PureBytes Links
Trading Reference Links
|
FYI - Security notice
@RISK: The Consensus Security Vulnerability Alert
April 1, 2004 Vol. 3. Week 13
***********************************************************************
@RISK is the SANS community's consensus bulletin summarizing the most
important vulnerabilities and exploits identified during the past week
and providing guidance on appropriate actions to protect your systems
(PART I). It also includes a comprehensive list of all new
vulnerabilities discovered in the past week (PART II).
----------------------------------------------------------------------
Part I Critical Vulnerabilities
Part I is compiled by the security team at TippingPoint
(www.tippingpoint.com) as a by-product of that company's continuous
effort to ensure that its intrusion prevention products effectively
block exploits using known vulnerabilities. TippingPoint's analysis is
complemented by input from a council of security managers from twelve
large organizations who confidentially share with SANS the specific
actions they have taken to protect their systems. A detailed
description of the process may be found at
http://www.sans.org/newsletters/cva/#process
Archives at http://www.sans.org/newsletters/
----------------------------------------------------------------------
MODERATE: eSignal STREAMQUOTE Buffer Overflow
Affected: eSignal version 7.5 and 7.6
Description: eSignal provides real-time stock market quotes and analysis
for investors. The software's main application, "WinSig.exe", runs a
listener on port 80/tcp. This listener is vulnerable to a stack-based
buffer overflow. The overflow can be triggered by sending a specially
crafted "STREAMQUOTE" tag containing over 1040 characters, and exploited
to execute arbitrary code. Exploit code has been publicly posted.
Status: Vendor notified, no patches available.
Council Site Actions: The affected software is not in production or
widespread use at any of the council sites. They reported that no action
was necessary.
References:
Posting by Vizzy
http://www.securityfocus.com/archive/1/358637/2004-03-19/2004-03-25/0
Exploit Code
http://viziblesoft.com/insect/sploits/vz-eSignal76.pl
Vendor Homepage
http://www.esignal.com/esignal/default.asp
SecurityFocus BID
http://www.securityfocus.com/bid/9978
|