📄 2598.txt
字号:
Rule:--Sid:2598--Summary:This event is generated when an attempt is made to exploit a bufferoverrun condition in the Samba Web Administration Tool (SWAT).--Impact:Remote execution of arbitrary code.--Detailed Information:A vulnerability exists in SWAT that may present an attacker with theopportunity to execute code of their choosing on an affected host.The problem lies in an the functions that handle base64 decodingduring HTTP basic authentication. Exploitation of this vulnerabilitymay present the attacker with the opportunity to gain control of theaffected system.--Affected Systems: Versions of Samba greater than or equal to 3.0.2 and less than 3.0.5--Attack Scenarios:An attcker needs to make a specially crafted request to the SWATservice that could contain harmful code to gain further access to thesystem.--Ease of Attack:Simple--False Positives:None known.--False Negatives:None known.--Corrective Action:Apply the appropriate vendor supplied patches--Contributors:Sourcefire Research TeamMatt Watchinski <mwatchinski@sourcefire.com>Nigel Houghton <nigel.houghton@sourcefire.com>--Additional References:CVE:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0600Bugtraq:http://www.securityfocus.com/bid/10780--⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -