[Snort-sigs] Sig for MS04-007 exploit?

Christian Tramnitz maillist at ...2229...
Sun Feb 15 12:41:02 EST 2004


Does anyone already have a signature for the MS04-007 exploit?

The malicious code should be:

/* reqFlags that should trigger the overflow */
"\xA1\x05\x23\x03\x03\x01\x07"


Best regards,
   Christian




More information about the Snort-sigs mailing list