Juniper NETWORK AND SECURITY MANAGER 2010.2 - ADMINISTRATION GUIDE REV1 Administration Manual page 936

Network and Security Manager Administration Guide
MS-RPC:WKST-SVC-OFLOW
NETBIOS:ACCESS:ADMIN
NETBIOS:ACCESS:C-DRIVE
NETBIOS:ACCESS:D-DRIVE
NETBIOS:NBDS:BAD_LABEL_FORMAT
NETBIOS:NBDS:INVALID:1STLVL_ENC
NETBIOS:NBDS:INVALID:DGM_LEN
NETBIOS:NBDS:INVALID:HDR_FLGS
NETBIOS:NBDS:INVALID:LABEL_LEN
NETBIOS:NBDS:INVALID:MSG_TYPE
NETBIOS:NBDS:INVALID:PROTO
NETBIOS:NBDS:OVERFLOW:MSG
NETBIOS:NBDS:OVERFLOW:NAME
886
This protocol anomaly is a suspiciously long argument for
the NetrValidateName, NetrValidateName2, or
NetrAddAlternateComputerName functions requested using
a named-pipe transaction. An unauthenticated user may
exploit this vulnerability on Windows 2000/XP servers to
execute arbitrary code with system-level privileges.
This signature detects attempts to exploit a null session
vulnerability in NETBIOS SMB protocols. Attackers may
initiate SMB sessions with no user name or password, obtain
the remote administrator share on the server, and use this
information to plan further attacks.
This signature detects attempts to exploit a null session
vulnerability in NETBIOS SMB protocols. Attackers may
initiate SMB sessions with no user name or password, obtain
the C Drive share on the server, and use this information to
plan further attacks.
This signature detects attempts to exploit a null session
vulnerability in NETBIOS SMB protocols. Attackers may
initiate SMB sessions with no user name or password, obtain
the D Drive share on the server, and use this information to
plan further attacks.
This protocol anomaly is label for the second level encoding
of a Netbios name that contains a pointer.
This protocol anomaly is an invalid first level encoding of a
Netbios name.
This protocol anomaly is a Netbios datagram header with a
DGM_LENGTH field value that is bigger than the packet
length.
This protocol anomaly is a Netbios datagram header with a
FLAGs field that contains non-zero values for bits 0-3.
This protocol anomaly is a label for the second level
encoding of a netbios name; the label length is larger than
63, or the label is the first label and the length is not 32.
This protocol anomaly is a Netbios datagram header with a
MSG_TYPE field value that is invalid.
This protocol anomaly is a Netbios message with a
USER_DATA section that is less than the size of SMB header,
or the protocol field of the SMB header does not start with
0xff 'S' 'M' 'B'.
This protocol anomaly is a Netbios datagram that is bigger
than 1064.
This protocol anomaly is a Netbios name that is longer than
255.
critical sos5.1.0
medium sos5.1.0
medium sos5.1.0
medium sos5.1.0
high sos5.1.0
medium sos5.1.0
high sos5.1.0
high sos5.1.0
high sos5.1.0
high sos5.1.0
high sos5.1.0
high sos5.1.0
high sos5.1.0
Copyright © 2010, Juniper Networks, Inc.