IDS mailing list archives

Previous By Date Next
Previous By Thread Next

Javascript long string detection

From: "Ravi Chunduru" <ravi.is.chunduru () gmail com>
Date: Sat, 7 Jun 2008 13:55:14 -0700
Hi,

I have come across this vulnerability

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0729

and corresponding Exploit at

http://www.milw0rm.org/exploits/5268

There are so many ways to create a long string in Javascript.  How do
Network based IDS/IPS can detect these kinds of attacks?  Is it
possible to create signatures to detect these attacks?   Many existing
IDS/IPS devices don't have capabilities to interpret and evaluate
javascripts. So, I would think that it is nearly impossible.  Any
insight?

Thanks
Ravi

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw 
to learn more.
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: