""ET INFO [401TRG] RPCNetlogon UUID (CVE-2020-1472) (Set)""
SID: 2030888
Revision: 2
Class Type: misc-activity
Metadata: affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Server, created_at 2020_09_18, cve CVE_2020_1472, deployment Internal, signature_severity Major, updated_at 2020_09_18
Reference:
-
cve
-
2020-1472
Protocol: tcp
Source Network: any
Source Port: any
Destination Network: any
Destination Port: any
Flow: established,to_server
Contents:
-
Value: "|05 00 0B|" Depth: 3
-
Value: "|78 56 34 12 34 12 cd ab ef 00 01 23 45 67 cf fb|"
Within:
PCRE:
Special Options: