服务器发现安全漏洞!怎么解决?

fusoft 2004-08-27 08:55:08
用Xsacn扫描出来的安全漏洞,英文不大好,看不太明白!大家帮帮忙!
===================================================================
漏洞 ftp (21/tcp) The remote FTP server closes
the connection when a command is too long or is given
a too long argument.

This probably due to a buffer overflow, which
allows anyone to execute arbitrary code
on the remote host.

This problem is threatening, because
the attackers don't need an account
to exploit this flaw.

Solution : Upgrade your FTP server or change it
Risk factor : High
=========================================================================
漏洞 pop3 (110/tcp)
The remote POP3 server might be vulnerable to a buffer overflow
bug when it is issued at least one of these commands, with a too long
argument :

auth
user
pass

If confirmed, this problem might allow an attacker to execute
arbitrary code on the remote system, thus giving him an interactive
session on this host.

Solution : If you do not use POP3, disable this service in /etc/inetd.conf
and restart the inetd process. Otherwise, upgrade to a newer version.

See also : http://online.securityfocus.com/archive/1/27197
Risk factor : High
=========================================================================
...全文
198 点赞 收藏 9
写回复
9 条回复
切换为时间正序
当前发帖距今超过3年,不再开放新的回复
发表回复
warlibrary 2004-08-30
打补丁拉
回复
fusoft 2004-08-30
服务器是才重装了系统的,以前同样装的是这几个软件,怎么没有漏洞?重装系统就出漏洞了?奇怪!
回复
fusoft 2004-08-30
打什么补丁?
回复
Aceryt 2004-08-27
Server-U 升级到5.10的版本,这个版本好像是有漏洞。

Mail Server也可以采用Imail 8.10,这个也不是最新版本。

disable this service in /etc/inetd.conf and restart the inetd process.
另外,你是用什么软件检查的,这个软件提供的解决方法好像是为Unix系统的。
回复
fusoft 2004-08-27
怎么升级啊?
IIS里的smtp,pop3和ftp都没安装啊
FTP SERVER是用的Serv_U 5.0.0.9
MAIL Server 是用的 Imail 8.02
回复
fusoft 2004-08-27
看不明白啊!能说详细点吗?
回复
Aceryt 2004-08-27
解决办法不是已经告诉你了吗。

Solution : Upgrade your FTP server or change it

Solution : If you do not use POP3, disable this service in /etc/inetd.conf and restart the inetd process. Otherwise, upgrade to a newer version.
回复
那只有等待更好的版本了
回复
fusoft 2004-08-27
Serv_U 已经升级到了5.10
IMAIL 已经升级到了 8.12
还是有这两个漏洞
用的是http://www.xfocus.net/ 的 Xsacn V3.1 扫描出来的
回复
相关推荐
发帖
windows网络管理与配置
创建于2007-08-02

6070

社区成员

windows网络管理与配置
申请成为版主
帖子事件
创建了帖子
2004-08-27 08:55
社区公告
暂无公告