Information Security News mailing list archives
c4i-pro Network Vulnerability Exploitations (fwd)
From: William Knowles <wk () C4I ORG>
Date: Mon, 3 Jul 2000 16:21:08 -0500
From another list I am on, If anyone feels like helping this
gentleman, Please contact him directly. William Knowles wk () c4i org ---------- Forwarded message ---------- Date: Mon, 3 Jul 2000 16:49:09 -0400 From: "Benedict, Dale M Mr HQ INSCOM" <dmbene2 () vulcan belvoir army mil> To: "'c4i-pro () stl nps navy mil'" <c4i-pro () stl nps navy mil> Cc: "Benedict, Dale M GS-13 IOVAD" <dmbene2 () LIWA belvoir army mil> Subject: c4i-pro Network Vulnerability Exploitations "Benedict, Dale M Mr HQ INSCOM" <dmbene2 () vulcan belvoir army mil> Greetings, all. The list appears to have been quiet for a while, so how about some questions that we would like to interject into our INFOSEC training? Based on your experiences or knowledge, can any of you C4I professionals provide any feedback on questions regarding these relatively common network vulnerabilities, or point me to a site that would have these listed? Here is a set of questions for us to consider: 1. Can the particular network vulnerability be exploited by an outside adversary (or trusted insider)? 2. When, to your knowledge, has this particular network vulnerability been exploited? 3. Who, if known, has exploited this particular network vulnerability? 4. What level of adversary (i.e., hacker) can perform this exploitation, and what tools/training are required? Here is a set of possibly 'common' vulnerabilities: 1. "SMTP VRFY buffer overflow can crash or obtain access" 2. "SMTP HELO buffer overflow can crash or obtain access" 3. "SMTP EXPN command" 4. "SMTP host possibly vulnerable" 5. "SMTP server allows fake hostnames in HELO" 6. "SMTP verify (VRFY) command can be used to validate users" 7. "FTP PASV port denial of service attack" 8. "LDAP anonymous access to directory" 9. "LDAP null base returns information" 10. "Sendmail %style blind relaying can be used to obfuscate the origin of e-mails" 11. "Anonymous FTP enabled" 12. "HTTP proxy detected" 13. "HTTP proxy penetrated" 14. "ICMP timestamp requests" 15. "NNTP posting" 16. "NNTP reading" 17. "Traceroute can be used to map network topologies" If any of you have seen anything on these, please point the way, share your experiences, and/or drop me a line. Thanks. Dale M. Benedict IOVAD, LIWA Fort Belvoir, VA 22060 DSN 235-1606 Comm (703) 706-1606 ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- c4i-pro Network Vulnerability Exploitations (fwd) William Knowles (Jul 03)