[Snort-sigs] Rule for the newest DCOM vulnerability?

Compton, Rich RCompton at ...1352...
Wed Sep 10 20:04:06 EDT 2003


Anyone have a new rule for the newest Microsoft DCOM vulnerability
(http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/M
S03-039.asp) that eEye just discovered
(http://www.eeye.com/html/Research/Advisories/AD20030910.html)?

Someone on another list suggested running eEye's Retina scanner checking for
that vulnerability and sniffing for the traffic.  Anybody know if that would
work?

-Rich Compton




More information about the Snort-sigs mailing list