[Snort-sigs] IPS does not detect MS12-020 vulnerability via backtrack module

Joel Esler (jesler) jesler at ...3865...
Tue Nov 26 15:18:45 EST 2013


We have this bug assigned out now and are looking into it.

On Nov 26, 2013, at 5:58 AM, Lukas Matt <lukas.matt at ...525...<mailto:lukas.matt at ...525...>> wrote:

Hey guys,

one of our customer complained about SID 21619 (not readable to me).

If he runs the attack with..
.. the attack will be blocked, but if he uses Backtrack:
... he can pass the rule.


Lukas Matt
Deep Packet Inspection Researcher, RnD

tel: +49-721-25516-322, cell: +49-174-3440-555

Sophos Technology GmbH
Amalienbadstr. 41/Bau 52, 76227 Karlsruhe, Germany

SOPHOS Security made simple

Sophos Technology GmbH, Commercial Register: Mannheim HRB 712658
Headquarter Location: Amalienbadstr. 41/Bau 52 | 76227 Karlsruhe | Germany
Executive Board: Nicholas Bray, Pino von Kienlin, Richard Walford, Joachim Frost, Günter Junk

Shape the Mobile Experience: Free Subscription
Software experts and developers: Be at the forefront of tech innovation.
Intel(R) Software Adrenaline delivers strategic insight and game-changing
conversations that shape the rapidly evolving mobile landscape. Sign up now.
Snort-sigs mailing list
Snort-sigs at lists.sourceforge.net

Please visit http://blog.snort.org for the latest news about Snort!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20131126/d428224c/attachment.html>

More information about the Snort-sigs mailing list