""ET EXPLOIT Dameware DMRC Buffer Overflow Attempt (CVE-2016-2345)""
SID: 2022712
Revision: 1
Class Type: attempted-admin
Metadata: created_at 2016_04_06, cve CVE_2016_2345, confidence High, updated_at 2016_04_06
Reference:
Protocol: tcp
Source Network: any
Source Port: any
Destination Network: any
Destination Port: 6129
Flow: established,to_server
Contents:
-
Value: "|44 9c 00 00|" Depth: 4
-
Value: "|90 90 90 90 90 90 90 90|"
-
Value: "|eb 06 ff ff 61 11 40 00 90 90 90 e9 6b fa ff ff|"
Within:
PCRE:
Special Options: