Snort mailing list archives
FP's for gen:124 sid:1 - smtp: Attempted command buffer overflow
From: Eoin Miller <eoin.miller () trojanedbinaries com>
Date: Wed, 11 May 2011 19:26:05 +0000
Seeing some alerts like this: smtp: Attempted command buffer overflow But here is the packet: Packet: 45 48 4C 4F 20 5B 31 30 2E 36 36 2E 32 32 39 2E EHLO [10.66.229. 38 30 5D 0D 0A 80].. Unless there is something I am missing? Anyone else seeing alerts like this? It is just EHLO'ing the IP address... -- Eoin ------------------------------------------------------------------------------ Achieve unprecedented app performance and reliability What every C/C++ and Fortran developer should know. Learn how Intel has extended the reach of its next-generation tools to help boost performance applications - inlcuding clusters. http://p.sf.net/sfu/intel-dev2devmay _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- FP's for gen:124 sid:1 - smtp: Attempted command buffer overflow Eoin Miller (May 11)
- Re: FP's for gen:124 sid:1 - smtp: Attempted command buffer overflow Matt Watchinski (May 11)
- Re: FP's for gen:124 sid:1 - smtp: Attempted command buffer overflow Eoin Miller (May 11)
- Re: FP's for gen:124 sid:1 - smtp: Attempted command buffer overflow Matt Watchinski (May 12)
- Re: FP's for gen:124 sid:1 - smtp: Attempted command buffer overflow Eoin Miller (May 11)
- Re: FP's for gen:124 sid:1 - smtp: Attempted command buffer overflow Matt Watchinski (May 11)