SERVER-MAIL -- Snort has detected traffic exploiting vulnerabilities in mail servers (such as Exchange, Courrier). These are different from protocol traffic, as this deals with the traffic going to the mail server itself.
SERVER-MAIL Multiple products non-ascii sender address spoofing attempt
This event is generated when an attacker attempts to spoof their FROM mail address. Impact: Email phishing Details: Rule checks for an attempt to spoof their FROM email address using non-ASCII encoded values. Ease of Attack: Simple
No information provided
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
CVE-2018-0819 |
Loading description
|