Version 2.3 Updates

[hdm at metasploit.com (H D Moore)]

Hello everyone,

If you are still using version 2.2, you may have noticed that msfupdate 
now tells you to upgrade to 2.3. There were enough changes in 2.3 that it 
would have required nearly *800* downloads to upgrade via the online 
update system.

If you are running FreeBSD, you should be able to upgrade to 2.3 via the 
ports system. Big thanks to Jonatan B. for creating the port. 
 - http://www.freshports.org/security/metasploit/

For those running already 2.3, you may want to run msfupdate or pull down 
the latest snapshot from the metasploit.com web site. 


Post-2.3 Updates
==============

- We fixed a problem in msfweb that prevented it from reaping dead child 
processes; this bug was introduced at the last minute via a typo in the 
SIGCHLD handler. If you use msfweb on a regular basis, this update is a 
must. 

- Martin Bernhard posted to the pen-test mailing list about a problem with 
the iis_w3who_overflow exploit module. During the last round of release 
testing, I forgot to double-check the base address of the DLL on Windows 
2000 to see if it different from Windows XP. This causes the exploit to 
fail when used against Windows 2000 targets. We have updated the module 
to include the correct return address for Windows 2000.

- The apache_chunked_win32 exploit module was starting to show its age and 
has been completely rewritten. The old module was only able to exploit  
Windows 2000 and Windows NT systems running Apache.org build versions 
between 1.3.17 to 1.3.24  The new module should work on any version of 
Windows NT (4.0, 2000, XP, 2003) and successfully targets all Apache.org 
builds from 1.3.9 to 1.3.24. Additionally, this module now includes a 
target for the version of Apache bundled with the Oracle 8i database 
(8.1.7). An alternate exploitation technique (return to heap) was 
implemented by Matt Murphy and can be found online at the URL below.
 - http://lists.virus.org/dw-0day-0309/msg00008.html

-HD