Bugtraq mailing list archives

Re: RFP2K04: Mining BlackICE with RFPickAxe

From: matt () USE NET (Matt)
Date: Thu, 18 May 2000 12:19:01 -0700


On Thu, 18 May 2000, Robert Graham wrote:

1. There is no issue with BlackICE (Sentry/Defender/Agent) IDS. Only the
centralized console ICEcap.

2. This isn't a problem in "officially" supported installations of ICEcap,
only "eval" installations.

3. This is a problem in virtually any product that uses Access/Jet/.mdb
(including many built into WinNT Server).


I believe this could've been easily avoided by making MDAC 2.1 SP2
components a required part of the installation. I can think of at least
one vendor in rfp's list that did do that, which I believe eliminates the
vulnerability (as well as some y2k and stability/performance issues).

On a side note, I just noticed that MDAC 2.5 is out.

Current thread:

BUFFER OVERRUN VULNERABILITIES IN KERBEROS, (continued)
- - - BUFFER OVERRUN VULNERABILITIES IN KERBEROS Jeffrey I. Schiller (May 16)
    - Re: BUFFER OVERRUN VULNERABILITIES IN KERBEROS Kris Kennaway (May 18)
    - antisniff x86/linux remote root exploit, including "fixed" 1.02 version Sebastian (May 16)
    - announce : Nessus 1.0 released Renaud Deraison (May 17)
    - RFP2K04: Mining BlackICE with RFPickAxe rain forest puppy (May 17)
    - FreeBSD Security Advisory: FreeBSD-SA-00:08.lynx [REVISED] FreeBSD Security Officer (May 17)
    - klogin remote exploit duke (May 17)
    - Re: RFP2K04: Mining BlackICE with RFPickAxe Robert Graham (May 17)
    - antisniff latest ("two times fixed") version still exploitable, l0phtl0phe-kid.c Sebastian (May 18)
    - Re: antisniff latest ("two times fixed") version still exploitable, l0phtl0phe-kid.c Mudge (May 18)
    - Re: RFP2K04: Mining BlackICE with RFPickAxe Matt (May 18)
    - AUX Security Advisory on Be/OS 5.0 (DoS) visi0n (May 17)
    - Re: RFP2K04: Mining BlackICE with RFPickAxe Andrew Lambeth (May 19)
    - Remote Dos attack against Intel express 8100 router Dimuthu Parussalla (May 18)
    - RFP2K05: NetProwler vs. RFProwler rain forest puppy (May 19)
    - Key Generation Security Flaw in PGP 5.0 gec () ACM ORG (May 23)
    - Filesystem vulnerability in AIX salme () US IBM COM (May 23)
    - Re: RFP2K05: NetProwler vs. RFProwler Pedro Quintanilha (May 23)
    - Security Vulnerability in Qpopper 2.53 (Upgrade to 3.0.2) Qpopper Support (May 23)
    - Remote xploit for MDBMS |[TDP]| (May 24)
    - HP Web JetAdmin Version 6.0 Remote DoS attack Vulnerability Ussr Labs (May 24)

(Thread continues...)