Re: AS/400 Vulnerabilities

Hello Bugtraq,

On Fri, 13 Jun 2008, security curmudgeon wrote:

> I would guess there is little research being done on them. The odds of a
> box falling over due to a few malformed TCP packets, but being resistant
> or not vulnerable to more complex attacks seems pretty far fetched.
> While this vendor and technology is widely deployed, it isn't a sexy
> target for research.

Speaking of AS/400 security research, I'd like to point out the following resources: http://seclists.org/pen-test/2008/Feb/0083.html http://www.venera.com/downloads.htm http://www.venera.com/order.htm http://www.security-database.com/toolswatch/AS-400-Auditing-Framework-Beta.html

Cheers, -- Marco Ivaldi, OPST Red Team Coordinator Data Security Division @ Mediaservice.net Srl http://mediaservice.net/

• This message: [ Message body ]
• Next message: Eduardo Jorge: "Muitiple XSS - Glassfish Web Interface (Sun Java System Application Server 9.1_01 (build b09d-fcs) )"
• Previous message: Pierre-Yves Rofes: "[ GLSA 200806-04 ] rdesktop: Multiple vulnerabilities"
• In reply to: security curmudgeon: "Re: AS/400 Vulnerabilities"
• Next in thread: Jon Kibler: "Re: Summary of AS/400 Vulnerability Information"

• Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]