[Snort-sigs] New rule for detect old "Sentinel LM UDP Buffer Overflow"

rmkml rmkml at ...324...
Mon Oct 10 14:34:39 EDT 2005


Hi,

Please check and add this new (old) rule :

bad-traffic.rules:alert udp $EXTERNAL_NET any -> $HOME_NET 5093 
(msg:"Sentinel LM exploit"; dsize:2048; reference:bugtraq,12742; 
reference:cve,2005-0353; reference:osvdb,14605; reference:nessus,17326;
classtype:attempted-dos;)

Regards
Rmkml





More information about the Snort-sigs mailing list