Preface: SMB Unicode file name overflowLogo -Internet Security Systems

SMB Unicode file name overflow
advICE :Intrusions : 2000506
 FAQ
Oh my gosh, I'm being HACKED!!!
How do I report the hacker to my ISP?
I'm seeing lots of attacks, is this normal?
Summary

Possible Intrusion attempt.

Details

A file name in Microsoft networking is excessively long - this may indicate an attempt by a hacker to overload a buffer and gain unauthorized access to a system.

 more information
advICE: Buffer overflows  
More about this general class of attacks, which is the root cause of many attacks on the Internet.  

 parametric information
lengthThe length of the file name; if it is longer than a few hundred characters, then it may be a buffer overflow attempt.
filenameThe initial portion of the filename. In a buffer overflow attempt, the initial part of the file name is useful for determining which subsystem is being compromised.

 configuration for this item
file.maxname200The maximum length of a file name.

 
Version appeared:
Privacy Policy |  Copyright Info