Surya Batchu wrote:
Hi,
Please see this advisory: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-3051
This attack can be launched remotely by sending specially crafted data in
archived file.
Which security solutions are expected to catch these kinds of attacks? It seems
that NIPS/NIDS solution typically check for buffer overflow attacks at protocol
level, but not at the file/archive level. If so, is it fair to assume that
only security solutions running, on the client machine, catch these kjinds of
attacks. Any insight is appreciated.
T
also, isn't this old? very old? current 7zip version is 4.44, well past
the 4.27Beta of this one 2 years ago.
-----------------------------------------------------------------
This email has been scanned and certified safe by SpammerTrap(tm)
For Information please see http://www.spammertrap.com
-----------------------------------------------------------------
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------
