New Exploit/Vunerablilty?

FeistyP · 3rd March 2003, 14:52

http://www.securiteam.com/securitynews/5WP010U9FY.html

Now I cannot recreate said exploit but do not have web logging turned so that may be the work around ... or it is simply bogus to begin with. I go and put bunk info in the login prompt and do see the error reported in the dnas window as stated in this report.

Come to think of it, I have no logging whatsoever. SC would build a huge file too fast even with touches removed and I hated having to manually delete it every couple days.

I only ever get to see just what is in the Tail Logfile screen, which is enough info for me since I only have a meager 10 litstener capability.

Thought I'd put this out here for everyone to see however.

yes, I am using DNAS 1.9.2/Win32

Jay · 3rd March 2003, 15:18

well one way to combat this is to make sure that all authorization boxes point to your server. The box will tell you where the request is coming from.

FeistyP · 3rd March 2003, 16:04

Care to elaborate?

Jay · 3rd March 2003, 17:41

if you go to your online log page, and a dialog window pops up you should definately be cautious, but the dialog box contains the location of the attacker's script, that can be used to determine where the data you enter is going.

FeistyP · 3rd March 2003, 19:53

Gotcha .. for seem reason I thought you were talking about the one I always get when logging into the admin page ..

Yes, if I went to the log and got one .. I would be quite suspicious!

now if only I could spell first time around

3rd March 2003, 14:52	#1
FeistyP Junior Member Join Date: Mar 2003 Location: Far Corner of America Posts: 4	New Exploit/Vunerablilty? http://www.securiteam.com/securitynews/5WP010U9FY.html Now I cannot recreate said exploit but do not have web logging turned so that may be the work around ... or it is simply bogus to begin with. I go and put bunk info in the login prompt and do see the error reported in the dnas window as stated in this report. Come to think of it, I have no logging whatsoever. SC would build a huge file too fast even with touches removed and I hated having to manually delete it every couple days. I only ever get to see just what is in the Tail Logfile screen, which is enough info for me since I only have a meager 10 litstener capability. Thought I'd put this out here for everyone to see however. yes, I am using DNAS 1.9.2/Win32

3rd March 2003, 15:18	#2
Jay Moderator Alumni Join Date: May 2000 Location: Next Door Posts: 8,888	well one way to combat this is to make sure that all authorization boxes point to your server. The box will tell you where the request is coming from. -Jay \| Radio Toolbox.com

3rd March 2003, 17:41	#4
Jay Moderator Alumni Join Date: May 2000 Location: Next Door Posts: 8,888	if you go to your online log page, and a dialog window pops up you should definately be cautious, but the dialog box contains the location of the attacker's script, that can be used to determine where the data you enter is going. -Jay \| Radio Toolbox.com

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

3rd March 2003, 16:04	#3
FeistyP Junior Member Join Date: Mar 2003 Location: Far Corner of America Posts: 4	Care to elaborate?

3rd March 2003, 19:53	#5
FeistyP Junior Member Join Date: Mar 2003 Location: Far Corner of America Posts: 4	Gotcha .. for seem reason I thought you were talking about the one I always get when logging into the admin page .. Yes, if I went to the log and got one .. I would be quite suspicious! now if only I could spell first time around