SCADA IDS Signatures (SIS)

CRITIFENCE® SCADA IDS Signatures Database (SIS)

BroadWin/AdvancTech RPC Information Disclosure Vulnerability

Date Title Author SVE-ID
2016-03-03BroadWin/AdvancTech RPC Information Disclosure VulnerabilityDigital BondN/A
Description
This vulnerability_exploit rule contains IDS rule that detect exploit attempts on known control system vulnerabilities. The CVE, if available, and common name of the applicable vulnerability precedes each rule.

Signature

						
							
								
alert tcp any any -> any 4592 (msg:"BroadWin/AdvancTech RPC Information Disclosure Vulnerability";
 flow:to_server,established;
 dce_iface: 5d2b62aa-ee0a-4a95-91ae-b064fdb471fc;
 dce_opnum: 0-3;
 dce_stub_data;
 byte_jump:4,-4,relative,align,dce;
 byte_test:2,=,50003,4,relative,dce;
 reference:url,digitalbond.com/tools/quickdraw/vulnerability-rules;
 sid:1111618;
 rev:1;
 priority:1;
)