SecuObs.com - L'observatoire de la sécurité internet - UDP packets with source port of 53 bypass firewall rules attack

SecuToolBox : Bluetooth Stack Smasher v0.6 / Bluetooth Stack Smasher v0.8 / Slides Bluetooth Eurosec 2006 / Exposé vidéo Windows Shellcode - Kostya Kortchinsky / Exposé audio Reverse Engineering - Nicolas Brulez / Exposé vidéo Securitech - Pierre Betouin / WEP + Aircrack + Ubiquiti (MadWifi) 530 mW + Yagi / Secure WIFI WPA + EAP-TLS + Freeradius / Audit Windows / Captive Password Windows / USBDumper / USBDumper 2 / Hacking Hardware / WishMaster backdoor / DNS Auditing Tool / Ettercap SSL MITM / Exploit vulnérabilités Windows / Memory Dumper Kernel Hardening / Reverse Engineering / Scapy / SecUbuLIVE CD / Metasploit / eEye Blink Sec Center / eEye Retina Scanner

Détail du test :

ID	11580
Nom	UDP packets with source port of 53 bypass firewall rules
Auteurs	This script is Copyright (C) 2003-2007 Tenable Network Security
Catégorie	Firewalls
Action	attack
Résumé	By-passes the remote firewall rules
Description	It is possible to by-pass the rules of the remote firewall by sending UDP packets with a source port equal to 53. An attacker may use this flaw to inject UDP packets to the remote hosts, in spite of the presence of a firewall. Solution : Review your firewall rules policy Risk factor : High

Cliquer pour le detail - Liste des tests :

UDP packets with source port of 53 bypass firewall rules
Gopherd Proxy Usage
ZoneAlarm Personal Firewall port 67 flaw
RADIUS server detection
ICMP Netmask Request
Arkoon identification
L2TP detection
Check Point FireWall-1 ICA Service Detection
Weak Initial Sequence Number
NetAsq identification
BenHur Firewall active FTP firewall leak
Default password (zebra) for Zebra
Firewall Enabled
Proxy accepts POST requests
Finjan restart command
Check Point FireWall-1 Telnet Client Authentication Detection
Open Web Proxy Server
Usable remote proxy on any port
CCProxy Detection
Checkpoint FW-1 identification
Checkpoint Firewall open Web administration
Proxy accepts CONNECT requests
Check Point FireWall-1 HTTP Client Authentication Detection
Kerio WinRoute Firewall HTTP/HTTPS Management Detection
ICMP Timestamp Request
Kerio personal Firewall buffer overflow
StoneGate client authentication detection
IBM Tivoli Relay Overflow
BlueCoat ProxySG console management detection
Remote host on same physical but not logical network
Proxy accepts gopher:// requests
ZoneAlarm Pro local DoS
ZoneAlarm Local Privilege Escalation Vulnerability
Passwordless Wingate installed
Remote host replies to SYN+FIN
Raptor FW version 6.5 detection
Source routed packets

Cliquer pour le detail - liste des categories :

CISCO

Compte utilisateur unix par défaut

Acces root à distance

Acces shell à distance

General

Divers

Netware

Backdoors / chevaux de troie

NIS

Peer to Peer

Scanner de port

Fichiers en acces distant

RPC

Parametrage

Serveur de messagerie SMTP

SNMP

Services de moindre importance

Windows : Général

Windows : gestion des utilisateurs

Windows : Mises a jour

Debian : Mises a jour

Gentoo : Mises a jour

AIX : Mises a jour

Red Hat : Mises a jour

Mac OS X : Mises a jour

Slackware : Mises a jour

SuSE : Mises a jour

Mandrake : Mises a jour

Fedora : Mises a jour

Solaris : Mises a jour

FreeBSD : Mises a jour

HP-UX : Mises a jour

Ubuntu : Mises a jour

Mini-Tagwall des articles publiés sur SecuObs :

sécurité, windows, exploit, réseau, vulnérabilité, attaque, système, microsoft, virus, audit, internet, présentation, fonction, données, linux, outil, bluetooth, shell, gestion, trames, vista, wishmaster, sysun, paquets, metasploit, téléphone, engineering, fonctions + de mots clés avec l'annuaire des articles publiés sur SecuObs

Archives Failles Secunia :

- SA32774 Citrix XenServer Ext2/Ext3 Processing Security Bypass Vulnerability - SA32761 No-IP Linux Dynamic Update Client Buffer Overflow Vulnerability - SA32778 Ubuntu update for firefox, firefox-3.0, and xulrunner-1.9 - SA32659 E-topbiz Link Back Checker auth Cookie Security Bypass - SA32745 Free Directory Script API_HOME_DIR File Inclusion Vulnerability + d'archives failles avec Secunia et SecuMail

Archives Mailing Full Disclosure :

- Re: Full-disclosure Fwd: Three London hospitals have been forced to shut down their entire computer systems for at least 24 hours after being hit by a virus - Re: Full-disclosure Fwd: Three London hospitals have been forced to shut down their entire computer systems for at least 24 hours after being hit by a virus - Full-disclosure MDVSA-2008:220-1 kernel - Re: Full-disclosure Fwd: Three London hospitals have been forced to shut down their entire computer systems for at least 24 hours after being hit by a virus - Re: Full-disclosure Fwd: Three London hospitals have been forced to shut down their entire computer systems for at least 24 hours after being hit by a virus + d'archives Full Disclosure avec SecuMail

Archives Mailing Bugtraq :

- Re: Re: Re: Re: Opera 9.6x file:// overflow - Re: MDVSA-2008:232 dovecot - Re: Re: Re: Re: Opera 9.6x file:// overflow - MDVSA-2008:232 dovecot - Re: MDVSA-2008:231 libxml2 + d'archives Bugtraq avec SecuMail

Mini-Tagwall de l'annuaire video :

virus, spyware, vmware, firmware, biometric, lockpicking, wimax, password, kernel, malware, spammer, windows, iphone, symantec, phish, knoppix, adware, security, botnet, linux, tutorial, cryptography, internet, attack, wireshark, server, virtual, metasploit, intel, openbsd, hitbsecconf2006, protect, jailbreak, norton, ubuntu, rootkit, exploit, samsung, hijackthis, screen, ettercap, fingerprint, vista, flash, drive + de mots clés avec l'annuaire des videos

Mini-Tagwall des articles de la revue de presse :

security, microsoft, windows, vulnérabilité, network, google, vulnerability, hacker, attack, inject, remote, mobile, server, exploit, apple, internet, iphone, black, yahoo, sécurité, malware, vista, intel, patch, crypt, drive, access, protect, virtual, laptop, linux, source, biometric, research, ebook, business, virus, office, phish, adobe, chine, facebook, opera, flash, wireless + de mots clés avec l'annuaire de la revue de presse