PDA

Archiv verlassen und diese Seite im Standarddesign anzeigen : Mein Rechner wurde gescannt!!



mega4141
13.04.2003, 17:33
CGI Scripts: Py-Membres Index.PHP Unauthorized Access Vulnerability
Port: 80
Description: A vulnerability has been reported for Py-Membres 3.1 that allows remote attackers to obtain administrative privileges on vulnerable installations. Reportedly, Py-Membres does not fully check some URI parameters. Thus it is possible for an attacker to manipulate URI parameters and log into the system as an arbitrary user without the need for passwords.
Risk Level: Medium
How To Fix: Upgrading to the most recent version of Midicart PHP.
Related Links: Midicart PHP Homepage

Script: http://www........de/index.php?pymembs=admin


Web Servers: Multiple OpenSSL Remote Buffer Overflow Vulnerabilities
Port: 80
Description: Multiple buffer overflow vulnerabilities have been reported for OpenSSL 0.9.7 and earlier.1. It is possible for the master key supplied by a client to an SSL version 2 server to be oversized. This would cause stack memory to become corrupted. It has been reported that this issue is remotely exploitable. Systems that do not enable SSLv2 functionality are not vulnerable to this issue. This issue has been given CVE ID: CAN-2002-0656.2. A SSL version 3 session ID supplied to a client from a malicious server may be oversized. This would cause a buffer to be overrun and corrupt key memory areas on the client system. This issue has been given CVE ID: CAN-2002-0656.3. A master key supplied to a SSL version 3 server could be oversized. This would cause stack memory on the vulnerable server to become corrupted. This issue only affects systems that use OpenSSL 0.9.7 before 0.9.7-beta3 with Kerberos enabled. This issue has been given CVE ID: CAN-2002-0657.4. An issue with buffers used to hold ASCII representations of integers on 64 bit platforms has been reported. It is possible to overflow these buffers on a vulnerable system if overly large values are submitted by a malicious attacker. This issue has been given CVE ID: CAN-2002-0655.5. Another issue exists with the ASN.1 library used by OpenSSL. Reportedly there are parsing issues with the library. This issue has been given CVD ID: CAN-2002-0659.
Risk Level: High
How To Fix: Upgrade to the current version of OpenSSL.


Wer kann mir über diese Attacken auskunft geben???

cu
mega4141

rygar
13.04.2003, 18:27
Hi,

durch einen Bug bei OpenSSL ist es moeglich ein Programm auf
dem Angegriffenen Rechner auszufuehren.

Vielleicht sagt dir der Wurm Slapper mehr ?

Siehe auch hier :

http://cert.uni-stuttgart.de/archive/win-sec-ssc/2002/09/msg00062.html

mfG,

Martin

akidda
05.05.2003, 11:24
hi


naja würde dir empfehlen ein IDS zu installieren --- zb.:portsentry ......