NetProwler 3.5.1 SU12 introduces 6 new signatures detecting the SSH CRC32 attack, a PHPNuke attack, a new version of the Whisker CGI Scanner, and 3 other Buffer Overflow and Denial Of Service attacks You may obtain NetProwler 3.5.1 SU12 through the product's auto update feature.
- ISA_Fragmented_UDP
By sending a flood of malformed and fragmented UDP packets to the Microsoft Internet Security and Acceleration (ISA) Server, an attacker can cause a denial of service by consuming all CPU cycles on the server.
- Media_Player_Nsc_Unchecked_Buffer
Some versions of Microsoft Media Player contain an unchecked buffer in the code that processes NetShow Channel descriptors. A sufficiently long string in the IP Address field can overflow the buffer.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=2001-0541
- Php_Nuke_Remote_File_Copy
Older versions of PHP-Nuke fail to check the credentials of the connecting user before performing file manipulation operations.
- SSH1_CRC32_Boundary_Overflow
Some older versions of SSH and OpenSSH contain an integer-overflow bug in the CRC32 compensation attack detection code. This may allow remote attackers to write values to arbitrary locations in memory.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=2001-0144
- Whisker2
Whisker is an automated CGI Scanner with sophisticated hiding techniques. A CGI Scanner makes several queries to a Web Server to try and determine if certain vulnerable CGI programs are available for attack.
Last modified on: Tuesday, 11-Jun-02 18:50:35
|
