Warning: fopen(/home/rachdian/public_html/2008/old/cache/rss20.xml) [function.fopen]: failed to open stream: No such file or directory in /home/rachdian/public_html/2008/old/includes/feedcreator.class.php on line 685

Error creating feed file, please check write permissions.
Saturday, September 04 2010
Home
Photos Gallery
Guest Book
Links
Hot Info
Index
Latest Info
Jobs Info
IT/IS - Security
Education
Photo Stories (Photoblog)
Travelling Stories
About Me & Site
For Geek Family Only
About Me...
Diary
Contact Me
The Page Rank
Home arrow Index arrow IT/IS Security & Vulnerability arrow Vulnerabilities affecting IBM Lotus Domino servers and hosts using Novell GroupWise WebAccess
Vulnerabilities affecting IBM Lotus Domino servers and hosts using Novell GroupWise WebAccess Print
User Rating: / 0
PoorBest 
Written by snort.org   
Monday, 30 April 2007
VRT Certified Rules Update 2007-04-27

The Sourcefire VRT is aware of vulnerabilities affecting IBM Lotus Domino servers and hosts using Novell GroupWise WebAccess.

Details:
IBM Lotus Domino Denial of Service (CVE-2007-1675):
IBM Lotus Domino servers are prone to a Denial of Service (DoS) attack via a buffer overflow condition in the CRAM-MD5 authentication module.


A rule to detect attacks targeting this vulnerability is included in this release and is identified as SID 11004.

Novell GroupWise WebAccess buffer overflow (CVE-2007-2171):
The Novell GroupWise WebAccess application is vulnerable to a buffer overflow condition that may allow a remote attacker to execute code on a vulnerable system.

A rule to detect attacks targeting this vulnerability is included in this release and is identified as SID 10998.

This release also includes the following fix.

* Fixed an issue with the Preprocessors page, which is used to configure the stream4 preprocessor and other basic decoders and preprocessors.

If you directly upgraded the SEU on a Defense Center or Intrusion Sensor from SEU 64 or earlier to SEU 70 through 73, then the stream4 options on the Preprocessors page were moved to a separate Stream Configuration page. SEU 74 removes the Stream Configuration page and returns the stream4 preprocessor options back to the Preprocessors page.

Users who applied SEU 65 through 69 onto their Defense Centers and Intrusion Sensors prior to applying SEU 70 through 73 do not have this issue.

Note that if your Defense Center or Intrusion Sensor is at version 4.5.0.x, SEU 74 adds a Disable Decode Drops option to the Preprocessor page. Online help is available for this option beginning in version 4.5.1.

IMPORTANT! If you upgrade your Defense Centers or Intrusion Sensors to version 4.5.1 or 4.6.0 after installing SEU 74, an older, cached version of the FTP-Telnet page is displayed. To update the page to the correct version, you must log into each appliance's command line and run the following command:

        /bin/rm -rf /tmp/ttc

Advisory:
A detailed advisory as well as a complete list of modified and deleted rules is available at http://www.snort.org/vrt/advisories/vrt-rules-2007-04-26.html.

Comments

Write Comment
Name:Guest
Title:
BBCode:Web AddressEmail AddressBold TextItalic TextUnderlined TextQuoteCodeOpen ListList ItemClose List
Comment:



This image contains a scrambled text, it is using a combination of colors, font size, background, angle in order to disallow computer to automate reading. You will have to reproduce it to post on my homepage Enter what you see: *
tips: hit Reload page before writing a text if you have difficulty reading characters in image

[ Back ]


© Copyright 2005, Adhi Rachdian.
URL: http://adhi.rachdian.com, http://rachdian.com, http://adhi.pacific.net.id, http://rachdian.pacific.net.id or http://blog.rachdian.com