[Snort-sigs] Documentation SID 291

Steven Alexander alexander.s at ...1565...
Fri Jun 20 09:07:12 EDT 2003


Rule:  

NNTP Cassandra Overflow  

--
Sid: 291

--
Summary: 

This is an attempt to exploit a buffer overflow in the Cassandra NNTP
service.

--
Impact:  
An attacker can cause a denial of service.

--
Detailed Information:
  
The denial of service is caused by providing an unusually long login
name.  The signature looks for a data payload of over 512 characters.
The references available to do not indicated whether the service crashes
or simply stops responding.

--
Affected Systems:
Cassandra NNTP server v1.10 

--
Attack Scenarios:

The attack is done remotely and causes denial of service.
--
Ease of Attack:

Simple.  An exploit is readily available.

--
False Positives:

None known.
--
False Negatives:

None known.
--
Corrective Action:

Install the available security patches from your vendor.
--
Contributors:
Rule Documentation - Steven Alexander<alexander.s at ...1565...>
-- 
Additional References:

http://www.whitehats.com/info/IDS274
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0341






More information about the Snort-sigs mailing list