New User, Welcome!     Login

network port

NULL pointer in Acronis True Image Windows Agent 1.0.0.54

===============


The Acronis Agent is an essential component of Acronis True Image Echo
Server (Workstation and Enterprise packages) and is a server running on
the TCP and UDP port 9876 which allows the local and remote management
of Acronis TrueImage.

The Acronis True Image Windows Agent must be not confused with the
Acronis Snap Deploy Management Agent which uses the same ports but a
different protocol and so it's not affected by this bug.

Cisco Security Advisory: Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerability

Unified Communications Manager Administration interface. The software
version can also be determined by running the "show version active"
command via the command-line interface.

A SIP trunk must be configured for the Cisco Unified CallManager
server to begin listening for SIP messages on TCP and UDP port 5060
and TCP/5061. However, in Cisco Unified Communications Manager
versions 5.x and later, the use of SIP as a call signaling protocol
is enabled by default and cannot be disabled.

Cisco IOS Software is also affected by this vulnerability, but it is

iDefense Security Advisory 08.27.07: Motorola Timbuktu Multiple Buffer Overflow Vulnerabilities

versions are suspected to be vulnerable.

V. WORKAROUND

Employing firewalls to limit access to the affected service's open ports
(TCP and UDP port 407) can help prevent potential exposure to these
vulnerabilities.

VI. VENDOR RESPONSE

Motorola Inc. has addressed these vulnerabilities by releasing version

ZDI-11-039: BMC PATROL Agent Service Daemon BGS_MULTIPLE_READS Remote Code Execution Vulnerability

Potential vulnerability in network accessible binaries Service Daemon
and Manager Daemon 

BMC Software has identified a potential security exposure in Perform
binaries Service Daemon and Manager Daemon, which listen on a network
port. (The default port is 6768.) This problem affects all supported
versions of these products. 

This is a remotely exploitable memory corruption that can result in the
remote execution of arbitrary code such as the Perform Installation
Owner account on UNIX, or the SYSTEM account on Windows.

Safari browser port blocking bypassed by integer overflow

Apple is going to learn several lessons here, the most important of which is 
probably not to let an unsigned short pose as anything other than an unsigned 
short. Open up a Safari browser on your favorite chode-sniffing operating 
system. Go to a "banned" port like 25 and you'll get an error:

___Not allowed to use restricted network port___ (WebKitErrorDomain:103) 

Add 65536 to 25 to make 65561 and revisit the site on this new port-- no such
cockblocking. You're good to go. You can now use the Safari web browser as a
device to hit any port on any address with a cross-protocol scripting attack.


Copyright © 1995-2012 LinuxRocket.net. All rights reserved.

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!