Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: WS_FTP buffer overflow, DomainKeys effective?, Phishing explained SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
WS_FTP buffer overflow, DomainKeys effective?, Phishing explained
WS_FTP server buffer overflow
There is a new buffer overflow vulnerability discovered WS_FTP version 5.03 and prior. The vulnerability is caused by boundary errors within the handling of the "SITE", "XMKD", "MKD", and "RNFR" commands. Successful exploitation can lead to command execution. Obviously the attacker will to first authenticate with the FTP server first before the exploitation can happen.
DomainKeys effective?

DomainKeys is thought to be the solution the spam by many experts. Security professionals know by now that nothing is ever perfect. It turns out that the spammers are using providers that support DomainKeys to broadcast their spam, this indirectly makes the spam look more legitimate. Is there ever a perfect solution for spam?

Phishing explained
Knowing that phishing attack is constantly on the rise, it is essential that security professional understand the mechanism of how the phishing attack works. Websense has published a paper detailing the anatomy of a specific phishing attack on MSN and Earthlink customers.

Jason Lam

jason /at/ networksec.orgI will be teaching next: Defending Web Applications Security Essentials - SANS San Francisco 2021


93 Posts
ISC Handler
Dec 1st 2004

Sign Up for Free or Log In to start participating in the conversation!