📄 289.txt

📁 This is the snapshot of Snot Latest Rules

💻 TXT

字号:

Rule:--Sid:289--Summary:This event is generated when a remote attacker attempts to exploit a QUALCOMM Qpopper POP3 buffer overflow vulnerability in SCO OpenServer systems.--Impact:Remote execution of arbitrary code leading to remote root compromise.--Detailed Information:An exploit is available that takes advantage of a buffer overflow vulnerability in QUALCOMM Qpopper POP3 mail server version 2.53 or earlier. This exploit can be used to obtain root access to the compromised server.--Affected Systems:SCO servers that ship QUALCOMM Qpopper POP3 server version 2.53 or earlier: -SCO OpenServer Enterprise System Release 5.0.5, 5.0.6, 5.0.6a -SCO OpenServer Host System Release 5.0.5, 5.0.6, 5.0.6a -SCO OpenServer Desktop System Release 5.0.5, 5.0.6, 5.0.6a -SCO OpenServer Enterprise System Release 5.0.4 -SCO OpenServer Host System Release 5.0.4 -SCO OpenServer Desktop System Release 5.0.4--Attack Scenarios:An attacker executes exploit code against a vulnerable server and obtains root privileges on the compromised computer.--Ease of Attack:Simple. An exploit exists.--False Positives:None known.--False Negatives:None known.--Corrective Action:Upgrade QUALCOMM Qpopper. See ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.8/ for patched binaries for SCO OpenServer and an advisory with installation instructions.--Contributors:Original rule writer unknownSourcefire Vulnerability Research TeamSourcefire Technical Publications TeamJen Harvey <jennifer.harvey@sourcefire.com>--Additional References:CERThttp://www.cert.org/advisories/CA-1998-08.html--

💿 文件大小 17049 K

👤 上传用户 nassdaq

📂 所属分类其他行业

🏷️ 相关标签

#snapshot #Latest #Rules #This

⌨️ 快捷键说明

复制代码 Ctrl + C

搜索代码 Ctrl + F

全屏模式 F11

切换主题 Ctrl + Shift + D

显示快捷键 ?

增大字号 Ctrl + =

减小字号 Ctrl + -