Vulnerability Development mailing list archives
Re: Remote exploitation of network scanners?
From: Oliver Friedrichs <ofriedrichs () SECURITYFOCUS COM>
Date: Fri, 25 Aug 2000 16:14:31 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
I wonder if the many popular scanners out there are written securely - so that they themselves cannot be exploited.
Yes, this is definately a very real threat. During the development and lifecycle of CyberCop Scanner/Ballista, we routinely did audits of all scanner module code looking for overflows, signed/unsigned problems, and protocol decode problems. The same kind of problems that exist in any client side application can exist in a scanner, since thats essentially what a scanner is. I can say that we made a best-efforts attempt to prevent these types of problems while we were at SNI/NAI, but it really depends on the developers. Being in the scanner industry, you routinely heard of potential problems in either your own scanner, or a competitor's, but I don't recall any that ever solidified. Besides scanners, the same goes for IDS systems, and network sniffers. With the amount of code in these applications, you can bet these problems are there, the only thing saving them is their closed-source nature - but IDA sort of solves that. - - Oliver -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.3 for non-commercial use <http://www.pgp.com> iQA/AwUBOab8bMm4FXxxREdXEQIP7gCgn/eqyt7PSNbFEncS1vHK7rJCyrAAniny X2lpiCiUrL/OPJZClZmxsjQx =eBTy -----END PGP SIGNATURE-----
Current thread:
- Re: Remote exploitation of network scanners? Oliver Friedrichs (Aug 26)
- <Possible follow-ups>
- Re: Remote exploitation of network scanners? Fyodor (Aug 26)