Click anywhere to stop


Class Intrusion
Platform Win


Intrusion attacks attempt to exploit vulnerable or improperly configured applications, services, and operating systems remotely through a network to achieve arbitrary code execution and perform unauthorized network activity.

A successful intrusion attack can result in remote code execution on the targeted hosts.


An Intrusion.Win.NETAPI.buffer-overflow.exploit attack targets Windows computers and attempts to exploit a flaw in the path canonicalization parser of the Server Service NetAPI library through a specially crafted RPC request. An attack uses SMB as an underlying protocol to perform RPC requests; therefore, it operates over TCP ports 139 and 445. The NetAPI buffer overflow vulnerability was fixed in Microsoft Security Bulletin MS08-67 (

Successful exploitation can result in remote code execution on target machines, which allows an attacker to load malware and propagate it to other vulnerable hosts on a network.

Net-Worm.Win32.Kido malware used a NetAPI buffer overflow exploit to spread on a network.

Find out the statistics of the threats spreading in your region