Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: New Sasser Worm FTP exploit and Java DOS - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
New Sasser Worm FTP exploit and Java DOS
We received a submission of an exploit for Sasser's FTP server. It
appears to be a buffer overflow targeting port 5554 by default. If successful it will spawn a shell. The published exploit code lists the shell listening on port 5300. We are seeing code in the wild using port 53 for the shell.

Sun announced a DOS vulnerability in the JRE today on May 6 which may allow a remote unprivileged user to cause the Java Virtual Machine to become unresponsive

The announcement:

SDK and JRE releases are available at:

SDK and JRE 1.4.2_03 or earlier 1.4.2 releases are affected.

Dan Goldberg Dan at MADJiC dot net

42 Posts
May 11th 2004

Sign Up for Free or Log In to start participating in the conversation!