NetProwler 3.5.1 SU18 introduces a total of two (2) signatures. New signatures include the detection of the Apache Chunk Encoding Buffer Overflow and the detection of a BIND version query. You may obtain NetProwler 3.5.1 SU 18 through the product's auto-update feature.
- Apache_Chunk_Encoding_BO
This signature detects the attempt to overflow a buffer in the Apache Web Server 'Chunk Encoding' mechanism. When Apache processes chunk-encoded requests, it improperly calculates required buffer sizes creating a vulnerability that results in execution of arbitrary code.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=2002-0392
- Bind_Version_Query
Many versions of Berkley Internet Name Domain (BIND) have vulnerabilities that could be exploited by a malicious user. This signature detects DNS version request query responses from your DNS server. While not necessarily an attack, BIND version requests could identify your DNS server as vulnerable to potential attackers. This could be a precursor to an attack against vulnerable DNS servers.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=2002-0400
Last modified on: Wednesday, 26-Jun-02 13:34:32
|
