Posted on Sunday, October 30 2005 @ 19:17:58 CET by LSDsmurf
Security Content Improvements in 3.6.coq:
The default priorities of 68 PAM issues have changed to take X-Force
recommendations directly. The issues and their priority changes are listed
in section 6.
A false positive was removed from HTTP_Skype_Callto_Overflow.
A new tuning parameter, pam.content.vcard.limit, has been added to help
prevent false positives with Email_VCF_Mozilla_Overflow.
A false positive was removed from HTTP_PHP_Addslashes_ViewFiles.
A false positive was removed from SQL_SSRP_Malformed_Enum_Response that
could fire on non-threatening DNS traffic.
A new tuning parameter, pam.http.iis.ida.threshold, has been added to help
prevent false positives with HTTP_IIS_Index_Server_Overflow.
The file name details for MIME attachments is now set to a displayable
maximum of 255.
A false positive due to skipping "End of Mib View" variables has
been removed from SNMP_Bad_Variable_Type.
A false positive was removed from SIP_Unknown_Method_name by tightening
the reverse connection logic.
The file extension ".vsd" was associated with compound documents
to remove a false positive from Content_CompoundFile_Bad_Extension.
The file extensions ".lha" and ".lzh" were associated
with LHA compressed files to remove a false positive from
Content_CompoundFile_Bad_Extension.
A false negative was removed from HTTP_IExplorer_Command_Exec, and the
default response was changed from block- connection to rewrite.
FTP heuristics were enhanced to accept a hyphen as the first character
following a 220 server response.
A false positive was removed from MSRPC_MSDTC_Message_BO by having the
algorithm only inspect vulnerable opcodes.
A false negative was removed from BrightStor_Discovery_Overflow.
A false negative was removed from BackOrifice_Ping.
Other Updates:
Changed the order MIME type evaluations to detect more common MIME types
earlier.
Added recognition of several new MIME types to the HTTP parser.
Improved data validation was added to the BGP parser to improve accuracy
and prevent desynchronization.
Two tuning parameters, pam.fastchannel.size and pam.fastchannel.expire,
have been added to provide additional VoIP performance control.
Performance improvements were made to the HTML content-layer parser.
The SIP protocol parser was refactored to improve performance.
Program Information Category:
Tools and Utilities Type:
Shareware Version: 3.6.coq Size: 6.93MB Works on: Windows
Note: Software piracy is illegal, we only link to legal versions and it's not allowed to ask for cracks, serials, registration codes or key generators for BlackICE 3.6.coq in our comment section. Use the comments if you get errors with this program or just to tell us how great it is ;)
Recommended: Click here to Update all your outdated drivers