(s):	ELSA-2007:0354-02 CVE-2007-2446 CVE-2007-2447	Version:	13
Platform(s):	Oracle Linux 5	Product(s):	samba
Definition Synopsis:
Oracle Linux 5.x rpm test samba-client is earlier than 0:3.0.23c-2.el5.2.0.2 AND samba-common is earlier than 0:3.0.23c-2.el5.2.0.2 AND samba is earlier than 0:3.0.23c-2.el5.2.0.2 AND samba-swat is earlier than 0:3.0.23c-2.el5.2.0.2

Definition Id: oval:org.mitre.oval:def:9758

Oval ID:	oval:org.mitre.oval:def:9758
Title:	smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service (memory and CPU exhaustion) by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infinite loop.
Description:	smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service (memory and CPU exhaustion) by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infinite loop.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2007-0452	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section samba-common is earlier than 0:3.0.9-1.3E.12 AND samba-swat is earlier than 0:3.0.9-1.3E.12 AND samba-client is earlier than 0:3.0.9-1.3E.12 AND samba is earlier than 0:3.0.9-1.3E.12 OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section samba-common is earlier than 0:3.0.10-1.4E.11 AND samba-swat is earlier than 0:3.0.10-1.4E.11 AND samba-client is earlier than 0:3.0.10-1.4E.11 AND samba is earlier than 0:3.0.10-1.4E.11 OR OS Section: RHEL5, CentOS5, Oracle Linux 5 RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section samba-common is earlier than 0:3.0.23c-2.el5.2 AND samba-swat is earlier than 0:3.0.23c-2.el5.2 AND samba-client is earlier than 0:3.0.23c-2.el5.2 AND samba is earlier than 0:3.0.23c-2.el5.2

CPE : Common Platform Enumeration

Type	Description	Count
Application	Samba cpe:2.3:a:samba:samba:3.0.9:::::::* cpe:2.3:a:samba:samba:3.0.8:::::::* cpe:2.3:a:samba:samba:3.0.7:::::::* cpe:2.3:a:samba:samba:3.0.6:::::::* cpe:2.3:a:samba:samba:3.0.5:::::::* cpe:2.3:a:samba:samba:3.0.4:-:::::: cpe:2.3:a:samba:samba:3.0.4:rc1:::::: cpe:2.3:a:samba:samba:3.0.3:::::::* cpe:2.3:a:samba:samba:3.0.2a:::::::* cpe:2.3:a:samba:samba:3.0.25:rc3:::::: cpe:2.3:a:samba:samba:3.0.25:pre1:::::: cpe:2.3:a:samba:samba:3.0.25:rc2:::::: cpe:2.3:a:samba:samba:3.0.25:rc1:::::: cpe:2.3:a:samba:samba:3.0.25:pre2:::::: cpe:2.3:a:samba:samba:3.0.24:::::::* cpe:2.3:a:samba:samba:3.0.23d:::::::* cpe:2.3:a:samba:samba:3.0.23c:::::::* cpe:2.3:a:samba:samba:3.0.23b:::::::* cpe:2.3:a:samba:samba:3.0.23a:::::::* cpe:2.3:a:samba:samba:3.0.23:-:::::: cpe:2.3:a:samba:samba:3.0.22:::::::* cpe:2.3:a:samba:samba:3.0.21c:::::::* cpe:2.3:a:samba:samba:3.0.21b:::::::* cpe:2.3:a:samba:samba:3.0.21a:::::::* cpe:2.3:a:samba:samba:3.0.21:-:::::: cpe:2.3:a:samba:samba:3.0.20b:::::::* cpe:2.3:a:samba:samba:3.0.20a:::::::* cpe:2.3:a:samba:samba:3.0.20:-:::::: cpe:2.3:a:samba:samba:3.0.2:-:::::: cpe:2.3:a:samba:samba:3.0.19:::::::* cpe:2.3:a:samba:samba:3.0.18:::::::* cpe:2.3:a:samba:samba:3.0.17:::::::* cpe:2.3:a:samba:samba:3.0.16:::::::* cpe:2.3:a:samba:samba:3.0.15:::::::* cpe:2.3:a:samba:samba:3.0.14a:::::::* cpe:2.3:a:samba:samba:3.0.14:-:::::: cpe:2.3:a:samba:samba:3.0.13:::::::* cpe:2.3:a:samba:samba:3.0.12:::::::* cpe:2.3:a:samba:samba:3.0.11:::::::* cpe:2.3:a:samba:samba:3.0.10:::::::* cpe:2.3:a:samba:samba:3.0.1:::::::* cpe:2.3:a:samba:samba:3.0.0:::::::*	42
Os	Canonical Ubuntu Linux cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::* cpe:2.3:o:canonical:ubuntu_linux:6.10:::::::* cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::*	3
Os	Debian Debian Linux cpe:2.3:o:debian:debian_linux:5.0:::::::* cpe:2.3:o:debian:debian_linux:4.0:::::::*	2

SAINT Exploits

Description	Link
Samba lsa_io_trans_names buffer overflow	More info here

ExploitDB Exploits

id	Description
2010-08-18	Samba "username map script" Command Execution

OpenVAS Exploits

Date	Description
2010-02-15	Name : Solaris Update for Samba 114685-15 File : nvt/gb_solaris_114685_15.nasl
2010-02-15	Name : Solaris Update for Samba 114684-15 File : nvt/gb_solaris_114684_15.nasl
2009-11-17	Name : Mac OS X Version File : nvt/macosx_version.nasl
2009-10-13	Name : Solaris Update for Samba 119758-16 File : nvt/gb_solaris_119758_16.nasl
2009-10-13	Name : Solaris Update for Samba 119757-16 File : nvt/gb_solaris_119757_16.nasl
2009-10-13	Name : Solaris Update for Samba 114685-14 File : nvt/gb_solaris_114685_14.nasl
2009-10-13	Name : Solaris Update for Samba 114684-14 File : nvt/gb_solaris_114684_14.nasl
2009-10-10	Name : SLES9: Security update for Samba File : nvt/sles9p5019481.nasl
2009-10-10	Name : SLES9: Security update for samba File : nvt/sles9p5018028.nasl
2009-10-10	Name : SLES9: Security update for Samba File : nvt/sles9p5009819.nasl
2009-09-23	Name : Solaris Update for Samba 119758-15 File : nvt/gb_solaris_119758_15.nasl
2009-09-23	Name : Solaris Update for Samba 119757-15 File : nvt/gb_solaris_119757_15.nasl
2009-06-03	Name : Solaris Update for Samba 114685-13 File : nvt/gb_solaris_114685_13.nasl
2009-06-03	Name : Solaris Update for Samba 119758-14 File : nvt/gb_solaris_119758_14.nasl
2009-06-03	Name : Solaris Update for Samba 119757-14 File : nvt/gb_solaris_119757_14.nasl
2009-06-03	Name : Solaris Update for Samba 114684-13 File : nvt/gb_solaris_114684_13.nasl
2009-05-05	Name : HP-UX Update for CIFS Server (Samba) HPSBUX02218 File : nvt/gb_hp_ux_HPSBUX02218.nasl
2009-05-05	Name : HP-UX Update for CIFS Server (Samba) HPSBUX02204 File : nvt/gb_hp_ux_HPSBUX02204.nasl
2009-04-09	Name : Mandriva Update for samba MDKSA-2007:104 (samba) File : nvt/gb_mandriva_MDKSA_2007_104.nasl
2009-04-09	Name : Mandriva Update for samba MDKSA-2007:034 (samba) File : nvt/gb_mandriva_MDKSA_2007_034.nasl
2009-04-09	Name : Mandriva Update for samba MDKSA-2007:104-1 (samba) File : nvt/gb_mandriva_MDKSA_2007_104_1.nasl
2009-03-23	Name : Ubuntu Update for samba vulnerabilities USN-460-1 File : nvt/gb_ubuntu_USN_460_1.nasl
2009-03-23	Name : Ubuntu Update for samba vulnerabilities USN-419-1 File : nvt/gb_ubuntu_USN_419_1.nasl
2009-03-23	Name : Ubuntu Update for samba regression USN-460-2 File : nvt/gb_ubuntu_USN_460_2.nasl
2009-02-27	Name : Fedora Update for samba FEDORA-2007-220 File : nvt/gb_fedora_2007_220_samba_fc6.nasl
2009-02-27	Name : Fedora Update for samba FEDORA-2007-219 File : nvt/gb_fedora_2007_219_samba_fc5.nasl
2009-02-27	Name : Fedora Update for samba FEDORA-2007-506 File : nvt/gb_fedora_2007_506_samba_fc5.nasl
2009-02-27	Name : Fedora Update for samba FEDORA-2007-507 File : nvt/gb_fedora_2007_507_samba_fc6.nasl
2009-01-28	Name : SuSE Update for samba SUSE-SA:2007:016 File : nvt/gb_suse_2007_016.nasl
2009-01-28	Name : SuSE Update for samba SUSE-SA:2007:031 File : nvt/gb_suse_2007_031.nasl
2008-09-24	Name : Gentoo Security Advisory GLSA 200705-15 (samba) File : nvt/glsa_200705_15.nasl
2008-09-24	Name : Gentoo Security Advisory GLSA 200702-01 (samba) File : nvt/glsa_200702_01.nasl
2008-09-04	Name : FreeBSD Ports: samba, ja-samba File : nvt/freebsd_samba8.nasl
2008-09-04	Name : FreeBSD Ports: samba, ja-samba File : nvt/freebsd_samba12.nasl
2008-01-17	Name : Debian Security Advisory DSA 1291-3 (samba) File : nvt/deb_1291_3.nasl
2008-01-17	Name : Debian Security Advisory DSA 1291-2 (samba) File : nvt/deb_1291_2.nasl
2008-01-17	Name : Debian Security Advisory DSA 1291-4 (samba) File : nvt/deb_1291_4.nasl
2008-01-17	Name : Debian Security Advisory DSA 1257-1 (samba) File : nvt/deb_1257_1.nasl
0000-00-00	Name : Slackware Advisory SSA:2007-038-01 samba File : nvt/esoft_slk_ssa_2007_038_01.nasl
0000-00-00	Name : Slackware Advisory SSA:2007-134-01 samba File : nvt/esoft_slk_ssa_2007_134_01.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
34733	Samba DFS RPC Interface DFSEnum Request Remote Overflow
34732	Samba SPOOLSS RPC Interface RFNPCNEX Request Remote Overflow A remote overflow exists in Samba. The application fails to properly verify user-suplied input when parsing RPC requests to the SPOOLSS RPC interface resulting in a heap-based overflow. With a specially crafted request to RFNPCNEX, an attacker can cause heap space to be overwritten and possible trigger the execution of arbitrary code resulting in a loss of integrity or availability.
34731	Samba SRVSVC RPC Interface NetSetFileSecurity Request Remote Overflow
34700	Samba Unfiltered MS-RPC Calls Arbitrary Remote Command Execution Samba contains a flaw that may allow a malicious user to execute arbitrary shell commands. The issue is triggered due to MS-RPC does not properly check user-supplied input when passing RPC messages from external scripts to '/bin/sh'. It is possible that the flaw may allow code execution resulting in a loss of integrity.
34699	Samba LSA RPC Interface Multiple Function Remote Overflow A remote overflow exists in Samba. The LSA RPC Interface fails to validate MS-RPC requests resulting in a heap overflow. With a specially crafted request, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.
34698	Samba SID/Name Translation Privileged SMB/CIFS Protocol Operation Execution
33100	Samba smbd Deferred Open Code Infinite Loop DoS

Snort® IPS/IDS

Date	Description
2016-09-13	DCERPC NCACN-IP-TCP lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 39875 - Revision : 2 - Type : NETBIOS
2014-01-10	Samba username map script command injection attempt RuleID : 21164 - Revision : 6 - Type : SERVER-SAMBA
2014-01-10	DCERPC NCACN-IP-TCP lsarpc LsarLookupSids lsa_io_trans_name heap overflow att... RuleID : 18472 - Revision : 9 - Type : NETBIOS
2014-01-10	Samba DCERPC NCACN-IP-TCP lsarpc LsarLookupSids lsa_io_trans_name heap overfl... RuleID : 18319 - Revision : 9 - Type : SERVER-SAMBA
2014-01-10	NETBIOS DCERPC NCACN-IP-TCP lsarpc LsarLookupSids lsa_io_trans_name heap over... RuleID : 18314 - Revision : 4 - Type : SPECIFIC-THREATS
2014-01-10	DCERPC NCADG-IP-UDP netdfs NetrDfsEnum attempt RuleID : 18192 - Revision : 8 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP netdfs NetrDfsEnum attempt RuleID : 18191 - Revision : 8 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP netdfs NetrDfsEnum attempt RuleID : 18190 - Revision : 8 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP netdfs NetrDfsEnum attempt RuleID : 18189 - Revision : 8 - Type : NETBIOS
2014-01-10	Samba spools RPC smb_io_notify_option_type_data request handling buffer overf... RuleID : 16034 - Revision : 6 - Type : SERVER-SAMBA
2014-01-10	DCERPC NCACN-IP-TCP spoolss RouteRefreshPrinterChangeNotification attempt RuleID : 15911 - Revision : 7 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP lsarpc LsarLookupSids translated_names overflow attempt RuleID : 15508 - Revision : 6 - Type : SERVER-OTHER
2014-01-10	DCERPC NCACN-IP-TCP lsarpc LsarLookupSids translated_names overflow attempt RuleID : 15507 - Revision : 5 - Type : SPECIFIC-THREATS
2014-01-10	DCERPC NCADG-IP-UDP netdfs NetrDfsEnum overflow attempt RuleID : 14988 - Revision : 11 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP netdfs NetrDfsEnum overflow attempt RuleID : 14900 - Revision : 15 - Type : NETBIOS
2014-01-10	DCERPC DIRECT srvsvc NetSetFileSecurity object call integer overflow attempt RuleID : 13157 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP srvsvc NetSetFileSecurity little endian object call integ... RuleID : 13156 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP srvsvc NetSetFileSecurity little endian object call integ... RuleID : 13155 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP srvsvc NetSetFileSecurity little endian object call integer... RuleID : 13154 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP srvsvc NetSetFileSecurity object call integer overflow attempt RuleID : 13153 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP srvsvc NetSetFileSecurity object call integer overflow at... RuleID : 13152 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT srvsvc NetSetFileSecurity little endian object call integer ove... RuleID : 13151 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP srvsvc NetSetFileSecurity little endian object call integer... RuleID : 13150 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP srvsvc NetSetFileSecurity object call integer overflow attempt RuleID : 13149 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP srvsvc NetSetFileSecurity object call integer overflow at... RuleID : 13148 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP v4 srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13147 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13146 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP srvsvc NetSetFileSecurity little endian integer overflow ... RuleID : 13145 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP srvsvc NetSetFileSecurity little endian integer overflow ... RuleID : 13144 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP v4 srvsvc NetSetFileSecurity little endian integer overfl... RuleID : 13143 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP v4 srvsvc NetSetFileSecurity little endian integer overflow... RuleID : 13142 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT v4 srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13141 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP v4 srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13140 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP v4 srvsvc NetSetFileSecurity little endian integer overfl... RuleID : 13139 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP v4 srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13138 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP srvsvc NetSetFileSecurity little endian integer overflow at... RuleID : 13137 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13136 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP v4 srvsvc NetSetFileSecurity little endian integer overflow... RuleID : 13135 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13134 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT srvsvc NetSetFileSecurity little endian integer overflow attempt RuleID : 13133 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP srvsvc NetSetFileSecurity little endian integer overflow at... RuleID : 13132 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13131 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13130 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP v4 srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13129 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT v4 srvsvc NetSetFileSecurity little endian integer overflow att... RuleID : 13128 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode little endian andx object cal... RuleID : 13127 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity unicode little endian andx object call integer ... RuleID : 13126 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX little endian andx object call intege... RuleID : 13125 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity little endian andx object call integer overflow... RuleID : 13124 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB-DS srvsvc NetSetFileSecurity WriteAndX unicode little endian andx object ... RuleID : 13123 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB-DS srvsvc NetSetFileSecurity unicode little endian andx object call integ... RuleID : 13122 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB-DS srvsvc NetSetFileSecurity WriteAndX little endian andx object call int... RuleID : 13121 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB-DS srvsvc NetSetFileSecurity little endian andx object call integer overf... RuleID : 13120 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode little endian andx object cal... RuleID : 13119 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity unicode little endian andx object call integer ... RuleID : 13118 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX little endian andx object call intege... RuleID : 13117 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity little endian andx object call integer overflow... RuleID : 13116 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode andx object call integer over... RuleID : 13115 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity unicode andx object call integer overflow attempt RuleID : 13114 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX andx object call integer overflow att... RuleID : 13113 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity andx object call integer overflow attempt RuleID : 13112 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB-DS srvsvc NetSetFileSecurity WriteAndX unicode andx object call integer o... RuleID : 13111 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB-DS srvsvc NetSetFileSecurity unicode andx object call integer overflow at... RuleID : 13110 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB-DS srvsvc NetSetFileSecurity WriteAndX andx object call integer overflow ... RuleID : 13109 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB-DS srvsvc NetSetFileSecurity andx object call integer overflow attempt RuleID : 13108 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode andx object call integer over... RuleID : 13107 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity unicode andx object call integer overflow attempt RuleID : 13106 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX andx object call integer overflow att... RuleID : 13105 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity andx object call integer overflow attempt RuleID : 13104 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode little endian andx integer ov... RuleID : 13103 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity unicode little endian andx integer overflow att... RuleID : 13102 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX little endian andx integer overflow a... RuleID : 13101 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity little endian andx integer overflow attempt RuleID : 13100 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB-DS srvsvc NetSetFileSecurity WriteAndX unicode little endian andx integer... RuleID : 13099 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB-DS srvsvc NetSetFileSecurity unicode little endian andx integer overflow ... RuleID : 13098 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP srvsvc NetSetFileSecurity little endian object call integer... RuleID : 13097 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP srvsvc NetSetFileSecurity object call integer overflow attempt RuleID : 13096 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP srvsvc NetSetFileSecurity object call integer overflow at... RuleID : 13095 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP srvsvc NetSetFileSecurity object call integer overflow at... RuleID : 13094 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP srvsvc NetSetFileSecurity little endian object call integ... RuleID : 13093 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP srvsvc NetSetFileSecurity little endian object call integ... RuleID : 13092 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP v4 srvsvc NetSetFileSecurity little endian integer overfl... RuleID : 13091 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP srvsvc NetSetFileSecurity little endian integer overflow at... RuleID : 13090 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13089 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP v4 srvsvc NetSetFileSecurity little endian integer overflow... RuleID : 13088 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP v4 srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13087 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP v4 srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13086 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13085 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13084 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP v4 srvsvc NetSetFileSecurity little endian integer overfl... RuleID : 13083 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP srvsvc NetSetFileSecurity little endian integer overflow ... RuleID : 13082 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP srvsvc NetSetFileSecurity little endian integer overflow ... RuleID : 13081 - Revision : 6 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP v4 srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13080 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode little endian andx object cal... RuleID : 13079 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity unicode little endian andx object call integer ... RuleID : 13078 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX little endian andx object call intege... RuleID : 13077 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity little endian andx object call integer overflow... RuleID : 13076 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode little endian andx object cal... RuleID : 13075 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity unicode little endian andx object call integer ... RuleID : 13074 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX little endian andx object call intege... RuleID : 13073 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity little endian andx object call integer overflow... RuleID : 13072 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode andx object call integer over... RuleID : 13071 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity unicode andx object call integer overflow attempt RuleID : 13070 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX andx object call integer overflow att... RuleID : 13069 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity andx object call integer overflow attempt RuleID : 13068 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode andx object call integer over... RuleID : 13067 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX andx object call integer overflow att... RuleID : 13066 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity unicode andx object call integer overflow attempt RuleID : 13065 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity andx object call integer overflow attempt RuleID : 13064 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode little endian andx integer ov... RuleID : 13063 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity unicode little endian andx integer overflow att... RuleID : 13062 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX little endian andx integer overflow a... RuleID : 13061 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity little endian andx integer overflow attempt RuleID : 13060 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode little endian andx integer ov... RuleID : 13059 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity unicode little endian andx integer overflow att... RuleID : 13058 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX little endian andx integer overflow a... RuleID : 13057 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity little endian andx integer overflow attempt RuleID : 13056 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode andx integer overflow attempt RuleID : 13055 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity unicode andx integer overflow attempt RuleID : 13054 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX andx integer overflow attempt RuleID : 13053 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity andx integer overflow attempt RuleID : 13052 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode andx integer overflow attempt RuleID : 13051 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX andx integer overflow attempt RuleID : 13050 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity unicode andx integer overflow attempt RuleID : 13049 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity andx integer overflow attempt RuleID : 13048 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB v4 srvsvc NetSetFileSecurity WriteAndX unicode little endian andx integer... RuleID : 13047 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB v4 srvsvc NetSetFileSecurity little endian andx integer overflow attempt RuleID : 13046 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB v4 srvsvc NetSetFileSecurity WriteAndX unicode andx integer overflow attempt RuleID : 13045 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB v4 srvsvc NetSetFileSecurity unicode andx integer overflow attempt RuleID : 13044 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB v4 srvsvc NetSetFileSecurity WriteAndX andx integer overflow attempt RuleID : 13043 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB v4 srvsvc NetSetFileSecurity andx integer overflow attempt RuleID : 13042 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB v4 srvsvc NetSetFileSecurity WriteAndX little endian andx integer overflo... RuleID : 13041 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB v4 srvsvc NetSetFileSecurity WriteAndX unicode andx integer overflow attempt RuleID : 13040 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB v4 srvsvc NetSetFileSecurity WriteAndX andx integer overflow attempt RuleID : 13039 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB v4 srvsvc NetSetFileSecurity unicode andx integer overflow attempt RuleID : 13038 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB v4 srvsvc NetSetFileSecurity little endian andx integer overflow attempt RuleID : 13037 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB v4 srvsvc NetSetFileSecurity WriteAndX unicode little endian andx integer... RuleID : 13036 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB v4 srvsvc NetSetFileSecurity unicode little endian andx integer overflow ... RuleID : 13035 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB v4 srvsvc NetSetFileSecurity unicode little endian andx integer overflow ... RuleID : 13034 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB v4 srvsvc NetSetFileSecurity WriteAndX little endian andx integer overflo... RuleID : 13033 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB v4 srvsvc NetSetFileSecurity andx integer overflow attempt RuleID : 13032 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode little endian object call int... RuleID : 13031 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity unicode little endian object call integer overf... RuleID : 13030 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX little endian object call integer ove... RuleID : 13029 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity little endian object call integer overflow attempt RuleID : 13028 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode little endian object call int... RuleID : 13027 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity unicode little endian object call integer overf... RuleID : 13026 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX little endian object call integer ove... RuleID : 13025 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity little endian object call integer overflow attempt RuleID : 13024 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode object call integer overflow ... RuleID : 13023 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity unicode object call integer overflow attempt RuleID : 13022 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX object call integer overflow attempt RuleID : 13021 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity object call integer overflow attempt RuleID : 13020 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode object call integer overflow ... RuleID : 13019 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX object call integer overflow attempt RuleID : 13018 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity unicode object call integer overflow attempt RuleID : 13017 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity object call integer overflow attempt RuleID : 13016 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode little endian integer overflo... RuleID : 13015 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity unicode little endian integer overflow attempt RuleID : 13014 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX little endian integer overflow attempt RuleID : 13013 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity little endian integer overflow attempt RuleID : 13012 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode little endian integer overflo... RuleID : 13011 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity unicode little endian integer overflow attempt RuleID : 13010 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX little endian integer overflow attempt RuleID : 13009 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity little endian integer overflow attempt RuleID : 13008 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode integer overflow attempt RuleID : 13007 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity unicode integer overflow attempt RuleID : 13006 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX integer overflow attempt RuleID : 13005 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13004 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX unicode integer overflow attempt RuleID : 13003 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity WriteAndX integer overflow attempt RuleID : 13002 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity unicode integer overflow attempt RuleID : 13001 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB srvsvc NetSetFileSecurity integer overflow attempt RuleID : 13000 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB v4 srvsvc NetSetFileSecurity WriteAndX unicode little endian integer over... RuleID : 12999 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB v4 srvsvc NetSetFileSecurity little endian integer overflow attempt RuleID : 12998 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB v4 srvsvc NetSetFileSecurity WriteAndX unicode integer overflow attempt RuleID : 12997 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB v4 srvsvc NetSetFileSecurity unicode integer overflow attempt RuleID : 12996 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB v4 srvsvc NetSetFileSecurity WriteAndX integer overflow attempt RuleID : 12995 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB v4 srvsvc NetSetFileSecurity integer overflow attempt RuleID : 12994 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB v4 srvsvc NetSetFileSecurity WriteAndX little endian integer overflow att... RuleID : 12993 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB v4 srvsvc NetSetFileSecurity WriteAndX unicode integer overflow attempt RuleID : 12992 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB v4 srvsvc NetSetFileSecurity WriteAndX integer overflow attempt RuleID : 12991 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB v4 srvsvc NetSetFileSecurity unicode integer overflow attempt RuleID : 12990 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB v4 srvsvc NetSetFileSecurity little endian integer overflow attempt RuleID : 12989 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	SMB v4 srvsvc NetSetFileSecurity WriteAndX unicode little endian integer over... RuleID : 12988 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB v4 srvsvc NetSetFileSecurity unicode little endian integer overflow attempt RuleID : 12987 - Revision : 6 - Type : NETBIOS
2014-01-10	SMB v4 srvsvc NetSetFileSecurity unicode little endian integer overflow attempt RuleID : 12986 - Revision : 6 - Type : NETBIOS-DG
2014-01-10	DCERPC NCADG-IP-UDP srvsvc NetSetFileSecurity integer overflow attempt RuleID : 12985 - Revision : 11 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP srvsvc NetSetFileSecurity integer overflow attempt RuleID : 12984 - Revision : 15 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP lsarpc LsarAddPrivilegesToAccount object call overflow attempt RuleID : 11615 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC DIRECT lsarpc LsarAddPrivilegesToAccount little endian object call ove... RuleID : 11614 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP lsarpc LsarAddPrivilegesToAccount object call overflow at... RuleID : 11613 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP lsarpc LsarAddPrivilegesToAccount little endian object ca... RuleID : 11612 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP lsarpc LsarAddPrivilegesToAccount little endian object call... RuleID : 11611 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP lsarpc LsarAddPrivilegesToAccount object call overflow at... RuleID : 11610 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP lsarpc LsarAddPrivilegesToAccount little endian object ca... RuleID : 11609 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP lsarpc LsarAddPrivilegesToAccount little endian object call... RuleID : 11608 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP lsarpc LsarAddPrivilegesToAccount object call overflow attempt RuleID : 11607 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC DIRECT lsarpc LsarAddPrivilegesToAccount object call overflow attempt RuleID : 11606 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP v4 lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11605 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11604 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC DIRECT v4 lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11603 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC DIRECT lsarpc LsarAddPrivilegesToAccount little endian overflow attempt RuleID : 11602 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11601 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP v4 lsarpc LsarAddPrivilegesToAccount little endian overflow... RuleID : 11600 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP v4 lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11599 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP lsarpc LsarAddPrivilegesToAccount little endian overflow ... RuleID : 11598 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP lsarpc LsarAddPrivilegesToAccount little endian overflow at... RuleID : 11597 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11596 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP lsarpc LsarAddPrivilegesToAccount little endian overflow ... RuleID : 11595 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP lsarpc LsarAddPrivilegesToAccount little endian overflow at... RuleID : 11594 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11593 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCACN-HTTP v4 lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11592 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC DIRECT v4 lsarpc LsarAddPrivilegesToAccount little endian overflow att... RuleID : 11591 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP v4 lsarpc LsarAddPrivilegesToAccount little endian overfl... RuleID : 11590 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP v4 lsarpc LsarAddPrivilegesToAccount little endian overfl... RuleID : 11589 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP v4 lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11588 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC DIRECT lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11587 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC DIRECT-UDP v4 lsarpc LsarAddPrivilegesToAccount little endian overflow... RuleID : 11586 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount little endian andx overflow attempt RuleID : 11585 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount little endian andx object call overflow... RuleID : 11584 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode little endian andx object call ... RuleID : 11583 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX little endian andx object cal... RuleID : 11582 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian andx ob... RuleID : 11581 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount unicode little endian andx object ca... RuleID : 11580 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount little endian andx object call overflow... RuleID : 11579 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX little endian andx object ... RuleID : 11578 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian andx... RuleID : 11577 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian andx ob... RuleID : 11576 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX little endian andx object cal... RuleID : 11575 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode little endian andx object call ... RuleID : 11574 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount andx object call overflow attempt RuleID : 11573 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode andx object call overflow attempt RuleID : 11572 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX andx object call overflow att... RuleID : 11571 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode andx object call over... RuleID : 11570 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount unicode andx object call overflow at... RuleID : 11569 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount andx object call overflow attempt RuleID : 11568 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount little endian andx object call overf... RuleID : 11567 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX andx object call overflow ... RuleID : 11566 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX unicode andx object call o... RuleID : 11565 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode andx object call over... RuleID : 11564 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode andx object call overflow attempt RuleID : 11563 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount andx object call overflow attempt RuleID : 11562 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX andx object call overflow att... RuleID : 11561 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode little endian andx overflow att... RuleID : 11560 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX little endian andx overflow a... RuleID : 11559 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian andx ov... RuleID : 11558 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount unicode little endian andx overflow ... RuleID : 11557 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount little endian andx overflow attempt RuleID : 11556 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX little endian andx overflo... RuleID : 11555 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian andx... RuleID : 11554 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian andx ov... RuleID : 11553 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX little endian andx overflow a... RuleID : 11552 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode little endian andx overflow att... RuleID : 11551 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount andx overflow attempt RuleID : 11550 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode andx overflow attempt RuleID : 11549 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX andx overflow attempt RuleID : 11548 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode andx overflow attempt RuleID : 11547 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount unicode andx overflow attempt RuleID : 11546 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount andx overflow attempt RuleID : 11545 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount andx overflow attempt RuleID : 11544 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX andx overflow attempt RuleID : 11543 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount little endian andx overflow attempt RuleID : 11542 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount andx overflow attempt RuleID : 11541 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX unicode andx overflow attempt RuleID : 11540 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount WriteAndX unicode andx overflow a... RuleID : 11539 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount andx overflow attempt RuleID : 11538 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX unicode andx overflow attempt RuleID : 11537 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX andx overflow attempt RuleID : 11536 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount little endian andx overflow attempt RuleID : 11535 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount unicode andx overflow attempt RuleID : 11534 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount unicode andx overflow attempt RuleID : 11533 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount unicode andx overflow attempt RuleID : 11532 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount WriteAndX andx overflow attempt RuleID : 11531 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX andx overflow attempt RuleID : 11530 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX unicode andx overflow attempt RuleID : 11529 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode andx overflow attempt RuleID : 11528 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode andx overflow attempt RuleID : 11527 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount andx overflow attempt RuleID : 11526 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX andx overflow attempt RuleID : 11525 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount little endian andx overflow attempt RuleID : 11524 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX little endian andx overflo... RuleID : 11523 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian andx... RuleID : 11522 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount unicode little endian andx overfl... RuleID : 11521 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount little endian andx overflow attempt RuleID : 11520 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount WriteAndX little endian andx over... RuleID : 11519 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian a... RuleID : 11518 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX little endian andx overflo... RuleID : 11517 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian andx... RuleID : 11516 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount unicode little endian andx overflow ... RuleID : 11515 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount unicode little endian andx overflow ... RuleID : 11514 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount little endian overflow attempt RuleID : 11513 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount little endian object call overflow attempt RuleID : 11512 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode little endian object call overf... RuleID : 11511 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX little endian object call ove... RuleID : 11510 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian object ... RuleID : 11509 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount unicode little endian object call ov... RuleID : 11508 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount little endian object call overflow attempt RuleID : 11507 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX little endian object call ... RuleID : 11506 - Revision : 2 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian obje... RuleID : 11505 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian object ... RuleID : 11504 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX little endian object call ove... RuleID : 11503 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode little endian object call overf... RuleID : 11502 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount object call overflow attempt RuleID : 11501 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode object call overflow attempt RuleID : 11500 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX object call overflow attempt RuleID : 11499 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode object call overflow ... RuleID : 11498 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount unicode object call overflow attempt RuleID : 11497 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount object call overflow attempt RuleID : 11496 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount little endian object call overflow a... RuleID : 11495 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX object call overflow attempt RuleID : 11494 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX unicode object call overfl... RuleID : 11493 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode object call overflow ... RuleID : 11492 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode object call overflow attempt RuleID : 11491 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount object call overflow attempt RuleID : 11490 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX object call overflow attempt RuleID : 11489 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode little endian overflow attempt RuleID : 11488 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX little endian overflow attempt RuleID : 11487 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian overflo... RuleID : 11486 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount unicode little endian overflow attempt RuleID : 11485 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount little endian overflow attempt RuleID : 11484 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX little endian overflow att... RuleID : 11483 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian over... RuleID : 11482 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian overflo... RuleID : 11481 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX little endian overflow attempt RuleID : 11480 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode little endian overflow attempt RuleID : 11479 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11478 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode overflow attempt RuleID : 11477 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX overflow attempt RuleID : 11476 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode overflow attempt RuleID : 11475 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount unicode overflow attempt RuleID : 11474 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11473 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11472 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX overflow attempt RuleID : 11471 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount little endian overflow attempt RuleID : 11470 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11469 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX unicode overflow attempt RuleID : 11468 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount WriteAndX unicode overflow attempt RuleID : 11467 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11466 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX unicode overflow attempt RuleID : 11465 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX overflow attempt RuleID : 11464 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount little endian overflow attempt RuleID : 11463 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount unicode overflow attempt RuleID : 11462 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount unicode overflow attempt RuleID : 11461 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount unicode overflow attempt RuleID : 11460 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount WriteAndX overflow attempt RuleID : 11459 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX overflow attempt RuleID : 11458 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount WriteAndX unicode overflow attempt RuleID : 11457 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX unicode overflow attempt RuleID : 11456 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount unicode overflow attempt RuleID : 11455 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11454 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB lsarpc LsarAddPrivilegesToAccount WriteAndX overflow attempt RuleID : 11453 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount little endian overflow attempt RuleID : 11452 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX little endian overflow att... RuleID : 11451 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian over... RuleID : 11450 - Revision : 3 - Type : NETBIOS-DG
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount unicode little endian overflow at... RuleID : 11449 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount little endian overflow attempt RuleID : 11448 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount WriteAndX little endian overflow ... RuleID : 11447 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB-DS v4 lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian o... RuleID : 11446 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX little endian overflow att... RuleID : 11445 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB v4 lsarpc LsarAddPrivilegesToAccount WriteAndX unicode little endian over... RuleID : 11444 - Revision : 3 - Type : NETBIOS
2014-01-10	DCERPC NCADG-IP-UDP lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11443 - Revision : 10 - Type : NETBIOS
2014-01-10	DCERPC NCACN-IP-TCP lsarpc LsarAddPrivilegesToAccount overflow attempt RuleID : 11442 - Revision : 14 - Type : NETBIOS

Nessus® Vulnerability Scanner

Date	Description
2015-04-06	Name : The file and print server running on the remote host is affected by a remote ... File : samba_3_login_rce.nasl - Type : ACT_ATTACK
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0354.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0060.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20070514_samba_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2009-07-27	Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2007-0006.nasl - Type : ACT_GATHER_INFO
2008-01-14	Name : The remote multi-function device is affected by multiple issues. File : xerox_xrx08_001.nasl - Type : ACT_GATHER_INFO
2007-12-13	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_samba-3829.nasl - Type : ACT_GATHER_INFO
2007-12-13	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_samba-3351.nasl - Type : ACT_GATHER_INFO
2007-12-13	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_samba-2556.nasl - Type : ACT_GATHER_INFO
2007-11-10	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-460-2.nasl - Type : ACT_GATHER_INFO
2007-11-10	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-460-1.nasl - Type : ACT_GATHER_INFO
2007-11-10	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-419-1.nasl - Type : ACT_GATHER_INFO
2007-10-17	Name : The remote openSUSE host is missing a security update. File : suse_samba-3828.nasl - Type : ACT_GATHER_INFO
2007-10-17	Name : The remote openSUSE host is missing a security update. File : suse_samba-3827.nasl - Type : ACT_GATHER_INFO
2007-10-17	Name : The remote openSUSE host is missing a security update. File : suse_samba-3350.nasl - Type : ACT_GATHER_INFO
2007-10-17	Name : The remote openSUSE host is missing a security update. File : suse_samba-3349.nasl - Type : ACT_GATHER_INFO
2007-10-17	Name : The remote openSUSE host is missing a security update. File : suse_samba-2553.nasl - Type : ACT_GATHER_INFO
2007-08-02	Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2007-007.nasl - Type : ACT_GATHER_INFO
2007-05-25	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0061.nasl - Type : ACT_GATHER_INFO
2007-05-20	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_3546a83303ea11dca51d0019b95d4f14.nasl - Type : ACT_GATHER_INFO
2007-05-16	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2007-134-01.nasl - Type : ACT_GATHER_INFO
2007-05-16	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0354.nasl - Type : ACT_GATHER_INFO
2007-05-16	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0354.nasl - Type : ACT_GATHER_INFO
2007-05-16	Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-104.nasl - Type : ACT_GATHER_INFO
2007-05-16	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1291.nasl - Type : ACT_GATHER_INFO
2007-05-16	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200705-15.nasl - Type : ACT_GATHER_INFO
2007-05-16	Name : The remote Fedora Core host is missing a security update. File : fedora_2007-506.nasl - Type : ACT_GATHER_INFO
2007-05-16	Name : The remote Fedora Core host is missing a security update. File : fedora_2007-507.nasl - Type : ACT_GATHER_INFO
2007-05-15	Name : The remote Samba server is affected by multiple vulnerabilities. File : samba_3_0_25.nasl - Type : ACT_GATHER_INFO
2007-05-15	Name : It is possible to execute code on the remote host through Samba. File : samba_overflow.nasl - Type : ACT_GATHER_INFO
2007-03-16	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_f235fe7ab9ca11dbbf0f0013720b182d.nasl - Type : ACT_GATHER_INFO
2007-02-22	Name : The remote Samba server is affected by several vulnerabilities that could lea... File : samba_3_0_24.nasl - Type : ACT_GATHER_INFO
2007-02-18	Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-034.nasl - Type : ACT_GATHER_INFO
2007-02-18	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2007-038-01.nasl - Type : ACT_GATHER_INFO
2007-02-17	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0060.nasl - Type : ACT_GATHER_INFO
2007-02-17	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0060.nasl - Type : ACT_GATHER_INFO
2007-02-15	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200702-01.nasl - Type : ACT_GATHER_INFO
2007-02-09	Name : The remote Fedora Core host is missing a security update. File : fedora_2007-220.nasl - Type : ACT_GATHER_INFO
2007-02-09	Name : The remote Fedora Core host is missing a security update. File : fedora_2007-219.nasl - Type : ACT_GATHER_INFO
2007-02-09	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1257.nasl - Type : ACT_GATHER_INFO

Global Informations

Type	Count
CWE ID(s)	2
Oval ID(s)	6
CPE ID(s)	47
Saint Exploit(s)	1
osvdb(s)	7
ExploitDB Exploit(s)	1
Openvas Exploit(s)	40
Snort® Rule(s)	363
Nessus® Exploit(s)	40

	Related
10	CVE-2007-2446
7.2	CVE-2007-2444
6.8	CVE-2007-0452
6	CVE-2007-2447
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 4 more Alert(s)