扫描SERVER发现两个漏洞,大侠来看看如何堵住这个漏洞
扫描SERVER发现两个漏洞,大侠来看看如何堵住这个漏洞,或者有相关的资料推荐一下,多谢
1、
ftp (21/tcp)
The remote FTP server closes
the connection when a command is too long or is given
a too long argument.
This probably due to a buffer overflow, which
allows anyone to execute arbitrary code
on the remote host.
This problem is threatening, because
the attackers don't need an account
to exploit this flaw.
Solution : Upgrade your FTP server or change it
Risk factor : High
CVE_ID : CAN-2000-0133, CVE-2000-0943, CAN-2002-0126, CVE-2000-0870, CAN-2000-1035, CAN-2000-1194, CAN-2000-1035
BUGTRAQ_ID : 961, 1858, 3884, 7251, 7278, 7307
NESSUS_ID : 10084
2、
www (80/tcp)
远程Web服务器当接受到过长的URL时宕机,黑客有可能通过这个漏洞执行任意代码
解决方案:立刻升级你的服务器
风险等级:高
___________________________________________________________________
The remote web server crashes when it receives a too long URL.
It might be possible to make it execute arbitrary code through this flaw.
Solution : Contact your vendor for a patch
Risk factor : High
Solution : Upgrade your web server.
CVE_ID : CVE-2000-0002, CVE-2000-0065, CAN-2001-1250, CAN-2003-0833
BUGTRAQ_ID : 2979, 6994, 7067, 7280, 8726
NESSUS_ID : 10320