Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Correction to latest Colsaire advisories

from [David Litchfield] Network Security [Permanent Link]
Subject: RE: Correction to latest Colsaire advisories
Date: Wed, 15 Sep 2004 16:42:39 +0100 
The Corsaire research project produced test cases for around 200 working
attack vectors, that when passed through the top 10 content products
produced over 800 individual vulnerabilities (needless to point out that
there are a lot more than 10 products in this arena).


Not wanting to quibble, but looking for clarification:

The associated UNIRAS advisory
(http://www.uniras.gov.uk/vuls/2004/380375/mime.htm) lists the responses
from various vendors with regards to these issues. I presume that these are
nine of the "top 10 content providers". Vendors include:

Apple, F-Secure, Fujitsu, HP, IBM, MessageLabs, Mozilla and ripMIME.

Only ripMIME and F-Secure (Server products affected, workstation products
fine) claim to have been found wanting. The remainder clearly state that
their products, when put through the test suite, were _not_ found to be
vulnerable.

How does this translate to the figures you're talking about? I ask this to
better understand the risk. Is this something everything else should be
dropped for and this prioritized? From the UNIRAS advisory I'd assume not,
unless of course you use F-secure servers or ripMIME, and, at the moment, it
all seems a bit like a storm in a teacup.

I also note that Microsoft was not listed as a vendor that responded. Were
their products tested and if so what were the results?

Cheers,
David Litchfield
NGSSoftware Ltd
http://www.nextgenss.com/
http://www.databasesecurity.com/
+44(0)1334 470 027
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Full-Disclosure] [exploitwatch.org] ALERT: Windows XP JPEG Buffer Overflow POC Exploit, Gadi Evron
Next by Date:  wp-04-0001: Multiple Browser Cookie Injection Vulnerabilities, Paul Johnston
Previous by Thread:  RE: Correction to latest Colsaire advisories, advisories
Next by Thread:  RE: Correction to latest Colsaire advisories, advisories
Indexes:  [Date] [Thread] [Top] [All Lists]