Rule Category

SERVER-OTHER -- Snort has detected traffic exploiting vulnerabilities in a server in the network.

Alert Message

SERVER-OTHER NTPsec ntp_control out-of-bounds read attempt

Rule Explanation

This event is generated when an attacker attempts to exploit an out of bounds read attempt against NTPSec. Impact: Attempted User Privilege Gain Details: This rule checks for an attempts to exploit an out of bounds read attempt against NTPSec via a malformed count value. Ease of Attack:

What To Look For

This event is generated when an attacker attempts to exploit an out of bounds read attempt against NTPSec.

Known Usage

No public information

False Positives

No known false positives

Contributors

Cisco Talos Intelligence Group

Rule Groups

MITRE::ATT&CK Framework::Enterprise::Initial Access::Exploit Public-Facing Application

CVE

Additional Links

Rule Vulnerability

Escalation of Privilege

An Escalation of Privilege (EOP) attack is any attack method that results in a user or application gaining permissions to access resources they normally would not have access to.

CVE Additional Information

This product uses data from the NVD API but is not endorsed or certified by the NVD.
CVE-2019-6444
Loading description
CVE-2019-6443
Loading description