-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dnia 07/07/2004 12:13 AM, Mateusz Kurleto napisał(a):
| Odrobina paranoi nigdy nikomu nie zaszkodzi, a przykoazji zobaczy jak tam | wyglada bezpieczenstwo na reszcie portow... Warningi: ~ The remote host appears to be running a version of ~ Apache which is older than 1.3.27 ~ There are several flaws in this version, you should ~ upgrade to 1.3.27 or newer. ~ *** Note that Nessus solely relied on the version number ~ *** of the remote server to issue this warning. This might ~ *** be a false positive ~ The remote host is running a version of PHP earlier than 4.2.2. ~ The mail() function does not properly sanitize user input. ~ This allows users to forge email to make it look like it is ~ coming from a different source other than the server. ~ Users can exploit this even if SAFE_MODE is enabled. ~ Solution : Contact your vendor for the latest PHP release. ~ The remote qpopper server, according to its banner, is ~ vulnerable to a one-byte overflow it its function ~ Qvsnprintf(). ~ An attacker may use this flaw to gain a (non-root) ~ shell on this host, provided that he has a valid ~ POP account to log in with. ~ *** This test could not confirm the existence of the ~ *** problem - it relied on the banner being returned. ~ Solution : Upgrade to version 4.0.5 or newer ... wynikające raczej z informacji o wersjach ale apt-get update/dist-upgrade robione natychmiast po otrzymaniu listu debian-security. Poza tym jedynie informacje o bannerach ssh, apacza i qmaila. Nadal jestem głupi z tym 1720 ... Tepsiany modem DSL ? VNC na winstacjach w LAN'ie ? Czy jeśli jakaś winda złapała trojana to wystawiłaby port na bramce ? - -- Pozdrawiam Krzysztof Jastrzębski <>< Jotka Usługi Informatyczne http://free.polbox.pl/j/jotkajot/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFA6zmpmvT0Ae5DtH4RAtkgAJ9J5xefU/y8nRjF4EBhMmJQmEqxQQCdFig1 gCzKWNf2N/nqwCiXZU+OuU8= =Y+2W -----END PGP SIGNATURE-----
