[18453] in bugtraq
Re: analysis of auditable port scanning techniques
daemon@ATHENA.MIT.EDU (Michael S Soukup)
Mon Jan 8 12:06:44 2001
MIME-Version: 1.0
Content-type: text/plain; charset=us-ascii
Message-ID: <OF68380884.D8903CE3-ON852569CB.006A7BE8@raleigh.ibm.com>
Date: Fri, 5 Jan 2001 14:25:06 -0500
Reply-To: Michael S Soukup <soukup@US.IBM.COM>
From: Michael S Soukup <soukup@US.IBM.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
-----BEGIN PGP SIGNED MESSAGE-----
Section 1.5.2 of this paper describes an attack termed the "FTP server bounce
attack".
The author states that AIX is vulnerable to this type of attack.
This is no longer true: this vulnerability was fixed some time ago in
AIX versions 4.1, 4.2, and 4.3. APARS containing the patches are available.
Many thanks,
Mike Soukup
************************************************
Michael Soukup
AIX Security Team Lead
AIX Security and Performance Tools Dept. (UD3A)
IBM Austin
Phone: (512) 838-0595
e-mail: soukup@us.ibm.com
Personal PGP KeyID: 1024/3C203F04
IBM Security Alert PGP KeyID: 1024/F5620AAF
************************************************
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.2
iQCVAwUBOlYe2wsPbaL1YgqvAQH5AgQAwfBLFR+ROd5jMCnxEJ0ANJYPDyRLgqT5
Kj/g6mLRsKqp0hTpMlldvx4gnHJ6CvFO5D8mdYvOtExbfGeTjzOLFEsJ/6gDVnNX
8GauvfVGHgmv7q7ITk7QrUwYLwxJgwX/vmWQrfyGH4qFZtZGF/wUpuXb2nO5Kvwd
t0vlqbLkBtU=
=TUqv
-----END PGP SIGNATURE-----
