Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

NTPD autokey vulnerability

Published: 2009-05-25
Last Updated: 2009-05-25 23:17:17 UTC
by Jim Clausing (Version: 1)
0 comment(s)

US Cert published VU#853097 the other day detailing an exploitable buffer overflow in the implementation of the autokey feature.  The folks at ntp.org have released version 4.2.4p7 to correct it, download here.  The announcement can be seen here.

Keywords: autokey NTP
0 comment(s)

Wireshark-1.0.8 released

Published: 2009-05-25
Last Updated: 2009-05-25 22:54:44 UTC
by Jim Clausing (Version: 1)
0 comment(s)

Speaking of wireshark, a new version was released last week which fixes a vulnerability in the PCNFSD dissector.

 

References:

Announcement: http://www.wireshark.org/news/20090521.html

Advisory:  http://www.wireshark.org/security/wnpa-sec-2009-03.html

Release notes:  http://www.wireshark.org/docs/relnotes/wireshark-1.0.8.html

Download:  http://www.wireshark.org/download.html

Keywords: wireshark
0 comment(s)

More tools for (US) Memorial Day

Published: 2009-05-25
Last Updated: 2009-05-25 22:49:16 UTC
by Jim Clausing (Version: 2)
2 comment(s)

For those of you (in the US anyway) enjoying a day off and BBQ-ing, here is another cool new tool I came across earlier today over on Malware Forge, called nPeID.  Like my packerid.py, it uses Ero Carrera's pefile package.  I'll be checking it out later this afternoon.  Also, C. S. Lee has a nice little post on using the editcap program from the wireshark package.

Keywords: pefile python tools
2 comment(s)
Diary Archives