IDS mailing list archives
Re: 7-ZIP ARJ Archive Processing stack overflow - Is there any role for Network IPS?
From: Michael Scheidell <scheidell () secnap net>
Date: Thu, 15 Mar 2007 15:50:05 -0400
Surya Batchu wrote:
also, isn't this old? very old? current 7zip version is 4.44, well past the 4.27Beta of this one 2 years ago.Hi, Please see this advisory: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-3051 This attack can be launched remotely by sending specially crafted data in archived file. Which security solutions are expected to catch these kinds of attacks? It seems that NIPS/NIDS solution typically check for buffer overflow attacks at protocol level, but not at the file/archive level. If so, is it fair to assume that only security solutions running, on the client machine, catch these kjinds of attacks. Any insight is appreciated. T
----------------------------------------------------------------- This email has been scanned and certified safe by SpammerTrap(tm) For Information please see http://www.spammertrap.com -----------------------------------------------------------------
------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly?Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more.
------------------------------------------------------------------------
Current thread:
- 7-ZIP ARJ Archive Processing stack overflow - Is there any role for Network IPS? Surya Batchu (Mar 15)
- Re: 7-ZIP ARJ Archive Processing stack overflow - Is there any role for Network IPS? Michael Scheidell (Mar 15)
- Re: 7-ZIP ARJ Archive Processing stack overflow - Is there any role for Network IPS? Michael Scheidell (Mar 15)
- RE: 7-ZIP ARJ Archive Processing stack overflow - Is there any role for Network IPS? Oleg Kolesnikov x 133 (Mar 15)
- <Possible follow-ups>
- Re: 7-ZIP ARJ Archive Processing stack overflow - Is there any role for Network IPS? Surya Batchu (Mar 19)