Snort mailing list archives
Re: IPS does not detect MS12-020 vulnerability via backtrack module
From: "Joel Esler (jesler)" <jesler () cisco com>
Date: Tue, 26 Nov 2013 20:18:45 +0000
Lukas, We have this bug assigned out now and are looking into it. On Nov 26, 2013, at 5:58 AM, Lukas Matt <lukas.matt () sophos com<mailto:lukas.matt () sophos com>> wrote: Hey guys, one of our customer complained about SID 21619 (not readable to me). If he runs the attack with.. https://svn.nmap.org/nmap/scripts/rdp-vuln-ms12-020.nse .. the attack will be blocked, but if he uses Backtrack: auxiliary/dos/windows/rdp/ms12_020_maxchannelids ... he can pass the rule. Cheers, Lukas -- Lukas Matt Deep Packet Inspection Researcher, RnD tel: +49-721-25516-322, cell: +49-174-3440-555 Sophos Technology GmbH Amalienbadstr. 41/Bau 52, 76227 Karlsruhe, Germany SOPHOS Security made simple --- Sophos Technology GmbH, Commercial Register: Mannheim HRB 712658 Headquarter Location: Amalienbadstr. 41/Bau 52 | 76227 Karlsruhe | Germany Executive Board: Nicholas Bray, Pino von Kienlin, Richard Walford, Joachim Frost, Günter Junk ------------------------------------------------------------------------------ Shape the Mobile Experience: Free Subscription Software experts and developers: Be at the forefront of tech innovation. Intel(R) Software Adrenaline delivers strategic insight and game-changing conversations that shape the rapidly evolving mobile landscape. Sign up now. http://pubads.g.doubleclick.net/gampad/clk?id=63431311&iu=/4140/ostg.clktrk_______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- IPS does not detect MS12-020 vulnerability via backtrack module Lukas Matt (Nov 26)
- Re: IPS does not detect MS12-020 vulnerability via backtrack module Joel Esler (jesler) (Nov 26)
- Re: IPS does not detect MS12-020 vulnerability via backtrack module Joel Esler (jesler) (Nov 26)