FILE-OTHER -- Snort detected traffic targeting vulnerabilities in a file type that does not require enough rule coverage to have its own category.
FILE-OTHER Microsoft Windows Avast Anti-Virus local credentials disclosure attempt
This event is generated when there is a Microsoft Windows Avast Anti-Virus local credentials disclosure attempt. Impact: Attempted User Privilege Gain Details: Avast Anti-Virus before version 19.1.2360 does not properly protect email/password credentials kept in process memory, allowing for malicious scripts to scrape for this information. The rule looks for indicators a downloaded python script will attempt to exploit this vulnerability. Ease of Attack: Simple
No information provided
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
CVE-2018-12572 |
Loading description
|