FILE-IDENTIFY -- Snort has detecte File Type indicators associated with packet data, which it will use to facilitate a flowbit, a method of stringing rules together. In a flowbit, one rule examines packets for file type indications, which it uses to switch rules pertaining to that file type from a dormant to active state in order to process the appropriate packets. File-type rules stay dormant to prevent alerts on innocent traffic. That same traffic, when contained in, for instance, a .doc file attached to an email, might be a threat and should be scanned.
FILE-IDENTIFY Microsoft Windows Media ASF file magic detected
This event is generated when an attempt is made to exploit a known vulnerability in windows-nt. Impact: Denial of Service. Information disclosure. Loss of integrity. Details: Stack-based buffer overflow in the Agent.Control function in Microsoft Agent ActiveX control (agentdpv.dll) in Microsoft Windows 2000 SP4 allows remote attackers to execute arbitrary code via a crafted URL, a different issue than CVE-2007-1205. Ease of Attack: Simple.
No information provided
No public information
No known false positives
Cisco Talos This document was generated from data supplied by the National Vulnerability Database. A product of the National Institute of Standards and Technology. For more information see http://nvd.nist.gov/
No rule groups
CVE-2007-1205 |
Loading description
|
©2024 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
