Dailydave mailing list archives
Immunity in the "news"
From: "Gavin, Michael" <mgavin () forrester com>
Date: Fri, 12 May 2006 09:31:36 -0400
Happy Birthday Dave! (Now where did I leave that deck of punch cards...)
From Citadel's "Two Minute Warning" (which has raised its "Internet
Threat Regulator" status from "low/normal" to "medium/elevated" today, perhaps due in part to this? ;-) ): The Vulnerability Report: Exchange Exploit Out A security company with vulnerability expertise has released a denial-of-service exploit against Microsoft Exchange's calendar, the same feature patched earlier this week that has analysts worried about a worm, Symantec said Thursday. Immunity Security, which markets the CANVAS exploit tool, has added the capability to launch a denial-of-service attack against Exchange, Microsoft's mail server software. "This closely follows the initial release of the fuzzer targeting the same service," Symantec said. On Wednesday, Immunity unveiled a stress-test tool, a "fuzzer," that hammered on one of the two calendar functions mentioned in Microsoft's MS06-019 security bulletin. Symantec isn't sure if the Immunity exploit targets the same vulnerability that Microsoft patched, or is an attack against a new zero-day bug. Because Immunity only releases its exploits to users of the CANVAS framework, Symantec said it was "unlikely" that it would leak to hackers in the near future. In the past, however, Immunity's development of an exploit has been followed by independent work by hackers. In October 2005, for instance, Immunity released an exploit for a bug patched the previous day by Microsoft; by the end of November, others had come up with their own attacks. Symantec recommended that companies not only patch the vulnerability fixed in MS06-019, but also apply the workarounds outlined in the bulletin in case the Immunity exploit is aimed an unpatched problem.
Current thread:
- Immunity in the "news" Gavin, Michael (May 12)