Metasploit mailing list archives
Metasploit Framework TMT 2007 hdDay exploit
From: rsrivastwa at yahoo.com (Rohit Srivastwa)
Date: Wed, 25 Jul 2007 21:26:59 -0700 (PDT)
Happy Bday HDM Great way to wish Jerome When we can get the shell code to exploit the party ;) ./Rohit -- Through the Firewall,Out the Router,Down the T1,Across the Backbone,Bounced from Satellite ---- Nothing but the Internet ----- Original Message ---- From: Jerome Athias <jerome.athias at free.fr> To: framework at metasploit.com Sent: Thursday, July 26, 2007 1:37:07 AM Subject: [framework] Metasploit Framework TMT 2007 hdDay exploit *** JA Security Advisory *** JA Advisory: JA20070810 (Pre-release) v1.0 Revision $4444$ *** Title: Metasploit Framework Team Birthday Beerflow Vulnerability *** Critical: Extremely Critical (drinking bout) Impact: Ton of alcohol Where: From everywhere (and especially from Texas) Solution Status: None available Product affected: The Metasploit Team (TMT) version 2007 Vendor: The Metasploit Team CVE reference: None yet Disclosure timeline: 20070725: Full Disclosure 200708??: Full technical details will be released Vendor contacted: NO (it's full disclosure with black evil in mind ;) Description: A vulnerability has been discovered in The Metasploit Team (TMT), which can be exploited by malicious people to compromise a vulnerable team member. The vulnerability is caused due to the improper call to the Birthday() method in the HDM module of the TMT, which allows loading of arbitrary happy birthdays. This can be exploited to e.g. execute arbitrary pay-me-a-beer when an user visits a malicious bar. It could also lead to BBP (Big Birthday Party) & rock'n roll all night long with infinite tekila loop... The vulnerability affects the following product: * The Metasploit Team (TMT) version 2007, HDM package Solution: We are not aware of any solution yet. The vendor recommends to send your gifts by air mail to avoid mega drunk crashes. *Provided and/or discovered by*: Discovered by Jerome Athias and reported via MSF Labs' security mailing-list. *Original Advisory*: JA: (this mail) *Extended Solution*: The "Extended Solution" section is available for HDM's friends only. Request a trial and get access to the HD's Friends Area and Extended HD's brownies. More information should be provided next week... /JA ____________________________________________________________________________________ Luggage? GPS? Comic books? Check out fitting gifts for grads at Yahoo! Search http://search.yahoo.com/search?fr=oni_on_mail&p=graduation+gifts&cs=bz
Current thread:
- Metasploit Framework TMT 2007 hdDay exploit, (continued)
- Metasploit Framework TMT 2007 hdDay exploit gz1x (Jul 26)
- Metasploit Framework TMT 2007 hdDay exploit str0ke (Jul 26)
- Metasploit Framework TMT 2007 hdDay exploit H D Moore (Jul 26)
- Metasploit Framework TMT 2007 hdDay exploit Alexander Sotirov (Jul 26)
- Metasploit Framework TMT 2007 hdDay exploit gz1x (Jul 26)
- Metasploit Framework TMT 2007 hdDay exploit Pranay Kanwar (Jul 26)
- Metasploit Framework TMT 2007 hdDay exploit angelic solutions (Jul 26)
- Metasploit Framework TMT 2007 hdDay exploit Abhijeet Hatekar (Jul 26)
- Metasploit Framework TMT 2007 hdDay exploit ыфзкфт (Jul 26)
- Metasploit Framework TMT 2007 hdDay exploit kellicot at umich.edu (Jul 26)
- Metasploit Framework TMT 2007 hdDay exploit Marco Crippa (Jul 26)
- Metasploit Framework TMT 2007 hdDay exploit angelic solutions (Jul 26)