lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Fri Mar 25 20:40:07 2005
From: stevenrakick at yahoo.com (Steven Rakick)
Subject: Mozilla Foundation GIF Overflow

Hi all,

I was just glancing at the Internet Security Systems
website and I noticed the following statement "ISS
provides Ahead of the Threat protection for Mozilla
and Firefox Browsers".

Clicking the related link they mention that ISS
Network Sensor 7.0, Proventia A and G100, G400, G200,
G1200, G2000 and M series all provide "preemptive
protection for these vulnerabilities". 

I remember a couple months ago, Darren Bounds from
Intrusense released an advisory regarding weak support
for inspecting base64 encoded images in AV, IDS and
IPS technologies (ISS being one of the them). 
(Advisory:
http://www.intrusense.com/av-bypass/image-bypass-advisory.txt)

My question is this. Did ISS ever add support for
detecting this RFC 2397 images or are they going to
pass through undetected? Mozilla and Firefox both
support this spec so it seems like a very trivial
attack vector to exploit... once again. 

Also, what other vendors have now added support for
RFC 2397 inspection? 

Any insight would be greatly appreciated.

Steve



		
__________________________________ 
Do you Yahoo!? 
Yahoo! Small Business - Try our new resources site!
http://smallbusiness.yahoo.com/resources/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ