|
|
Vulnerability Assessment & Network Security Forums |
|||||||||
|
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Gain a shell remotely >> NAI Management Agent overflow Vulnerability Assessment Details
|
NAI Management Agent overflow |
||
|
Acertains if the remote NAI WebShield SMTP Management trusts us Detailed Explanation for this Vulnerability Assessment The remote NAI WebShield SMTP Management tool is vulnerable to a buffer overflow which permits a possible hacker to gain execute arbitrary code on this host when it is issued a too long argument as a configuration parameter. In addition to this, it permits a possible hacker to disable the service at will. * To re-enable the service : - execute regedit - edit the registry key 'Quarantine_Path' under HKLM\SOFTWARE\Network Associates\TVD\WebShield SMTP\MailScan - change its value from 'XXX...XXX' to the valid path to the quarantine folder. - restart the service Solution : filter incoming traffic to this port. You may also restrict the set of trusted hosts in the configuration console : - go to the 'server' section - select the 'trusted clients' tab - and set the data accordingly Network Security Threat Level: High Networks Security ID: 1254 Vulnerability Assessment Copyright: This script is Copyright (C) 2000 Renaud Deraison |
||
|
Other Networking Equipment |
|
||
|
No Discussions have been posted on this vulnerability. |