6,211
社区成员
发帖
与我相关
我的任务
分享服务器发现安全漏洞!怎么解决?
用Xsacn扫描出来的安全漏洞,英文不大好,看不太明白!大家帮帮忙!
===================================================================
漏洞 ftp (21/tcp) The remote FTP server closes
the connection when a command is too long or is given
a too long argument.
This probably due to a buffer overflow, which
allows anyone to execute arbitrary code
on the remote host.
This problem is threatening, because
the attackers don't need an account
to exploit this flaw.
Solution : Upgrade your FTP server or change it
Risk factor : High
=========================================================================
漏洞 pop3 (110/tcp)
The remote POP3 server might be vulnerable to a buffer overflow
bug when it is issued at least one of these commands, with a too long
argument :
auth
user
pass
If confirmed, this problem might allow an attacker to execute
arbitrary code on the remote system, thus giving him an interactive
session on this host.
Solution : If you do not use POP3, disable this service in /etc/inetd.conf
and restart the inetd process. Otherwise, upgrade to a newer version.
See also : http://online.securityfocus.com/archive/1/27197
Risk factor : High
=========================================================================
===================================================================
漏洞 ftp (21/tcp) The remote FTP server closes
the connection when a command is too long or is given
a too long argument.
This probably due to a buffer overflow, which
allows anyone to execute arbitrary code
on the remote host.
This problem is threatening, because
the attackers don't need an account
to exploit this flaw.
Solution : Upgrade your FTP server or change it
Risk factor : High
=========================================================================
漏洞 pop3 (110/tcp)
The remote POP3 server might be vulnerable to a buffer overflow
bug when it is issued at least one of these commands, with a too long
argument :
auth
user
pass
If confirmed, this problem might allow an attacker to execute
arbitrary code on the remote system, thus giving him an interactive
session on this host.
Solution : If you do not use POP3, disable this service in /etc/inetd.conf
and restart the inetd process. Otherwise, upgrade to a newer version.
See also : http://online.securityfocus.com/archive/1/27197
Risk factor : High
=========================================================================
...全文
请发表友善的回复…
发表回复
warlibrary 2004-08-30
- 打赏
- 举报
打补丁拉
fusoft 2004-08-30
- 打赏
- 举报
服务器是才重装了系统的,以前同样装的是这几个软件,怎么没有漏洞?重装系统就出漏洞了?奇怪!
fusoft 2004-08-30
- 打赏
- 举报
打什么补丁?
Aceryt 2004-08-27
- 打赏
- 举报
Server-U 升级到5.10的版本,这个版本好像是有漏洞。
Mail Server也可以采用Imail 8.10,这个也不是最新版本。
disable this service in /etc/inetd.conf and restart the inetd process.
另外,你是用什么软件检查的,这个软件提供的解决方法好像是为Unix系统的。
Mail Server也可以采用Imail 8.10,这个也不是最新版本。
disable this service in /etc/inetd.conf and restart the inetd process.
另外,你是用什么软件检查的,这个软件提供的解决方法好像是为Unix系统的。
fusoft 2004-08-27
- 打赏
- 举报
怎么升级啊?
IIS里的smtp,pop3和ftp都没安装啊
FTP SERVER是用的Serv_U 5.0.0.9
MAIL Server 是用的 Imail 8.02
IIS里的smtp,pop3和ftp都没安装啊
FTP SERVER是用的Serv_U 5.0.0.9
MAIL Server 是用的 Imail 8.02
fusoft 2004-08-27
- 打赏
- 举报
看不明白啊!能说详细点吗?
Aceryt 2004-08-27
- 打赏
- 举报
解决办法不是已经告诉你了吗。
Solution : Upgrade your FTP server or change it
Solution : If you do not use POP3, disable this service in /etc/inetd.conf and restart the inetd process. Otherwise, upgrade to a newer version.
Solution : Upgrade your FTP server or change it
Solution : If you do not use POP3, disable this service in /etc/inetd.conf and restart the inetd process. Otherwise, upgrade to a newer version.
回炉重造,学习编程中。。。 2004-08-27
- 打赏
- 举报
那只有等待更好的版本了
fusoft 2004-08-27
- 打赏
- 举报
Serv_U 已经升级到了5.10
IMAIL 已经升级到了 8.12
还是有这两个漏洞
用的是http://www.xfocus.net/ 的 Xsacn V3.1 扫描出来的
IMAIL 已经升级到了 8.12
还是有这两个漏洞
用的是http://www.xfocus.net/ 的 Xsacn V3.1 扫描出来的
