""ET DOS Microsoft Remote Desktop (RDP) Syn/Ack Outbound Flowbit Set""

SID: 2014385

Revision: 6

Class Type: not-suspicious

Metadata: created_at 2012_03_15, cve CVE_2012_0152, updated_at 2012_03_15

Reference:

• cve

• 2012-0152

Protocol: tcp

Source Network: $HOME_NET

Source Port: 3389

Destination Network: any

Destination Port: any

Flow: from_server,not_established

Contents:

Within:

PCRE:

Special Options:

source