Qualys Threads May 2011 <ul><li>Paul R.
Vlad Z.
Stefan F. </li></ul>26 th of August 2011 – TGIF IT Security
Overview <ul><li>Qualys Top 10 Threads
Internal Vulnerability
External Vulnerability
Upcoming SlideShare
Loading in...5
×

Qualys Threads

282

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
282
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
4
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Half live Explosure Prelevance perstitance
  • when printer sharing is enabled, does not properly validate spooler access permissions, which allows remote attackers to create files in a system directory, and consequently execute arbitrary code, by sending a crafted print request over RPC
  • An attacker can obtain a client&apos;s public host key during a connection attempt and use it to open and authenticate an SSH session to another server with the same access rights as the victim.
  • Qualys Threads

    1. 1. Qualys Threads May 2011 <ul><li>Paul R.
    2. 2. Vlad Z.
    3. 3. Stefan F. </li></ul>26 th of August 2011 – TGIF IT Security
    4. 4. Overview <ul><li>Qualys Top 10 Threads
    5. 5. Internal Vulnerability
    6. 6. External Vulnerability
    7. 7. Q&A </li></ul>
    8. 8. <ul><li>Qualys Top 10 Threads </li></ul><ul><li>List of Top 10 External and Internal Vulnerabilities </li><ul><ul><li>Dynamically updated
    9. 9. 200 millions IP audits </li></ul></ul><li>Based on “ Laws of Vulnerabilities 2.0 “
    10. 10. No patches </li><ul><ul><li>Work-around may be possible </li></ul></ul></ul>
    11. 11. Internal Thread <ul><li>M$ Windows Print Spooler Remote Code Execution Vulnerability </li><ul><ul><li>CVE-2010-2729
    12. 12. MS10-061
    13. 13. Affects all versions of Windows </li></ul></ul><li>Allows remote attackers to </li><ul><ul><li>create files in the system
    14. 14. execute arbitrary code </li></ul></ul><li>Recommendation: update the system KB2347290 </li></ul>
    15. 15. External Thread <ul><li>SSH Protocol Version 1 Supported </li><ul><ul><li>CVE-2001-1473
    16. 16. Affects SSH 1.2.24 … 1.2.31 </li></ul></ul><li>Men-in-the-middle attack </li><ul><ul><li>Gain privileges of a system </li></ul></ul><li>Recommendation: update to SSH 2.4.0 </li></ul>
    17. 17. Questions?
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×