funsec mailing list archives
Re: exploiting MS08-021
From: "Paul Ferguson" <fergdawg () netzero net>
Date: Mon, 14 Apr 2008 21:57:43 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -- "Larry Seltzer" <larry () larryseltzer com> wrote:
Theres exploit code out (http://www.milw0rm.com/exploits/5442) for MS08-021 (http://www.microsoft.com/technet/security/Bulletin/MS08-021.mspx) which describes GDI buffer overflows in the loading of EMF and WMF files.
There's more than just a PoC exploit available via milw0rm -- there are active malicious exploits circulating in-the-wild on this since last week. - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFIA9NSq1pz9mNUZTMRApUYAKCukBDsmH8KLgydDaIYm6NaqqdnswCgyOqe JzgOm01fsLFZz3WvK2Eqy68= =OeuJ -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- exploiting MS08-021 Larry Seltzer (Apr 14)
- Re: exploiting MS08-021 Richard M. Smith (Apr 14)
- Re: exploiting MS08-021 Larry Seltzer (Apr 14)
- Re: exploiting MS08-021 Eric Sites (Apr 14)
- Re: exploiting MS08-021 Florian Weimer (Apr 15)
- Re: exploiting MS08-021 Larry Seltzer (Apr 14)
- <Possible follow-ups>
- Re: exploiting MS08-021 Larry Seltzer (Apr 14)
- Re: exploiting MS08-021 Paul Ferguson (Apr 14)
- Re: exploiting MS08-021 RandallMan (Apr 14)
- Re: exploiting MS08-021 Richard M. Smith (Apr 14)