1. Apache Mod_SSL SSL_Util_UUEncode_Binary Staack Buffer Overflow Vuln
Vulnerability description :
This alert was generated using only banner information. It may be a false positive.
A stack-based buffer overflow has been reported in the Apache mod_ssl module. This issue would most likely result in a denial of service if triggered, but could theoretically allow for execution of arbitrary code. The issue is not believed to be exploitable to execute arbitrary code on x86 architectures, though this may not be the case with other architectures.
Affected mod_ssl versions (up to 2.8.17).
This vulnerability affects mod_ssl.
The impact of this vulnerability :
Denial of service and/or possible arbitrary code execution
Attack details :
Current version is mod_ssl/2.2.10 OpenSSL/0.9.8b mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Unknown
Web references :
http://www.securityfocus.com/bid/10355/
http://www.modssl.org/
2. Proxy accepts CONNECT requests
Vulnerability description :
The remote proxy server can be used to send CONNECT requests.
The proxy allows everyone to perform CONNECT HTTP requests to arbitrary ports.
This may allow attackers to bypass your firewall and connect to sensitive ports like 23 (telnet), 25 (sendmail) using the proxy. A spammer may be using your proxy to send bulk email.
Web references :
http://www.suretecsystems.com/our_docs/proxy-guide-en/index.html
http://en.wikipedia.org/wiki/Web_proxy
http://en.wikipedia.org/wiki/Open_proxy
3. Proxy can be used to connect to arbitrary
Vulnerability description :
The remote proxy server can be used to connect to arbitrary ports.
The proxy allows everyone to perform HTTP requests to arbitrary ports.
This may allow attackers to bypass your firewall and connect to sensitive ports like 23 (telnet), 25 (sendmail) using the proxy.
This vulnerability affects Server.
Attack details :
The proxy server is running on TCP port 8080
Web references :
http://www.suretecsystems.com/our_docs/proxy-guide-en/index.html
http://en.wikipedia.org/wiki/Web_proxy
http://en.wikipedia.org/wiki/Open_proxy
nb:
sorry bahasa inggrisnya belepotan.. wkwkwkwkwkwkwkwkwk.. met mentraslate ria...
ABOUT ME
- ...:::CRAZY PINGU:::...
- gw punya 4 istri. pertama : komputerku kedua : dunia maya(internet) ketiga : drum keempat,,,,wanita yang membawa tulang rusukku yang hilang. siapakah dia??? yang bisa jawab, dapat permeeennn.... pribadi gw?? gw orang yang biasa biasa aja... paling seneng masalah komputer,, apapun yang berbau komputer lah... kalo dah berhadapan ma komputer,, ga ada yang bisa misahin degh...hihihihihi add ym gw neehhhh.... dhymaz_spyro[at]yahoo[dot]co[dot]uk add fs gw : dhymaz_spyro@yahoo.co.uk
Labels
Blog Archive
-
►
2008 (27)
-
►
11/16 - 11/23 (15)
- hati hati dengan pecandu linux
- istalasi JOOMLA di LINUX
- instalasi XAMPP for Linux
- sharing internet di Linux
- peer to peer via wireless
- mengembalikan password yang terlupa
- manajemen waktu itu susah ya!!!
- use HTTP tunneling with desproxy (for access limit...
- Pembajak Mulai Getol Produksi Blu-ray
- merestore GRUB dilinux
- install vmware di linux ubuntu 8.10 intrepid
- cek spesifikasi hardware dilinux
- keyboard shortcut in konsol
- memecah file diLINUX
- trik WGET on linux
-
►
11/16 - 11/23 (15)
Plurk
Blog Sahabat
klik here
2 komentar:
10 April 2009 07:09
Assalmu Alaikum
13 April 2009 05:31
heh..........
jangan ganggu tetangga dunk.......
klo mau ganggu...
dikampung laen aja
hahaha
Poskan Komentar