= 2nd memory =: RDP / CVE-2001-0540

RDP / CVE-2001-0540

:: 기본

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-040

https://www.securityfocus.com/bid/3099

https://cve.mitre.org/cgi-bin/cvename.cgi?name=2001-0540

https://www.cvedetails.com/cve/CVE-2001-0540/

:: Snort

alert tcp $EXTERNAL_NET any -> $HOME_NET 3389 (msg:"MISC MS Terminal server request RDP"; flow:to_server,established; content:"|03 00 00 0B 06 E0 00 00 00 00 00|"; depth:11; reference:bugtraq,3099; reference:cve,2001-0540; classtype:protocol-command-decode; sid:1447; rev:11;)

alert tcp $EXTERNAL_NET any -> $HOME_NET 3389 (msg:"MISC MS Terminal server request"; flow:to_server,established; content:"|03 00 00|"; depth:3; content:"|E0 00 00 00 00 00|"; depth:6; offset:5; reference:bugtraq,3099; reference:cve,2001-0540; reference:url,www.microsoft.com/technet/security/bulletin/MS01-040.mspx; classtype:protocol-command-decode; sid:1448; rev:12;)

= 2nd memory =

2020년 6월 12일 금요일

RDP / CVE-2001-0540

댓글 없음: