Penetration Testing mailing list archives
RE: New article on SecurityFocus
From: "Phillips Williams" <Phillips.Williams () PBGC GOV>
Date: Thu, 5 Jan 2006 10:44:24 -0500
ISS has released an XPU 2425, that they recommend to apply to your servers. MS will respond to the threat with a patch on January the 10th. There is a released fix "not officially approved" for this issue. Symantec is working to send a .DAT by the time MS approved and test its patch. I've test some tagging fixes but nothing that a rename payload of the WMF file can bypass, still trying to isolate the GDI32.dll so that way the vector doesn't exploit vulnerabilities... Anybody else did some more testing on this? Thanks. Bill - -----Original Message----- From: Erin Carroll [mailto:amoeba () amoebazone com] Sent: Wednesday, January 04, 2006 8:50 PM To: pen-test () securityfocus com Subject: New article on SecurityFocus A new article on SecurityFocus regarding the recent WMF exploit. I've personally played with the metasploit package for this but haven't had time to check out the updated signatures for various vendors (F-Secure, ISS, Trend, etc). Out of curiousity has anyone done any testing against the new signatures to determine if they are code specific or if tricks like tagging %0%0 in the payload bypasses them? Zero-day holiday by Kelly Martin 2006-01-04 A few hundred million Windows XP machines lay vulnerable on the Web today, a week after a zero-day exploit was discovered. Meanwhile, new approaches and ideas from the academic world - that focus exclusively on children - may give us hope for the future after all. http://www.securityfocus.com/columnists/377 -- Erin Carroll "Do Not Taunt Happy-Fun Ball" -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.371 / Virus Database: 267.14.12/220 - Release Date: 1/3/2006 ------------------------------------------------------------------------ ------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 ------------------------------------------------------------------------ ------- ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- New article on SecurityFocus Erin Carroll (Jan 04)
- Re: New article on SecurityFocus H D Moore (Jan 04)
- Re: New article on SecurityFocus Alexander Sotirov (Jan 07)
- Re: New article on SecurityFocus Thor (Hammer of God) (Jan 05)
- <Possible follow-ups>
- RE: New article on SecurityFocus Phillips Williams (Jan 05)
- RE: New article on SecurityFocus (.WMF Vuln) Corey Watts-Jones (Jan 06)
- Re: New article on SecurityFocus Thor (Hammer of God) (Jan 07)
- RE: New article on SecurityFocus Navroz Shariff (Jan 06)
- RE: New article on SecurityFocus Brady McClenon (Jan 06)
- RE: New article on SecurityFocus Larry Seltzer (Jan 06)
- RE: New article on SecurityFocus Erin Carroll (Jan 06)
- Re: New article on SecurityFocus Socrates (Jan 07)
- RE: New article on SecurityFocus Murad Talukdar (Jan 09)
- RE: New article on SecurityFocus Murad Talukdar (Jan 09)
- RE: New article on SecurityFocus Larry Seltzer (Jan 06)
- RE: New article on SecurityFocus Brady McClenon (Jan 06)
(Thread continues...)
- Re: New article on SecurityFocus H D Moore (Jan 04)