Metasploit Updates

[shirkdog_list at hotmail.com (M. Shirk)]

Site designe is simple, just like what I am going back to.

And thank you for all of your work, which helps me to learn the true nature 
of software.

Shirkdog
http://www.shirkdog.us




> From: H D Moore <hdm at metasploit.com>
> Reply-To: framework at metasploit.com
> To: framework at metasploit.com
> Subject: [framework] Metasploit Updates
> Date: Thu, 22 Jun 2006 01:25:29 -0500
>
> Hello everyone,
>
> We finally updated the Metasploit.com web site - it should be much easier
> to navigate and less abrasive on the eyes. If you have any suggestions
> for improvement (or would like to volunteer some design/graphics help),
> please email me offlist.
>
> The first round of updates as release for the 2.6 tree:
>
> rras_ms06_025: This module exploits a stack overflow in the Windows
> Routing and Remote Access Service. We have a couple other exploits in the
> works for this service, but it seems that some of them still aren't
> patched :-)
>
> ms05_030_nntp: This module exploits a stack overflow in Outlook Express's
> NNTP client interface. Another fun client-side bug, thanks again to MC
> for providing it.
>
> cesarftp_mkd: This module exploits a (still unpatched) vulnerability in
> CesarFTP. Three different people submitted modules for this bug, but MC
> s was best in terms of quality. The fact that he also provided a MSFv3
> version probably helped as well :-)
>
> niprint_lpd: This module exploits a worthless bug in a little-used
> service. It was added as an educational module and was inspired by
> Immunity's VisualSploit demo. The original demo is still online at:
> - http://www.immunitysec.com/documentation/vs_niprint.html
>
> We also have a few Office exploits in the works. The "big scary targeted
> Word exploit" from last month is actually fairly unreliable and annoying
> to convert into an exploit. The new "big scary targeted Excel exploit"
> isn't that exciting either, but we will try to produce a module for it in
> the near future. The bug discovered by kcope and exploited by naveed
> looks like a lot more fun and is a standard stack/seh smash:
> - http://archives.neohapsis.com/archives/fulldisclosure/2006-06/0436.html
>
> Over the weekend, we migrated all of our CVS trees to a single Subversion
> repository. With any luck, we should be able to open up public access to
> the Framework development tree in the near future. Thanks again for all
> of the community support and enjoy the new modules!
>
> -HD

_________________________________________________________________
On the road to retirement? Check out MSN Life Events for advice on how to 
get there! http://lifeevents.msn.com/category.aspx?cid=Retirement