BlackIce Patched or Not Patched?

ISS recently released a patch for the much published denial of server
venerability in BlackIce Defender.  Yet, eEye referred to the venerability
as a buffer overflow.

My question is ... does the newly released patch cover both? The ISS site
does not refer to a buffer overflow.

Does that mean that even after installing the patch BlackIce Defender is
open to a buffer overflow? (not good if so) I've taken BlackIce offline
until I am certain that it is fully patched.

Thanks in advance.

Tom
0
Remove
2/13/2002 12:49:00 AM
grc.security.software 15003 articles. 0 followers. Follow

3 Replies
850 Views

Similar Articles

[PageSpeed] 11

Correction:  Denial of service venerability as opposed to denial of server.
(grin)


"Remove" <Remove@nospam.com> wrote in message
news:a4cd79$s0r$1@news.grc.com...
> ISS recently released a patch for the much published denial of server
> venerability in BlackIce Defender.  Yet, eEye referred to the venerability
> as a buffer overflow.
>
> My question is ... does the newly released patch cover both? The ISS site
> does not refer to a buffer overflow.
>
> Does that mean that even after installing the patch BlackIce Defender is
> open to a buffer overflow? (not good if so) I've taken BlackIce offline
> until I am certain that it is fully patched.
>
> Thanks in advance.
>
> Tom
>
>
0
Remove
2/13/2002 12:51:00 AM
"Remove" <Remove@nospam.com> wrote in message
news:a4cd79$s0r$1@news.grc.com...
> ISS recently released a patch for the much published denial of server
> venerability in BlackIce Defender.  Yet, eEye referred to the venerability
> as a buffer overflow.
>
> My question is ... does the newly released patch cover both? The ISS site
> does not refer to a buffer overflow.

Yes, it covers both. I asked.

> Does that mean that even after installing the patch BlackIce Defender is
> open to a buffer overflow? (not good if so) I've taken BlackIce offline
> until I am certain that it is fully patched.

To be certain, ask. To be more certain, test.
../'
0
Jake
2/13/2002 7:33:00 AM
Jake,

Thanks for you help


"Jake Whin" <a@a.a> wrote in message news:a4d4gr$1kod$1@news.grc.com...
> "Remove" <Remove@nospam.com> wrote in message
> news:a4cd79$s0r$1@news.grc.com...
> > ISS recently released a patch for the much published denial of server
> > venerability in BlackIce Defender.  Yet, eEye referred to the
venerability
> > as a buffer overflow.
> >
> > My question is ... does the newly released patch cover both? The ISS
site
> > does not refer to a buffer overflow.
>
> Yes, it covers both. I asked.
>
> > Does that mean that even after installing the patch BlackIce Defender is
> > open to a buffer overflow? (not good if so) I've taken BlackIce offline
> > until I am certain that it is fully patched.
>
> To be certain, ask. To be more certain, test.
> ./'
>
>
0
Remove
2/13/2002 6:37:00 PM
Reply:

Similar Artilces:

Patches, patches, patches...
To forestall potential incidents of Warnock's Dillemma... I'm about to apply a whole heap 'o patches to Parrot. (With appropriate [APPLIED] responses, I hope) If, at the end of the day, I have *not* applied or commented on a patch you've sent, it means I've Officially Missed It, so give another try. Sorry 'bout this. Too much mail in the mailbox, and going back in time is tricky, as it can miss subsequent discussions on patches 'n stuff. -- Dan --------------------------------------"it's like th...

Patches, patches, patches... #2
OK, this is advance warning that I'm about to be reposting a bunch of patches of mine which appear to have succumbed to Warnock's Dilemma. The first three should be uncontroversial: there's a documentation fix-up for core.ops, and new tests for strings and stacks. The last one is rather larger, and consists of a greatly expanded set of tests for PerlString's, plus a bunch of bug-fixes. I'd be grateful if Jeff or Dan could take a look at this, as I have the feeling that a lot of the scalar PMCs are going to need similar fixes. Simon ...

[PATCH] Patch to patch for callbacks in core
I should have tested this better before submitting it. This patch is to Perl 11722 after applying my previous patch. Now callbacks will actually work. :-) - D <dmlloyd@tds.net> --- mg.c-old Tue Aug 21 13:26:52 2001 +++ perl-devel/mg.c Tue Aug 21 15:09:16 2001 @@ -1068,7 +1068,18 @@ void Perl_despatch_signals(pTHX) { - PL_event_pending = 0; + if (PL_callback_head != NULL) { + CALLBACK *cur, *next; + + for (cur = PL_callback_head; cur != NULL; cur = next) { + next = cur->next; + (*cur->callback)(cur->data); + ...

[PATCH] installperl patch
------=_Part_72778_11907270.1186149310146 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline The attached patch modifies installperl as follows: 1. Don't install lib/CGI/eg/*. (These files aren't installed by the CPAN version of CGI either.) 2. Don't install lib/ExtUtils/NOTES, and lib/ExtUtils/PATCHING. (These files aren't installed by the CPAN version of ExtUtils::MakeMaker either.) ------=_Part_72778_11907270.1186149310146 Content-Type: application/octet-stream; name=installperl.patch Content-Transf...

[PATCH] perlhack on what to patch
--- pod/perlhack.pod.orig 2006-07-12 22:52:14.000000000 +0300 +++ pod/perlhack.pod 2006-07-12 23:05:40.000000000 +0300 @@ -598,14 +598,22 @@ =head2 Submitting patches but context diffs are accepted. Do not send RCS-style diffs or diffs without context lines. More information is given in the I<Porting/patching.pod> file in the Perl source distribution. Please -patch against the latest B<development> version (e.g., if you're -fixing a bug in the 5.005 track, patch against the latest 5.005_5x -version). Only patches that survive the heat of the development ...

[PATCH] todo patch
--- perltodo.pod.old Wed May 16 17:51:45 2001 +++ perltodo.pod Mon May 28 16:56:29 2001 @@ -68,6 +68,10 @@ Artur Bergman's C<iThreads> module is a start on this, but needs to be more mature. +=head2 make perl_clone optionally clone ops + +So at pseduforking, mod_perl , iThreads and nvi will work properly (not as efficient) until regex engine is fixed + =head2 Work out exit/die semantics for threads =head2 Typed lexicals for compiler On Mon 28 May 2001 17:03, Artur Bergman <artur@contiller.se> wrote: > --- perltodo.pod.old Wed May 16 17:5...

[PATCH] Debian patches
--qDbXVdCdHGoSgWSk Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Attached are the patches to Debian's 5.8.4 package not currently covered by my latest rsync of perl-5.8.x. The patches have been re-worked to apply cleanly to that branch, but all should be applicable to perl-current as well. 10_fix_file_path Rewrite of File::Path::rmtree. This is the most important patch, it replaces rmtree with a recursive function to remove a race condition which potentially allows an attacker to make files suid or to remove arbitrary files (CAN-2...

PATCH: clarify where to patch against
--envbJBWh7q8WU6mo Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Talking about Perl 5 git repo tonight, some questions came up about where development really happens. This patch is a bit of clarification about where/why patches go to blead/maint. -- rjbs --envbJBWh7q8WU6mo Content-Type: text/x-diff; charset=us-ascii Content-Disposition: attachment; filename="0001-very-minor-tweaks-to-description-of-maint-blead.patch" From 1b7ad6bc0c93abd2d9fad847e8449824e529ba24 Mon Sep 17 00:00:00 2001 From: Ricardo SIGNES <rjbs@cpan.org> Date:...

[PATCH] cygwin070patches_4.patch
--------------030804070801060907040802 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit My latest patch against the cygwin070patches branch r30596. * Finished implementation of the makefile expansion - "perl-style" * Changed all relevant makefile templates. make fulltest and make codetest has the same few mt-thread and resume errors as always. A new idea: =========== #IF(darwin): #ALSO:# MACOSX_DEPLOYMENT_TARGET must be defined for OS X #ALSO:export MACOSX_DEPLOYMENT_TARGET := @osx_version@ The POD for this change: ...

[PATCH] patching for sunos
Hi coders, greetings from the stone age: This is perl, v5.9.4 built for sun4-sunos-stdio SunOS Release 4.1.3 (GENERIC) #3: Mon Jul 27 16:44:16 PDT 1992 $ uname -a SunOS xxx 4.1.3 3 sun4m If anyone is interested in patches for SunOS yet, I have some. Some are harmless, some may not be optimal. Help/hints/tips are always nice and appreciated. 1. SunOS realloc() does not like NULL pointers as parameters. (buf?realloc((buf), (size)):malloc((size))) 2. There is no strtoul(), alas. Some older code correctly uses the Strtoul() macro (capital S). Newer additions don't...

Microsoft patching its patches
While we're on the topic of zombies, security and patches..... George. ------------------------------------------------------------------------ "Exchange security patch needs patching" The patch needs a patch. The security update Microsoft rolled out last week to caulk a hole in Exchange 2000 server actually needs a patch itself. MS is also broadening its original Exchange 2000 security bulletin to include Exchange 5.5 Server deployments for the first time. Microsoft says if you've deployed Outlook Web Access, you need to patch ASAP. SOURCE: ENT Magazine http...

[PATCH] more pod patches
Yet more pod linting, this time on .pm files. I've touched things without fear or favour mostly - I think probably a few of these changes affect things that are also maintained outside the core. diff -urN perl-current.orig/configpm perl-current/configpm --- perl-current.orig/configpm Thu Mar 15 20:33:42 2001 +++ perl-current/configpm Thu Mar 15 21:10:59 2001 @@ -418,7 +418,7 @@ print CONFIG <<EOF; =head2 $c -=over +=over 4 EOF $text = 1; diff -urN perl-current.orig/ext/B/B/Bytecode.pm perl-current/ext/B/B/Bytecode.pm --- perl-current.orig/ext/B/B/B...

[PATCH] More Build patches
Two patches inline... A small change to Makefile.in so that 'make test' doesn't try to run without an interpreter or missing assembler libraries. Index: Makefile.in =================================================================== RCS file: /home/perlcvs/parrot/Makefile.in,v retrieving revision 1.24 diff -u -r1.24 Makefile.in --- Makefile.in 2001/10/14 10:58:19 1.24 +++ Makefile.in 2001/10/15 14:42:12 @@ -106,7 +106,7 @@ cd t; make clean cd docs; make clean -test: .test_dummy +test: $(TEST_PROG) assemble.pl .test_dummy .test_dummy: ...

Anyone have experience with security patch manager software?
My company is trying to get a better handle on the proliferation of service packs, hot fixes, recommended upgrades and the like for ~500 Windows workstations and ~75 Windows servers located world-wide. Our semi-automated systems can't handle it any more. We are looking for software that can use the MS hotfix and service pack definitions files (like HFNETCHK does) and then scan all the clients on the network and tell us which ones need which patches. Ideally, it should then be able to automatically push out and install the appropriate patches. We are not looking for an entire ...

Web resources about - BlackIce Patched or Not Patched? - grc.security.software

Robert David Graham (@ErrataRob) on Twitter
... using an old version of Internet Explorer. Learn more here Robert David Graham @ ErrataRob Stuck in code. Invented network IPS, created BlackICE, ...

IBM Internet Security Systems - Wikipedia, the free encyclopedia
Atlanta, Georgia , U.S. (1994 ( 1994 ) ) 6303 Barfield Road, Atlanta, Georgia , , U.S. In 1992, while attending the Georgia Institute of Technology ...

Home Games - Games - allgame
Software in this genre is designed for personal use, to boost productivity, help manage a schedule, or assist in a particular project or activity. ...

Arms control treaty could land security researchers like me in jail
... export of malware could make the world less safe. Robert Graham is a prominent cybersecurity researcher known for creating such things as BlackICE, ...

The DNS is falling
Kaminsky's new DNS attack has been exposed . It's another variation of old attacks that poison the DNS cache . What's the danger? It means hacker ...

deviantART: Emoticons
Original Alphabetical Creators Category :fella: :fellaleft: :fellaright: :fellarectum: :devart: :daprints: :jarkorig: :jarksaber: :spyed: :spyed2: ...

Dictionary - B
Dictionary slang - B

Encryption Software for Windows - Free downloads and reviews - CNET Download.com
The most downloaded Encryption Software software, including Real Spy Monitor, FreeOTFE, and BlackICE PC Protection

The Best Damn Firewall Book Period - Elsevier
The Best Damn Firewall Book Period-This book is essential reading for anyone wanting to protect Internet-connected computers from unauthorized ...

lburkholder's profile - Engadget
Luke Burkholder (lburkholder) on Engadget: see their gadgets, reviews, questions, answers, and discussions.

Resources last updated: 12/1/2015 11:24:05 AM