[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: AS/400 Vulnerabilities

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: AS/400 Vulnerabilities
From: Marco Ivaldi <raptor@xxxxxxxxxxxxxxxx>
Date: Mon, 16 Jun 2008 09:55:57 +0200 (ora solare Europa occidentale)

Hello Bugtraq,

On Fri, 13 Jun 2008, security curmudgeon wrote:

I would guess there is little research being done on them. The odds of abox falling over due to a few malformed TCP packets, but being resistantor not vulnerable to more complex attacks seems pretty far fetched.While this vendor and technology is widely deployed, it isn't a sexytarget for research.

Speaking of AS/400 security research, I'd like to point out the followingresources:


http://seclists.org/pen-test/2008/Feb/0083.html
http://www.venera.com/downloads.htm
http://www.venera.com/order.htm
http://www.security-database.com/toolswatch/AS-400-Auditing-Framework-Beta.html

Cheers,

--
Marco Ivaldi, OPST
Red Team Coordinator      Data Security Division
@ Mediaservice.net Srl    http://mediaservice.net/

References:
- AS/400 Vulnerabilities
  - From: Jon Kibler
- Re: AS/400 Vulnerabilities
  - From: security curmudgeon

Prev by Date: [ GLSA 200806-04 ] rdesktop: Multiple vulnerabilities
Next by Date: Muitiple XSS - Glassfish Web Interface (Sun Java System Application Server 9.1_01 (build b09d-fcs) )
Previous by thread: Re: AS/400 Vulnerabilities
Next by thread: Re: Summary of AS/400 Vulnerability Information
Index(es):
- Date
- Thread