Threat Level: green Handler on Duty: Tom Webb

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2004-11-02 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

IE IFRAME Exploit, Sun Java Web Proxy Buffer Overflow, SSH Scanning Continues, Yesterday's Diary

Published: 2004-11-02
Last Updated: 2004-11-03 00:02:54 UTC
by John Bambenek (Version: 1)
0 comment(s)
IE IFRAME Exploit Code Released

A vulnerability in IE can be exploited by having a user go to a web page that has malicious code on it. This uses the handling of certain IFRAME attributes. This exploit DOES NOT work on XP Service Pack 2. For more information see:

http://lists.netsys.com/pipermail/full-disclosure/2004-November/028286.html

http://secunia.com/advisories/12959/

http://www.k-otik.net/bugtraq/20041102.InternetExplorer.php
Sun Java Web Proxy Server Buffer Overflow DoS

Sun Java System Web Proxy Server 3.6 SP4 and prior are vulnerable to a boundary condition that can cause buffer overflows that can lead to DoS or potential system access. Upgrade to SP 5 or later. For more information see:

http://secunia.com/advisories/13036/
Continued SSH Scanning

Reports keep trickling in on SSH brute force scanning, and I see it at my own site. It now uses much more than the 3 or so usernames it started scanning with and I have to think there is some success if these attacks keep persisting. It just shows the importance of a strong password has not gone away with encrypted protocols. If you can, use keys for authentication via ssh, not passwords.

Yesterday's diary

It was not a real story, it was humor for a slow day. It appears the script kiddies are more interested in hacking voting machines than the Internet today. :)

--

John Bambenek / bambenek (at) gmail.com
Keywords:
0 comment(s)
Diary Archives