Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: New Sasser Worm FTP exploit and Java DOS - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
New Sasser Worm FTP exploit and Java DOS
We received a submission of an exploit for Sasser's FTP server. It
appears to be a buffer overflow targeting port 5554 by default. If successful it will spawn a shell. The published exploit code lists the shell listening on port 5300. We are seeing code in the wild using port 53 for the shell.

Sun announced a DOS vulnerability in the JRE today on May 6 which may allow a remote unprivileged user to cause the Java Virtual Machine to become unresponsive

The announcement: http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57555

SDK and JRE releases are available at: http://java.sun.com/j2se/

SDK and JRE 1.4.2_03 or earlier 1.4.2 releases are affected.

Dan Goldberg Dan at MADJiC dot net
Dan

42 Posts

Sign Up for Free or Log In to start participating in the conversation!