NetShow Services Bug - Probes recorded

NB - The 'specific' signature in SNORT has been added somewhere during February. The attacks was being catched anyway by the generic signature which catches any attempt to call the '/scripts' directory

I noticed an increase in scanning this vulnerability - some crackers with autorooters scanning entire networks searching for just THIS ONE vulnerability. I highly suspect they were searching for the bug mentioned here: http://lists.immunitysec.com/pipermail/dailydave/2004-March/000381.html

This page represents the output of a joint research of different members of ITVC.