PCZONE 討論區

PCZONE 討論區 (https://www.pczone.com.tw/vbb3/)
-   -- 防 駭 / 防 毒 版 (https://www.pczone.com.tw/vbb3/forum/28/)
-   -   【警告】ISS RealSecure / BlackICE SMB 緩衝區漏洞 (https://www.pczone.com.tw/vbb3/thread/28/91705/)

TAIWAN 2004-03-02 09:10 PM

【警告】ISS RealSecure / BlackICE SMB 緩衝區漏洞
 
ISS RealSecure 及 BlackICE SMB 緩衝區漏洞

An IDS/IPS system, by its very nature, requires that every packet entering a system be parsed and dealt with accordingly. When BlackICE and RealSecure encounter an SMB packet, the packet is analyzed, processed and re-assembled. It is during this assembly phase that our custom data is passed to an insufficiently sized heap-based buffer. All processing is conducted before any authentication.

To successfully replicate this vulnerability only one SMB packet is required. The client must issue an "SMB Session Setup AndX request". This SMB is used to "set up" a session previously established with the negotiate protocol. A primary function of this request is to perform a user login to a remote host. As neither RealSecure nor BlackICE require the state to be kept, no previous negotiation is required. To cause a reliable heap overwrite, the AccountName parameter should contain a string with a length of 300 bytes or greater.


請速至 ISS 原廠網站 [url]http://www.iss.net[/url] 更新


所有時間均為 +8。現在的時間是 04:40 PM



 XML   RSS 2.0   RSS 
本站使用 vBulletin 合法版權程式
站務信箱 : [email protected]

本論壇所有文章僅代表留言者個人意見,並不代表本站之立場,討論區以「即時留言」方式運作,故無法完全監察所有即時留言,若您發現文章可能有異議,請 email :[email protected] 處理。