rsync program contain a exploitable vulnerability

advertisement
Dalia Solomon
Survey of Attacks
Computers are always vulnerable to attacks when they are on the network.
Attackers could exploit a system by attacking vulnerable application or install
programs that allow them to gain access to the computer. The following is a list
of attacks categories that have been recorded.
Buffer overflow attacks
These attacks are caused by the attacker finding exploit in applications which
allow them to overflow a buffer in the system. These overflows could be due to
applications not setting the size of file it could receive or not doing enough error
checking.

OpenSSL servers contain a buffer overflow during SSL2 handshake.
OpenSSL server prior to 0.9.6e is vulnerable when a client uses a
malformed key during the handshake process with an SSL server
connection using the SSLv2 communication process. **

rsync program contain a exploitable vulnerability. An integer overflow error
is discovered in the rsync’s memory handling routines. An attacker
sending an extremely large file may be able to exploit this error to execute
arbitrary code from the heap of the rsync process address space. This
error is primarily from the rsync program used in server mode. **

Yahoo Messenger contains vulnerability in YAuto.DLL. There is a problem
when handling some types of requests by ActiveX controls installed with
Yahoo Messenger. As a result an attacker could cause a buffer overrun
and execute arbitrary code on a vulnerable host.
Denial of service attacks
This attack is characterized by an attacker attempting to prevent users of the
system from using a certain service. Some form of these attacks are as follow:
1. Attackers could try to "flood" a network, thereby preventing legitimate
network traffic
2. Attackers attempts to disrupt connections between two machines, thereby
preventing access to a service
3. An attacker could attempts to prevent a particular individual from
accessing a service
Dalia Solomon
4. They could attempt to disrupt service to a specific system or person

There is vulnerability in Microsoft’s Windows Workstation Service
(WKSSVC.DLL). Attacker could cause a denial of service or to execute
arbitrary code using this exploit. The logging function implemented in
Workstation Service contains a flaw. RPC service permit the passing of
long strings to vsprintf() routine to create log entries. There is no bound
check for vsprintf() routine thus it is possible to create a bugger overflow
situation.
Kernel exploits
These attacks target vulnerability in some version of the Linux kernel. In these
attacks the attacker could exploit system functions that don’t do enough checking.
The kernel is responsible for controlling and mediating access to the hardware.
The kernel implements and supports fundamental abstractions (processes, files,
devices) etc.

Red Hat Enterprise Linux kernel version 2.4.21 does not perform
adequate checking of eflags in 32-bit ptrace emulation mode. Local user
could gain root privileges by exploiting this vulnerability in Linux. **

There is a vulnerability in the Linux kernel do_mremap system function.
Because of a bound checking issue within the function, it is possible for a
local attacker to interfere with the operation of the kernel. **
Browser exploits
An attacker uses scripting languages in the browser to mislead the user into
giving away confidential information.

Microsoft Internet Explorer does not properly display the location of HTML
documents. Web browsers display the Uniform Resource Locator in the
address bar. Microsoft Internet Explorer does not properly display URLs
that contain certain non-printable characters. An attacker could exploit this
and mislead users into revealing sensitive information.
Backdoor exploits
An attacker has some means of accessing the system without the owner
knowledge through an open port.

Backdoor.IRC.Cirebot is a Trojan Horse that exploits the Microsoft DCOM
RPC vulnerability. Backdoor.IRC.Cirebot is made up of a backdoor
component and a hacktool component that installs the backdoor on a
vulnerable machine.
Dalia Solomon
Note: The ** means attacks on Linux system
Download