XP Personal Firewall
From: Jeremy Junginger (jjunginger@interactcommerce.com)Date: 08/15/02
- Previous message: Matt Woodyard: "Re: Re: Buffer Overflow Help"
- Next in thread: Jonathan Bloomquist: "Re: XP Personal Firewall"
- Reply: Jonathan Bloomquist: "Re: XP Personal Firewall"
- Reply: Mike Arnold: "Re: XP Personal Firewall"
- Reply: Mike Arnold: "Re: XP Personal Firewall"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 15 Aug 2002 09:50:01 -0700 From: "Jeremy Junginger" <jjunginger@interactcommerce.com> To: <pen-test@securityfocus.com>
I've come across a few XP hosts that are trying to be sneaky with the
"Internet Firewall" feature enabled. I've seen responses from NMAP SYN
and ACK scanning while seeing next to nothing on Nessus. Also, I am
unable to uncover any additional information about the hosts and
available services. Do you have any tips on beating the XP "firewall?"
Perhaps there is a post in the archives.
-Jeremy
-----Original Message-----
From: Kevin Spett [mailto:kspett@spidynamics.com]
Sent: Wednesday, August 14, 2002 10:59 AM
To: r00t@online.ie; pen-test@securityfocus.com
Subject: Re: Apache Chunked Encoding Vulnerability on AIX (RS6000)
What happens when you run a chunked encoding exploit against it? If you
don't get a response and your connection is suddenly terminated, it's
vulnerable. I would not consider the server "safe" just because no one
has posted exploit code for it to bugtraq either.
Kevin Spett
SPI Labs
http://www.spidynamics.com/
----- Original Me0ssage -----
From: <r00t@online.ie>
To: <pen-test@securityfocus.com>
Sent: Tuesday, August 13, 2002 8:10 AM
Subject: Apache Chunked Encoding Vulnerability on AIX (RS6000)
>
> Hi All,
>
> I am currently pen-testing an AIX platform, which utilises Apache and
> IBM
HTTP
> server in order to communicate with a back-end AS400 enviornment.
>
> I have scanned the remote host with the eeye tool Retina - Apache
> Chunked scanner V 1,0,3, which reports the host vulnerable.
>
> It would appear the tool attempts to exploit the vulnerability by
attempting to
> send a small request that makes a vulnerable server to become
unresponsive.
>
> Would I be right to say that this vulnerability is not exploitable on
> an
RS6000
> platform, given the current exploits in the wild, and the eeye tool is
again
> producing false positives ????????
>
> Any help is very much appreciated.
>
> Thanks in advance.
>
>
> ./Mark
>
>
> PS: SF Bid number = BID 5033
>
>
> ----------------------------------------------------------------------
> ----
-- > This list is provided by the SecurityFocus Security Intelligence Alert (SIA) > Service. For more information on SecurityFocus' SIA service which > automatically alerts you to the latest security vulnerabilities please see: > https://alerts.securityfocus.com/ > >------------------------------------------------------------------------ ---- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
- application/x-pkcs7-signature attachment: smime.p7s
- Previous message: Matt Woodyard: "Re: Re: Buffer Overflow Help"
- Next in thread: Jonathan Bloomquist: "Re: XP Personal Firewall"
- Reply: Jonathan Bloomquist: "Re: XP Personal Firewall"
- Reply: Mike Arnold: "Re: XP Personal Firewall"
- Reply: Mike Arnold: "Re: XP Personal Firewall"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
