人不機車罔少年~機 | 【警告】ISS RealSecure / BlackICE SMB 緩衝區漏洞 ISS RealSecure 及 BlackICE SMB 緩衝區漏洞 An IDS/IPS system, by its very nature, requires that every packet entering a system be parsed and dealt with accordingly. When BlackICE and RealSecure encounter an SMB packet, the packet is analyzed, processed and re-assembled. It is during this assembly phase that our custom data is passed to an insufficiently sized heap-based buffer. All processing is conducted before any authentication. To successfully replicate this vulnerability only one SMB packet is required. The client must issue an "SMB Session Setup AndX request". This SMB is used to "set up" a session previously established with the negotiate protocol. A primary function of this request is to perform a user login to a remote host. As neither RealSecure nor BlackICE require the state to be kept, no previous negotiation is required. To cause a reliable heap overwrite, the AccountName parameter should contain a string with a length of 300 bytes or greater. 請速至 ISS 原廠網站 http://www.iss.net 更新 |
回覆 |
|
![]() | ||||
主題 | 主題作者 | 討論版 | 回覆 | 最後發表 |
BlackICE Rpoert... | bobhsieh | -- 防 駭 / 防 毒 版 | 0 | 2002-12-27 01:34 PM |
ZoneAlarm or BlackIce ??? | Keny | -- 防 駭 / 防 毒 版 | 0 | 2001-08-13 07:00 PM |
BlackICE 2.5co for server | charlin2 | -- 防 駭 / 防 毒 版 | 2 | 2001-08-08 09:57 PM |
新手請問 BlackIce 的問題 | antnn | -- 防 駭 / 防 毒 版 | 2 | 2001-03-23 04:20 AM |
BlackICE | hsun | -- 防 駭 / 防 毒 版 | 1 | 2001-02-01 07:03 PM |
XML | RSS 2.0 | RSS |
本論壇所有文章僅代表留言者個人意見,並不代表本站之立場,討論區以「即時留言」方式運作,故無法完全監察所有即時留言,若您發現文章可能有異議,請 email :[email protected] 處理。