[Snort-sigs] Sig for MS04-007 exploit?

Compton, Rich RCompton at ...1352...
Wed Feb 18 14:48:04 EST 2004

Good question,
Does anybody have a reply to this?  What is the rule that will be created to
match traffic trying to exploit this vulnerability?

-Rich Compton

-----Original Message-----
From: snort-sigs-admin at lists.sourceforge.net
[mailto:snort-sigs-admin at lists.sourceforge.net]On Behalf Of Christian
Sent: Sunday, February 15, 2004 2:37 PM
To: snort-sigs at lists.sourceforge.net
Subject: [Snort-sigs] Sig for MS04-007 exploit?

Does anyone already have a signature for the MS04-007 exploit?

The malicious code should be:

/* reqFlags that should trigger the overflow */

Best regards,

SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web services for Linux with
a free DVD software kit from IBM. Click Now!
Snort-sigs mailing list
Snort-sigs at lists.sourceforge.net

More information about the Snort-sigs mailing list