GEN:SID 1:2497
Message IMAP SSLv3 invalid data version attempt
Summary This event is generated when an attempt is made to exploit a known
vulnerability in the Microsoft implementation of SSL Version 3.
Impact Denial of Service (DoS).
Detailed Information A vulnerability exists in the handling of SSL Version 3 requests that
can be manipulated to cause a DoS condition in various software
implementations used on Microsoft operating systems.

The condition exists because of poor error handling routines in the
Microsoft Secure Sockets Layer (SSL) library. SSL requests containing an
invalid field, sent to vulnerable systems can cause the affected host to stop
handling any further requests.
Affected Systems Microsoft Windows 2000, 2003 and XP systems using SSL
Attack Scenarios An attcker needs to make an SSL request to an affected system that
contains an invalid field.
Ease of Attack Simple.
Corrective Action Apply the appropriate vendor supplied patches
Additional References  
Rule References bugtraq: 10115
cve: 2004-0120
nessus: 12204
url: www.microsoft.com/technet/security/bulletin/MS04-011.mspx