English
Russian
Japanese
LatAm
Türkiye
Brasil
France
Český
Deutschland
Intrusion.Win.NETAPI.buffer-overflow.exploit
| Class | Intrusion |
| Platform | Win |
| Description |
Intrusion Intrusion attacks attempt to exploit vulnerable or improperly configured applications, services, and operating systems remotely through a network to achieve arbitrary code execution and perform unauthorized network activity. A successful intrusion attack can result in remote code execution on the targeted hosts. Description An Intrusion.Win.NETAPI.buffer-overflow.exploit attack targets Windows computers and attempts to exploit a flaw in the path canonicalization parser of the Server Service NetAPI library through a specially crafted RPC request. An attack uses SMB as an underlying protocol to perform RPC requests; therefore, it operates over TCP ports 139 and 445. The NetAPI buffer overflow vulnerability was fixed in Microsoft Security Bulletin MS08-67 (https://technet.microsoft.com/en-us/library/security/ms08-067.aspx). Successful exploitation can result in remote code execution on target machines, which allows an attacker to load malware and propagate it to other vulnerable hosts on a network. Net-Worm.Win32.Kido malware used a NetAPI buffer overflow exploit to spread on a network. |
| Find out the statistics of the threats spreading in your region |