CVE-2010-2019
published 2010-05-24CVE-2010-2019: SQL injection vulnerability in downlot.php in Lokomedia CMS 1.4.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands…
PriorityP432medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
0.93%
56.0th percentile
SQL injection vulnerability in downlot.php in Lokomedia CMS 1.4.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the file parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| bukulokomedia | lokomedia_cms | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-55jw-55j6-cwpv: SQL injection vulnerability in downlot
ghsa_unreviewed·2022-05-17
CVE-2010-2019 [MEDIUM] CWE-89 GHSA-55jw-55j6-cwpv: SQL injection vulnerability in downlot
SQL injection vulnerability in downlot.php in Lokomedia CMS 1.4.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the file parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Palo Alto
PAN-SA-2024-0008 Informational Bulletin: Impact of OSS CVEs in PAN-OS
vendor_paloalto·2024-09-04·CVSS 6.0
CVE-2022-22965 [MEDIUM] PAN-SA-2024-0008 Informational Bulletin: Impact of OSS CVEs in PAN-OS
PAN-SA-2024-0008 Informational Bulletin: Impact of OSS CVEs in PAN-OS
The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to PAN-OS software. While PAN-OS software may include the
CVEs: CVE-2010-1622, CVE-2015-7552, CVE-2018-16840, CVE-2019-7639, CVE-2020-17049, CVE-2020-7774, CVE-2021-0131, CVE-2021-0132, CVE-2021-0133, CVE-2021-0134, CVE-2021-4044, CVE-2021-4160, CVE-2021-41773, CVE-2022-1343, CVE-2022-21449, CVE-2022-2274, CVE-2022-22963, CVE-2022-22965, CVE-2022-24697, CVE-2022-32207, CVE-2022-3358, CVE-2022-3996, CVE-2022-40664, CVE-2022-44792, CVE-2022-44793, CVE-2023-1255, CVE-2023-22809, CVE-2023-23919, CVE-2023-3341, CVE-2023-4236, CVE-2023-4863, CVE-2023-51767
Affected products: PAN-OS
Suricata
GPL RPC RQUOTA getquota overflow attempt UDP
suricata·2010-09-23
CVE-1999-0974 GPL RPC RQUOTA getquota overflow attempt UDP
GPL RPC RQUOTA getquota overflow attempt UDP
Rule: alert udp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL RPC RQUOTA getquota overflow attempt UDP"; content:"|00 01 86 AB|"; depth:4; offset:12; content:"|00 00 00 01|"; within:4; distance:4; byte_jump:4,4,relative,align; byte_jump:4,4,relative,align; byte_test:4,>,128,0,relative; content:"|00 00 00 00|"; depth:4; offset:4; reference:bugtraq,864; reference:cve,1999-0974; classtype:misc-attack; sid:2101963; rev:10; metadata:created_at 2010_09_23, cve CVE_1999_0974, confidence Medium, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)
Suricata
GPL RPC STATD UDP monitor mon_name format string exploit attempt
suricata·2010-09-23
CVE-2000-0666 GPL RPC STATD UDP monitor mon_name format string exploit attempt
GPL RPC STATD UDP monitor mon_name format string exploit attempt
Rule: alert udp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL RPC STATD UDP monitor mon_name format string exploit attempt"; content:"|00 01 86 B8|"; depth:4; offset:12; content:"|00 00 00 02|"; within:4; distance:4; byte_jump:4,4,relative,align; byte_jump:4,4,relative,align; byte_test:4,>,100,0,relative; content:"|00 00 00 00|"; depth:4; offset:4; reference:bugtraq,1480; reference:cve,2000-0666; classtype:attempted-admin; sid:2101915; rev:10; metadata:created_at 2010_09_23, cve CVE_2000_0666, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)
Suricata
GPL RPC portmap rusers request UDP
suricata·2010-09-23
CVE-1999-0626 GPL RPC portmap rusers request UDP
GPL RPC portmap rusers request UDP
Rule: alert udp $EXTERNAL_NET any -> $HOME_NET 111 (msg:"GPL RPC portmap rusers request UDP"; content:"|00 01 86 A0|"; depth:4; offset:12; content:"|00 00 00 03|"; within:4; distance:4; byte_jump:4,4,relative,align; byte_jump:4,4,relative,align; content:"|00 01 86 A2|"; within:4; content:"|00 00 00 00|"; depth:4; offset:4; reference:arachnids,133; reference:cve,1999-0626; classtype:rpc-portmap-decode; sid:2100584; rev:12; metadata:created_at 2010_09_23, cve CVE_1999_0626, signature_severity Informational, updated_at 2019_07_26;)
Suricata
GPL NETBIOS DCERPC CoGetInstanceFromFile overflow attempt
suricata·2010-09-23
CVE-2003-0995 GPL NETBIOS DCERPC CoGetInstanceFromFile overflow attempt
GPL NETBIOS DCERPC CoGetInstanceFromFile overflow attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 135 (msg:"GPL NETBIOS DCERPC CoGetInstanceFromFile overflow attempt"; flow:established,to_server; flowbits:isset,smb.tree.bind.msqueue; content:"|05|"; byte_test:1,!&,16,3,relative; content:"|00|"; within:1; distance:1; content:"|01 00|"; within:2; distance:19; byte_test:4,>,128,20,relative; reference:cve,2003-0995; reference:url,www.eeye.com/html/Research/Advisories/AD20030910.html; reference:url,www.microsoft.com/technet/security/bulletin/MS03-026.mspx; classtype:attempted-admin; sid:2103159; rev:4; metadata:created_at 2010_09_23, cve CVE_2003_0995, confidence Medium, signature_severity Informational, updated_at 2019_07_26;)
Suricata
GPL NETBIOS SMB NT Trans NT CREATE unicode DACL overflow attempt
suricata·2010-09-23
CVE-2004-1154 GPL NETBIOS SMB NT Trans NT CREATE unicode DACL overflow attempt
GPL NETBIOS SMB NT Trans NT CREATE unicode DACL overflow attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 139 (msg:"GPL NETBIOS SMB NT Trans NT CREATE unicode DACL overflow attempt"; flow:established,to_server; content:"|00|"; depth:1; content:"|FF|SMB|A0|"; within:5; distance:3; byte_test:1,&,128,6,relative; content:"|01 00|"; within:2; distance:64; byte_jump:4,-7,little,relative,from_beginning; content:!"|00 00 00 00|"; within:4; distance:20; byte_jump:4,20,relative,little; byte_test:4,>,32,-16,relative,little; reference:cve,2004-1154; classtype:protocol-command-decode; sid:2103036; rev:5; metadata:created_at 2010_09_23, cve CVE_2004_1154, confidence Medium, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)
Suricata
GPL RPC portmap ypserv request UDP
suricata·2010-09-23
CVE-2000-1042 GPL RPC portmap ypserv request UDP
GPL RPC portmap ypserv request UDP
Rule: alert udp $EXTERNAL_NET any -> $HOME_NET 111 (msg:"GPL RPC portmap ypserv request UDP"; content:"|00 01 86 A0|"; depth:4; offset:12; content:"|00 00 00 03|"; within:4; distance:4; byte_jump:4,4,relative,align; byte_jump:4,4,relative,align; content:"|00 01 86 A4|"; within:4; content:"|00 00 00 00|"; depth:4; offset:4; reference:arachnids,12; reference:bugtraq,5914; reference:bugtraq,6016; reference:cve,2000-1042; reference:cve,2000-1043; reference:cve,2002-1232; classtype:rpc-portmap-decode; sid:2100590; rev:13; metadata:created_at 2010_09_23, cve CVE_2000_1042, signature_severity Informational, updated_at 2019_07_26;)
Suricata
GPL NETBIOS DCERPC IrotIsRunning attempt
suricata·2010-09-23
CVE-2002-1561 GPL NETBIOS DCERPC IrotIsRunning attempt
GPL NETBIOS DCERPC IrotIsRunning attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 135 (msg:"GPL NETBIOS DCERPC IrotIsRunning attempt"; flow:established,to_server; flowbits:isset,smb.tree.bind.irot; content:"|05|"; byte_test:1,!&,16,3,relative; content:"|00|"; within:1; distance:1; content:"|00 02|"; within:2; distance:19; byte_test:4,>,128,0,relative; reference:bugtraq,6005; reference:cve,2002-1561; reference:url,www.microsoft.com/technet/security/bulletin/MS03-010.mspx; classtype:protocol-command-decode; sid:2103238; rev:4; metadata:created_at 2010_09_23, cve CVE_2002_1561, signature_severity Informational, updated_at 2019_07_26;)
Suricata
GPL IMAP find overflow attempt
suricata·2010-09-23
CVE-2000-0284 GPL IMAP find overflow attempt
GPL IMAP find overflow attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 143 (msg:"GPL IMAP find overflow attempt"; flow:established,to_server; content:"FIND"; nocase; isdataat:100,relative; pcre:"/\sFIND\s[^\n]{100}/smi"; reference:bugtraq,1110; reference:cve,2000-0284; reference:nessus,10374; classtype:misc-attack; sid:2101904; rev:8; metadata:created_at 2010_09_23, cve CVE_2000_0284, confidence Medium, signature_severity Major, updated_at 2019_07_26;)
Suricata
GPL VOIP EXPLOIT SIP UDP Softphone overflow attempt
suricata·2010-09-23
CVE-2006-0189 GPL VOIP EXPLOIT SIP UDP Softphone overflow attempt
GPL VOIP EXPLOIT SIP UDP Softphone overflow attempt
Rule: alert udp $EXTERNAL_NET any -> $HOME_NET 5060 (msg:"GPL VOIP EXPLOIT SIP UDP Softphone overflow attempt"; content:"|3B|branch|3D|"; content:"a|3D|"; pcre:"/^a\x3D[^\n]{1000,}/smi"; reference:bugtraq,16213; reference:cve,2006-0189; classtype:misc-attack; sid:2100223; rev:2; metadata:created_at 2010_09_23, cve CVE_2006_0189, confidence Medium, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)
Suricata
GPL RPC yppasswd username overflow attempt UDP
suricata·2010-09-23
CVE-2001-0779 GPL RPC yppasswd username overflow attempt UDP
GPL RPC yppasswd username overflow attempt UDP
Rule: alert udp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL RPC yppasswd username overflow attempt UDP"; content:"|00 01 86 A9|"; depth:4; offset:12; content:"|00 00 00 01|"; within:4; distance:4; byte_jump:4,4,relative,align; byte_jump:4,4,relative,align; byte_jump:4,0,relative,align; byte_test:4,>,64,0,relative; content:"|00 00 00 00|"; depth:4; offset:4; reference:bugtraq,2763; reference:cve,2001-0779; classtype:rpc-portmap-decode; sid:2102025; rev:10; metadata:created_at 2010_09_23, cve CVE_2001_0779, confidence Medium, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)
Suricata
GPL NETBIOS SMB-DS NT Trans NT CREATE SACL overflow attempt
suricata·2010-09-23
CVE-2004-1154 GPL NETBIOS SMB-DS NT Trans NT CREATE SACL overflow attempt
GPL NETBIOS SMB-DS NT Trans NT CREATE SACL overflow attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 445 (msg:"GPL NETBIOS SMB-DS NT Trans NT CREATE SACL overflow attempt"; flow:established,to_server; content:"|00|"; depth:1; content:"|FF|SMB|A0|"; within:5; distance:3; byte_test:1,!&,128,6,relative; content:"|01 00|"; within:2; distance:64; byte_jump:4,-7,little,relative,from_beginning; content:!"|00 00 00 00|"; within:4; distance:16; byte_jump:4,16,relative,little; byte_test:4,>,32,-16,relative,little; reference:cve,2004-1154; classtype:protocol-command-decode; sid:2103030; rev:5; metadata:created_at 2010_09_23, cve CVE_2004_1154, confidence Medium, signature_severity Informational, updated_at 2019_07_26;)
Suricata
GPL NETBIOS SMB NT Trans NT CREATE unicode SACL overflow attempt
suricata·2010-09-23
CVE-2004-1154 GPL NETBIOS SMB NT Trans NT CREATE unicode SACL overflow attempt
GPL NETBIOS SMB NT Trans NT CREATE unicode SACL overflow attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 139 (msg:"GPL NETBIOS SMB NT Trans NT CREATE unicode SACL overflow attempt"; flow:established,to_server; content:"|00|"; depth:1; content:"|FF|SMB|A0|"; within:5; distance:3; byte_test:1,&,128,6,relative; content:"|01 00|"; within:2; distance:64; byte_jump:4,-7,little,relative,from_beginning; content:!"|00 00 00 00|"; within:4; distance:16; byte_jump:4,16,relative,little; byte_test:4,>,32,-16,relative,little; reference:cve,2004-1154; classtype:protocol-command-decode; sid:2103028; rev:5; metadata:created_at 2010_09_23, cve CVE_2004_1154, confidence Medium, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)
Suricata
ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 (5)
suricata·2010-07-30
CVE-2008-4250 ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 (5)
ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 (5)
Rule: alert udp any any -> $HOME_NET 139 (msg:"ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 (5)"; content:"|1F 00|"; content:"|C8 4F 32 4B 70 16 D3 01 12 78 5A 47 BF 6E E1 88|"; content:"|00 2E 00 2E 00 5C 00 2E 00 2E 00 5C|"; reference:url,www.microsoft.com/technet/security/Bulletin/MS08-067.mspx; reference:cve,2008-4250; reference:url,www.kb.cert.org/vuls/id/827267; classtype:attempted-admin; sid:2008694; rev:5; metadata:created_at 2010_07_30, cve CVE_2008_4250, confidence Medium, signature_severity Major, updated_at 2019_07_26;)
Suricata
ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 (11)
suricata·2010-07-30
CVE-2008-4250 ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 (11)
ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 (11)
Rule: alert tcp any any -> $HOME_NET 445 (msg:"ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 (11)"; flow:established,to_server; content:"|0B|"; offset:2; depth:1; content:"|C8 4F 32 4B 70 16 D3 01 12 78 5A 47 BF 6E E1 88|"; reference:url,www.microsoft.com/technet/security/Bulletin/MS08-067.mspx; reference:cve,2008-4250; reference:url,www.kb.cert.org/vuls/id/827267; classtype:attempted-admin; sid:2008701; rev:5; metadata:created_at 2010_07_30, cve CVE_2008_4250, confidence Medium, signature_severity Major, updated_at 2019_07_26;)
Suricata
ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 (23)
suricata·2010-07-30
CVE-2008-4250 ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 (23)
ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 (23)
Rule: alert tcp any any -> $HOME_NET 445 (msg:"ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 (23)"; flow:established,to_server; content:"|20 00|"; content:"|C8 4F 32 4B 70 16 D3 01 12 78 5A 47 BF 6E E1 88|"; content:"/../"; reference:url,www.microsoft.com/technet/security/Bulletin/MS08-067.mspx; reference:cve,2008-4250; reference:url,www.kb.cert.org/vuls/id/827267; classtype:attempted-admin; sid:2008713; rev:5; metadata:created_at 2010_07_30, cve CVE_2008_4250, confidence Medium, signature_severity Major, updated_at 2019_07_26;)
Suricata
ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 - Known Exploit Instance (2)
suricata·2010-07-30
CVE-2008-4250 ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 - Known Exploit Instance (2)
ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 - Known Exploit Instance (2)
Rule: alert tcp any any -> $HOME_NET 445 (msg:"ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 - Known Exploit Instance (2)"; flow:established,to_server; content:"|00 2e 00 2e 00 2f 00 2e 00 2e 00 2f 00 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 87|"; reference:url,www.microsoft.com/technet/security/Bulletin/MS08-067.mspx; reference:cve,2008-4250; reference:url,www.kb.cert.org/vuls/id/827267; classtype:attempted-admin; sid:2008721; rev:5; metadata:created_at 2010_07_30, cve CVE_2008_4250, confidence Medium, signature_severity Major, updated_at 2019_07_26;)
Suricata
ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 (14)
suricata·2010-07-30
CVE-2008-4250 ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 (14)
ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 (14)
Rule: alert tcp any any -> $HOME_NET 445 (msg:"ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 (14)"; flow:established,to_server; content:"|1F 00|"; content:"|C8 4F 32 4B 70 16 D3 01 12 78 5A 47 BF 6E E1 88|"; content:"|00 2E 00 2E 00 2F 00 2E 00 2E 00 2F|"; reference:url,www.microsoft.com/technet/security/Bulletin/MS08-067.mspx; reference:cve,2008-4250; reference:url,www.kb.cert.org/vuls/id/827267; classtype:attempted-admin; sid:2008704; rev:5; metadata:created_at 2010_07_30, cve CVE_2008_4250, confidence Medium, signature_severity Major, updated_at 2019_07_26;)
Suricata
ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 (9)
suricata·2010-07-30
CVE-2008-4250 ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 (9)
ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 (9)
Rule: alert udp any any -> $HOME_NET 139 (msg:"ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 (9)"; content:"|20 00|"; content:"|C8 4F 32 4B 70 16 D3 01 12 78 5A 47 BF 6E E1 88|"; content:"|00 2E 00 2E 00 2F 00 2E 00 2E 00 2F|"; reference:url,www.microsoft.com/technet/security/Bulletin/MS08-067.mspx; reference:cve,2008-4250; reference:url,www.kb.cert.org/vuls/id/827267; classtype:attempted-admin; sid:2008698; rev:5; metadata:created_at 2010_07_30, cve CVE_2008_4250, confidence Medium, signature_severity Major, updated_at 2019_07_26;)
Suricata
ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 (12)
suricata·2010-07-30
CVE-2008-4250 ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 (12)
ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 (12)
Rule: alert tcp any any -> $HOME_NET 445 (msg:"ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 (12)"; flow:established,to_server; content:"|1F 00|"; content:"|C8 4F 32 4B 70 16 D3 01 12 78 5A 47 BF 6E E1 88|"; content:"|5C|..|5C|"; reference:url,www.microsoft.com/technet/security/Bulletin/MS08-067.mspx; reference:cve,2008-4250; reference:url,www.kb.cert.org/vuls/id/827267; classtype:attempted-admin; sid:2008702; rev:6; metadata:created_at 2010_07_30, cve CVE_2008_4250, confidence Medium, signature_severity Major, updated_at 2019_07_26;)
Suricata
ET SCADA CitectSCADA ODBC Overflow Attempt
suricata·2010-07-30
CVE-2008-2639 ET SCADA CitectSCADA ODBC Overflow Attempt
ET SCADA CitectSCADA ODBC Overflow Attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 20222 (msg:"ET SCADA CitectSCADA ODBC Overflow Attempt"; flow:established,to_server; dsize:4; byte_test:4,>,399,0; reference:cve,2008-2639; reference:url,www.digitalbond.com/index.php/2008/09/08/ids-signature-for-citect-vuln/; reference:url,digitalbond.com/tools/quickdraw/vulnerability-rules; classtype:attempted-user; sid:2008542; rev:8; metadata:created_at 2010_07_30, cve CVE_2008_2639, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)
Suricata
ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 - Known Exploit Instance
suricata·2010-07-30
CVE-2008-4250 ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 - Known Exploit Instance
ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 - Known Exploit Instance
Rule: alert udp any any -> $HOME_NET 139 (msg:"ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 - Known Exploit Instance"; content:"|00 2e 00 2e 00 2f 00 2e 00 2e 00 2f 00 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 87|"; reference:url,www.microsoft.com/technet/security/Bulletin/MS08-067.mspx; reference:cve,2008-4250; reference:url,www.kb.cert.org/vuls/id/827267; classtype:attempted-admin; sid:2008700; rev:5; metadata:created_at 2010_07_30, cve CVE_2008_4250, confidence Medium, signature_severity Major, updated_at 2019_07_26;)
Suricata
ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 (22)
suricata·2010-07-30
CVE-2008-4250 ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 (22)
ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 (22)
Rule: alert tcp any any -> $HOME_NET 445 (msg:"ET NETBIOS Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 (22)"; flow:established,to_server; content:"|20 00|"; content:"|C8 4F 32 4B 70 16 D3 01 12 78 5A 47 BF 6E E1 88|"; content:"|5C|..|5C|"; reference:url,www.microsoft.com/technet/security/Bulletin/MS08-067.mspx; reference:cve,2008-4250; reference:url,www.kb.cert.org/vuls/id/827267; classtype:attempted-admin; sid:2008712; rev:6; metadata:created_at 2010_07_30, cve CVE_2008_4250, confidence Medium, signature_severity Major, updated_at 2019_07_26;)
No public exploits indexed.
Trendmicro
Asruex Backdoor Infects Files Via Old Vulnerabilities
blogs_trendmicro·2019-08-22·CVSS 7.3
[HIGH] Asruex Backdoor Infects Files Via Old Vulnerabilities
Ciberamenazas
## Asruex Backdoor Infects Files Via Old Vulnerabilities
Asruex has been known for its backdoor capabilities. However, when we encountered Asruex in a PDF file, we found that a variant of the malware can also act as an infector particularly through the use of old vulnerabilities.
By: Ian Mercado, Mhica Romero Aug 22, 2019 Read time: ( words)
Save to Folio
Since it first emerged in 2015, Asruex has been known for its backdoor capabilities and connection to the spyware DarkHotel. However, when we encountered Asruex in a PDF file, we found that a variant of the malware can also act as an infector particularly through the use of old vulnerabilities CVE-2012-0158 and CVE-2010-2883 , which inject code in Word and PDF files respectively. The use of old, patched vulnerabilities
Trendmicro
Asruex Backdoor Infects Files Via Old Vulnerabilities
blogs_trendmicro·2019-08-22·CVSS 7.3
[HIGH] Asruex Backdoor Infects Files Via Old Vulnerabilities
Cyber Threats
# Asruex Backdoor Infects Files Via Old Vulnerabilities
Asruex has been known for its backdoor capabilities. However, when we encountered Asruex in a PDF file, we found that a variant of the malware can also act as an infector particularly through the use of old vulnerabilities.
By: Ian Mercado, Mhica Romero
Aug 22, 2019
Read time: ( words)
Save to Folio
Since it first emerged in 2015, Asruex has been known for its backdoor capabilities and connection to the spyware DarkHotel. However, when we encountered Asruex in a PDF file, we found that a variant of the malware can also act as an infector particularly through the use of old vulnerabilities CVE-2012-0158 and CVE-2010-2883, which inject code in Word and PDF files respectively. The use of old, patched vulnerabilities c
Trendmicro
Asruex Backdoor Infects Files Via Old Vulnerabilities
blogs_trendmicro·2019-08-22·CVSS 7.3
[HIGH] Asruex Backdoor Infects Files Via Old Vulnerabilities
Cyberbedrohungen
## Asruex Backdoor Infects Files Via Old Vulnerabilities
Asruex has been known for its backdoor capabilities. However, when we encountered Asruex in a PDF file, we found that a variant of the malware can also act as an infector particularly through the use of old vulnerabilities.
By: Ian Mercado, Mhica Romero Aug 22, 2019 Read time: ( words)
Save to Folio
Since it first emerged in 2015, Asruex has been known for its backdoor capabilities and connection to the spyware DarkHotel. However, when we encountered Asruex in a PDF file, we found that a variant of the malware can also act as an infector particularly through the use of old vulnerabilities CVE-2012-0158 and CVE-2010-2883 , which inject code in Word and PDF files respectively. The use of old, patched vulnerabiliti
Fortinet
Patch Your Microsoft Outlook: Fortinet Discovered Four Outlook Remote Code Execution Vulnerabilities
blogs_fortinet·2018-11-13·CVSS 7.8
[HIGH] Patch Your Microsoft Outlook: Fortinet Discovered Four Outlook Remote Code Execution Vulnerabilities
FORTIGUARD LABS THREAT RESEARCH
Patch Your Microsoft Outlook: Fortinet Discovered Four Outlook Remote Code Execution Vulnerabilities
By Yonghui Han | November 13, 2018
FortiGuard Labs Breaking Threat Research
This Patch Tuesday, November 13, 2018, Microsoft patched six vulnerabilities discovered in Microsoft Outlook. Four of them were discovered and reported on by Fortinet researcher Yonghui Han by following Fortinet’s responsible disclosure process. The CVE numbers assigned to them are CVE-2018-8522, CVE-2018-8524, CVE-2018-8576 and CVE-2018-8582. All Microsoft Outlook versions from 2010 to 2019 are affected. All of four of these vulnerabilities could lead to remote code execution and have been given an Important rating by Microsoft. In this post we will provide more details on these
2010-05-24
Published