[virusinfo] Remote denial of service in Novell Nsure Audit - 4/26/05

  • From: "Mike" <mikebike@xxxxxxxxx>
  • To: virusinfo@xxxxxxxxxxxxx
  • Date: Tue, 26 Apr 2005 09:24:13 -0700

From; Panda Oxygen3:

"It is folly for an eminent person to think of escaping censure,
                and a weakness to be affected by it."
       Joseph Addison (1672 - 1719) English essayist, poet, & politician.

            - Remote denial of service in Novell Nsure Audit -
         Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)

Madrid, April 26, 2005 - Security Tracker has announced the existence of a
vulnerability in the processing of Novell Nsure Audit ASN.1 messages.  This
problem could be employed by a remote user to cause denial of service
conditions.

A remote user could construct a brute force attack against 'webadmin.exe'
in TCP port 449 to cause the system under attack not to respond.  The
problem lies in the fact that Novell Nsure Audit does not adequately handle
ASN.1 messages sent via SSL. A remote user could run a tool to carry out
brute force ASN.1 attacks over OpenSSL and in this way cause the system to
crash.

Novell advises updating to version 1.0.3, although version 1.0.2 is also
unaffected by the problem.

More information about this problem is available on Novell's web site, at
http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097379.htm

NOTE: The address above may not show up on your screen as a single line.
This would prevent you from using the link to access the web page. If this
happens, just use the 'cut' and 'paste' options to join the pieces of the
URL.
------------------------------------------------------------ 
The 5 viruses most frequently detected by Panda ActiveScan, Panda
Software's free online scanner:
1)Downloader.BOG; 2)Netsky.P; 3)Mhtredir.gen; 4)Qhost.AF; 5)Agent.PF.

------------------------------------------------------------
To contact with Panda Software, please visit:
http://www.pandasoftware.com/about/contact/
------------------------------------------------------------

*********** MIKE"S REPLY SEPARATOR  ***********
Mike ~ It is a good day if I learned something new.
Editor MikesWhatsNews see a sample on my web page
http://www3.telus.net/mikebike
<mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=subscribe>
http://www3.telus.net/mikebike/worm_removal.htm
See my Anti-Virus pages  http://virusinfo.hackfix.org/index
<virusinfo-request@xxxxxxxxxxxxx?Subject=subscribe>
A Technical Support Alliance  and OWTA Charter Member

Other related posts:

  • » [virusinfo] Remote denial of service in Novell Nsure Audit - 4/26/05
  1. Home
  2. virusinfo
  3. Archive
  4. 04-2005