Vuln in Iplanet / Netscape web server ?

Laurence Moughan Laurence.Moughan at aerlingus.com
Fri Mar 9 04:35:43 EST 2007


Hi All,


my Snort IDS is reporting an attempt using this below vuln, Last update i can
find re this is back in 2004, does anyone know if this is still an issue in
6.1 of netscape/iplanet ?

Thanks
Laurence


 1:2657 Message WEB-MISC SSLv2 Client_Hello with pad Challenge Length overflow
attempt Summary This event is generated when an attempt is made to exploit a
vulnerability
associated with Netscape Network Security Services (NSS) message parsing.
Impact A successful attack can cause a heap overflow and the subsequent
execution
of arbitrary code on a vulnerable server.
Detailed Information A vulnerability exists in the way NSS parses a client
connect SSLv2 message
that can cause a heap overflow and the subsequent execution of arbitrary code
on a vulnerable server.  This can occur when an overly long challenge length
and accompanying data are supplied in a Client Hello message.
Affected Systems Netscape Enterprise Webserver all versions
Netscape Personalization Engine all versions
Nescape Directory Server all versions
Netscape Certificate Management Server all versions
Sun One/iPlanet all versions
Attack Scenarios An attacker can send a Client Hello message with an overly
long challenge
length and data, causing a heap overflow on a vulnerable server.
Ease of Attack Difficult.
False Positives None known.
If you think this rule has a false positives, please help fill it out. False
Negatives None known.
If you think this rule has a false negatives, please help fill it out.
Corrective Action Upgrade to the latest non-affected version of the software.
Contributors Sourcefire Vulnerability Research Team
Judy Novak <judy.novak at sourcefire.com>
Brian Caswell <bmc at sourcefire.com>



..For low fares and great deals on hotels, car hire and travel insurance visit
http://www.aerlingus.com
*****************************************************************************
**
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed.  Any review, dissemination or other use of, or taking
of any action in reliance upon, this information by persons or entities
other than the intended recipient is prohibited.If you have received
this email in error please notify the sender immediately and delete
the material.
*****************************************************************************
**



More information about the sunmanagers mailing list