源码地带 > 电路图 > 电子资料下载 > 其他行业 >全面网络扫描器VB源代码很实用 > 查看压缩包源码

全面网络扫描器VB源代码很实用

源代码在线查看： squid proxy up to 2.5 ntlm authentication ntlm_fetch_string denial of service.plugin

软件大小：	1036 K
上传用户：	xx87293767
关键词：	网络扫描器源代码
下载地址：	免注册下载普通下载


相关代码
squid proxy up to 2.5 ntlm authentication ntlm_fetch_string denial of service.plugin squid proxy up to 2.5.stable6 clientabortbody denial of service.plugin apache prior 1.3.31 and prior 2.0.49 connection blocking denial of service.plugin apache prior 2.0.51-dev mod_dav denial of service.plugin cerbere http proxy prior 1.2 http host field denial of service.plugin an introduction to denial of service.txt an introduction to denial of service.txt an introduction to denial of service.txt

203
Squid proxy up to 2.5 NTLM authentication ntlm_fetch_string Denial of Service
Firewalls
2004/09/10
Marc Ruef
marc dot ruef at computec dot ch
http://www.computec.ch
computec.ch
Marc Ruef
marc dot ruef at computec dot ch
http://www.computec.ch
computec.ch
2004/11/13
1.1
Corrected the plugin structure and added the accuracy values in 1.1
tcp
3128
open|send GET http://www.computec.ch HTTP/1.0\nHost: http://www.computec.ch\n\n|sleep|close|pattern_exists *Server Squid/[0-1].* OR *Server Squid/2.[0-5]*
80
Check is inspired by the Nessus plugin (see Nessus ID listed in the sources). Perhaps the Squid proxy is running on another port (e.g. 8080).
Marco Ortisi
http://www.squid-cache.org
Squid Team
2004/06/09
http://www.squid-cache.org/bugs/show_bug.cgi?id=1045
Squid up to 2.5
Squid without NTLM authentication, Squid 2.5 and newer or other proxy solutions
Buffer Overflow
The remote host seems to be running a Squid proxy. Squid up to 2.5 has a denial of service vulnerability if the NTLM authentication string is too long. An attacker may crash the remote proxy or be able to run arbitrary code in the context of the server.
The server should be deactivated or de-installed if not necessary. If this is not possible, you should upgrade the software to the latest version and do not use NTLM authentication. To make it harder to find the server the daemon could be configured to listen at another port (e.g. 8099). Try to prevent unwanted connection attempts by filtering traffic with firewalling. Alternation of the application banner can confuse an attacker and let him determine the wrong software.
Approx. 50 minutes
Yes
http://www.securityfocus.com/bid/10500/exploit/
Yes
Yes
Medium
6
7
9
7
High
Nessus is able to do the same check more accurate.
CAN-2004-0541
10500
12444
12294
Hacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427
http://www1.uk.squid-cache.org/squid/Versions/v2/2.5/bugs/squid-2.5.STABLE6-ntlm_fetch_string.patch


相关资源
全面网络扫描器VB源代码很实用用vb编写dll动态链接库。教程及一些源代码很实用一本关于ARM 嵌入系统书籍源代码很实用的一个管理党费的vb程序很实用的程序可以看所有代码基于C#语言的一个教务网数据库系统开发案例的源代码 ,很实用哦基于C#语言的一个企业客户管理数据库系统开发案例的源代码 ,很实用基于C#语言的一个物流信息网数据库系统开发案例的源代码 ,很实用一个韩国很眩的网站FLASH 源代码很实用

全面网络扫描器VB源代码 很实用

源代码在线查看： squid proxy up to 2.5 ntlm authentication ntlm_fetch_string denial of service.plugin

相关代码

相关资源

友情链接

全面网络扫描器VB源代码很实用