[Snort-users] DOS MSDTC attempt false positive

Matt Kettler mkettler at ...4108...
Sat May 11 08:54:02 EDT 2002

Actualy I just checked with bugtraq, this exploit takes at least 1024 bytes 
of data to cause the crash so the "0 bytes" idea bill had is a red herring. 
The rule is valid as it stands with dsize >1023.


More information about the Snort-users mailing list