== RACHDIAN CENTER - Blog of Adhi Rachdian - Belajar untuk Berbagi dan Berbagi untuk Belajar...

Vulnerabilities affecting Samba, Skype

Ditulis Oleh snort.org

Sabtu, 12 Januari 2008

VRT Certified Rules Update 2008-01-10

The Sourcefire VRT is aware of vulnerabilities affecting Samba, Skype and Apple QuickTime.

Details:
Samba Buffer Overflow (CVE-2007-6015):
A stack based buffer overflow condition is present in nmbd in certain versions of Samba. A remote attacker may be able to execute code on an ffected system via a GETDC mailslot request.

A rule to detect attacks targeting this vulnerability is included in this release and is identified as SID 13291.

Skype Technologies Heap Corruption (CVE-2007-5989):
A programming error in the Skype URI handler may allow a remote attacker to cause memory corruption, which may lead to code execution.

A rule to detect attacks targeting this vulnerability is included in this release and is identified as SID 13292.

Apple QuickTime Buffer Overflow (CVE-2007-4675):
Apple QuickTime does not perform adequate checks on user supplied data in QuickTime Virtual Reality movie files. A remote attacker may use his flaw to cause a buffer overflow and execute code on an affected system.

A rule to detect attacks targeting this vulnerability is included in his release and is identified as SID 13293.

This SEU also contains an updated UI component package.

Advisory:
A detailed advisory as well as a complete list of modified and deleted rules is available at:
http://www.snort.org/vrt/advisories/vrt-rules-2008-01-10.html

Jadikan sebagai favorit anda (210) |

Cuplik artikel ini | Views: 2613

Yang Pertama Memberi Komentar

Beri Komentar

Silakan untuk mengisi komentar yang tidak keluar dari topik artikel. Semua komentar yang tidak berhubungan akan segera dihapus. Termasuk semua link yang digunakan untuk kepentingan spam marketing dsb.
Nama:
E-mail
Homepage
Judul:
BBCode:
Komentar:
Kode:*
	I wish being prevented by email of the comments which will follow