IDS mailing list archives
Javascript long string detection
From: "Ravi Chunduru" <ravi.is.chunduru () gmail com>
Date: Sat, 7 Jun 2008 13:55:14 -0700
Hi, I have come across this vulnerability http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0729 and corresponding Exploit at http://www.milw0rm.org/exploits/5268 There are so many ways to create a long string in Javascript. How do Network based IDS/IPS can detect these kinds of attacks? Is it possible to create signatures to detect these attacks? Many existing IDS/IPS devices don't have capabilities to interpret and evaluate javascripts. So, I would think that it is nearly impossible. Any insight? Thanks Ravi ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
Current thread:
- Javascript long string detection Ravi Chunduru (Jun 09)
- RE: Javascript long string detection Srinivasa Addepalli (Jun 10)
- Re: Javascript long string detection Ravi Chunduru (Jun 10)
- Re: Javascript long string detection Ureleet (Jun 11)
- Re: Javascript long string detection Ravi Chunduru (Jun 30)
- Re: Javascript long string detection Ravi Chunduru (Jun 10)
- RE: Javascript long string detection Srinivasa Addepalli (Jun 10)