|
ru.nethack
- RU.NETHACK -------------------------------------------------------------------
From : Nikita Melikhov 2:5030/1081.63 27 Jun 2003 11:30:41
To : All
Subject : ?
--------------------------------------------------------------------------------
ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ Windows Clipboard ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ
-ÿïîðòÿ80/tcpÿ-ÿhttp
ÿÿñåðâåðÿHTTPÿÿ:ÿApache/1.3.20ÿ(Win32)ÿÿ
ÿÿÿÿñîñòîÿíèåÿÿ:ÿ200ÿ(OK)
ÿÿÿÿòåêóùèåÿÿäàòàÿèÿâðåìÿÿÿ:ÿÿ(Fri,ÿ27ÿJunÿ2003ÿ07:16:03ÿGMT)
ÿÿÿÿôîðìàòÿñîäåðæèìîãîÿÿÿÿÿ:ÿÿ(text/html)
ÿÿÿÿñîåäèíåíèåÿÿÿÿÿÿÿÿÿÿÿÿÿ:ÿÿ(close)
ÿÿÿÿîïðåäåëåíèåÿñëåäóþùåéÿèíôîðìàöèèÿíàõîäèòñÿÿïîêàÿâÿòåñòîâîìÿðåæèìå
ÿÿÿÿðåàëüíîåÿèìÿÿhttp-ñåðâåðàÿñîâïàäàåòÿñÿóêàçàííûìÿâÿåãîÿîòâåòå
ÿÿÿÿñåðâåðÿHTTPÿ:ÿApacheÿHTTPÿServerÿ(1.3.X)ÿÿ
ÿÿÿÿêîðíåâàÿÿäèðåêòîðèÿÿäîñòóïíàÿäëÿÿïðîñìîòðàÿÿ
ÿÿÿÿíàéäåíàÿóÿçâèìîñòü
ÿÿÿÿÿâåðîÿòíîÿñóùåñòâóåòÿïðîñìîòðÿâåðõíåéÿäèðåêòîðèèÿÿ
ÿÿÿÿÿhttp://127.0.0.1:80/.../
ÿÿÿÿíàéäåíàÿóÿçâèìîñòü
ÿÿÿÿêîìàíäíàÿÿñòðîêàÿè/èëèÿDoS-àòàêàÿÿ
> ^^^^ ×òî ýòî òàêîå??? Êàê ýòèì âîñïîëüçîâàòüñÿ???
ÿÿÿÿîïèñàíèåÿóÿçâèìîñòè:
ÿÿÿÿÿÿThisÿversionÿApacheÿisÿvulnerableÿtoÿaÿbugÿwhichÿmayÿallow
ÿÿÿÿÿÿanÿattackerÿtoÿgainÿaÿshellÿonÿthisÿsystemÿorÿtoÿdisableÿthis
ÿÿÿÿÿÿserviceÿremotelyÿ(Apacheÿchunkedÿencoding).
ÿÿÿÿÿÿ
ÿÿÿÿÿÿSolutionÿ:ÿUpgradeÿtoÿversionÿ1.3.26ÿorÿ2.0.39ÿorÿnewer.
ÿÿÿÿÿÿ
ÿÿÿÿÿÿPatch:
ÿÿÿÿÿÿhttp://www.apache.org/dist/httpd/
ÿÿÿÿÿÿ
ÿÿÿÿÿÿURLs:
ÿÿÿÿÿÿhttp://httpd.apache.org/info/security_bulletin_20020617.txt
ÿÿÿÿÿÿhttp://www.cert.org/advisories/CA-2002-17.html
-ÿäîïîëíèòåëüíàÿÿèíôîðìàöèÿ
ÿÿÿÿíàéäåíàÿóÿçâèìîñòü
ÿÿÿÿDoS-àòàêàÿâÿNetworkÿShareÿProviderÿÿ
> ^^^^ ×òî ýòî òàêîå??? Êàê ýòèì âîñïîëüçîâàòüñÿ???
ÿÿÿÿíåîáõîäèìîÿîáíîâëåíèåÿ-ÿhttp://www.microsoft.com/technet/security/bulletin/
ms02-045.asp
-ÿäîïîëíèòåëüíàÿÿèíôîðìàöèÿ
ÿÿÿÿíàéäåíàÿóÿçâèìîñòü
ÿÿÿÿâûïîëíåíèåÿêîìàíäÿ÷åðåçÿïåðåïîëíåíèåÿâÿTSACÿActiveXÿControlÿÿ
> ^^^^ ×òî ýòî òàêîå??? Êàê ýòèì âîñïîëüçîâàòüñÿ???
ÿÿÿÿíåîáõîäèìîÿîáíîâëåíèåÿ-ÿhttp://www.microsoft.com/technet/security/bulletin/
ms02-046.asp
-ÿïîðòÿ1900/udp
ÿÿñåðâèñÿUPnPÿÿÿÿ-ÿUniversalÿPlug-and-Play
ÿÿÿÿàãåíòÿ:ÿMozilla/4.0ÿ(compatible;ÿUPnP/1.0;ÿWindowsÿNT/5.1)ÿÿ
ÿÿÿÿíàéäåíàÿóÿçâèìîñòü
ÿÿÿÿÿêîìàíäíàÿÿñòðîêàÿñÿïðàâàìèÿSYSTEMÿÿ
> ^^^^ ×òî ýòî òàêîå??? Êàê ýòèì âîñïîëüçîâàòüñÿ???
ÿÿÿÿÿîïèñàíèåÿóÿçâèìîñòè:
ÿÿÿÿÿÿUPNPÿRemoteÿWindowsÿXP/ME/98ÿVulnerability.
ÿÿÿÿÿÿAnÿattackerÿcouldÿsendÿaÿNOTIFYÿdirectiveÿtoÿaÿUPnP-capableÿcomputer,ÿ
ÿÿÿÿÿÿspecifyingÿthatÿtheÿdeviceÿdescriptionÿshouldÿbeÿdownloadedÿfrom
ÿÿÿÿÿÿaÿparticularÿportÿonÿaÿparticularÿserver.ÿIfÿtheÿserverÿwasÿconfiguredÿ
ÿÿÿÿÿÿtoÿsimplyÿechoÿtheÿdownloadÿrequestsÿbackÿtoÿtheÿUPnPÿserviceÿ(e.g.,ÿ
ÿÿÿÿÿÿbyÿhavingÿtheÿechoÿserviceÿrunningÿonÿtheÿportÿthatÿtheÿcomputerÿwasÿ
ÿÿÿÿÿÿdirectedÿto),ÿtheÿcomputerÿcouldÿbeÿmadeÿtoÿenterÿanÿendlessÿdownloadÿ
ÿÿÿÿÿÿcycleÿthatÿcouldÿconsumeÿsomeÿorÿallÿofÿtheÿsystem'sÿavailability.ÿ
ÿÿÿÿÿÿAnÿattackerÿcouldÿcraftÿandÿsendÿthisÿdirectiveÿtoÿaÿvictim'sÿmachineÿ
ÿÿÿÿÿÿdirectly,ÿbyÿusingÿtheÿmachine'sÿIPÿaddress.ÿOr,ÿheÿcouldÿsendÿthisÿ
ÿÿÿÿÿÿsameÿdirectiveÿtoÿaÿbroadcastÿandÿmulticastÿdomainÿandÿattackÿallÿ
ÿÿÿÿÿÿaffectedÿmachinesÿwithinÿearshot,ÿconsumingÿsomeÿorÿallÿofÿthoseÿ
ÿÿÿÿÿÿsystems'ÿavailability.ÿ
ÿÿÿÿÿÿ
ÿÿÿÿÿÿAnÿattackerÿcouldÿspecifyÿaÿthird-partyÿserverÿasÿtheÿhostÿforÿtheÿdevice
descriptionÿinÿtheÿNOTIFYÿdirective.ÿIfÿenoughÿmachinesÿrespondedÿtoÿ
ÿÿÿÿÿÿtheÿdirective,ÿitÿcouldÿhaveÿtheÿeffectÿofÿfloodingÿtheÿthird-partyÿ
ÿÿÿÿÿÿserverÿwithÿbogusÿrequests,ÿinÿaÿdistributedÿdenialÿofÿserviceÿattack.ÿ
ÿÿÿÿÿÿAsÿwithÿtheÿfirstÿscenario,ÿanÿattackerÿcouldÿeitherÿsendÿtheÿdirectivesÿ
toÿtheÿvictimÿdirectly,ÿorÿtoÿaÿbroadcastÿorÿmulticastÿdomain.
ÿÿÿÿÿÿ
ÿÿÿÿÿÿSolution:ÿPatch.
ÿÿÿÿÿÿ
ÿÿÿÿÿÿPatch:ÿ
ÿÿÿÿÿÿhttp://www.microsoft.com/Downloads/Release.asp?ReleaseID=34991ÿ
ÿÿÿÿÿÿhttp://download.microsoft.com/download/winme/Update/22940/WinMe/EN-US/314
757USAM.EXE
ÿÿÿÿÿÿhttp://www.microsoft.com/Downloads/Release.asp?ReleaseID=34951
ÿÿÿÿÿÿ
ÿÿÿÿÿÿUrl:
ÿÿÿÿÿÿhttp://www.microsoft.com/technet/security/bulletin/MS01-059.asp
ÿÿÿÿÿÿhttp://www.eeye.com/html/Research/Advisories/AD20011220.html
ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ Windows Clipboard ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ
[û] Ïîêà, All, ñ÷àñòëèâîãî òåáå êîííåêòà ! ...
--- 2:5030/1081.63 Phone 3218456 Time 01:00-08:00
* Origin: Â KOI-òî âåêè... (2:5030/1081.63)
Âåðíóòüñÿ ê ñïèñêó òåì, ñîðòèðîâàííûõ ïî: âîçðàñòàíèå äàòû óìåíüøåíèå äàòû òåìà àâòîð
| Òåìà: |
Àâòîð: |
Äàòà: |
|
? |
Nikita Melikhov |
27 Jun 2003 11:30:41 |
 ? |
Ugin Nekoz |
08 Jul 2003 16:39:00 |
|
|
