SERVER-SAMBA Samba spoolss denial of service attempt
This event is generated when an attacker attempts to exploit a denial of service vulnerability present in the Samba spoolss service.
Detection of a Denial of Service Attack
CVSS base score
CVSS impact score
CVSS exploitability score
Rule checks for an attempt to trigger a denial of service vulnerability present in the Samba spoolss service.
CVE-2018-1050: All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash.
Ease of attack
- Cisco's Talos Intelligence Group