Cluster details: [EXPLOIT] part of SMB exploit - buffer overflow (139/445/TCP)

Name:	[EXPLOIT] part of SMB exploit - buffer overflow (139/445/TCP)
Date:	2011-12-08 17:30:49
Classification Level:	Attack
Core:	[EXPLOIT] part of SMB exploit - buffer overflow (139/445/TCP)
Ports:	139/TCP , 445/TCP
Unique Sip:	14
Signature size:	98
Super signature:
alert tcp $EXTERNAL_NET any -> $HOME_NET 139,445 (msg:"[EXPLOIT] part of SMB exploit - buffer overfl\ ow (139/445/TCP)"; flow:to_server,established; content:"DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD\ DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD";)