Java zero day attack

자세한 내용은 아래 기사 내용에서 확인하시면 될것 같습니다.

http://www.boannews.com/media/view.asp?idx=20439&kind=0

alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:”Java Deployment Toolkit ActiveX Command Execution”; flow:to_client,established; content:”clsid”; nocase; content:”CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA”; nocase; pcre:”/<OBJECT\s+[^>]*classid\s*=\s*[\x22\x27]?\s*clsid\s*\x3a\s*\x7B?\s*CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA/si”;)

패치 분석 내용입니다.

http://sites.google.com/site/darungrim/Screenshots/java-deployment-toolkit-performs-insufficient-validation-of-parameters-patch

Advertisements

About this entry