Vulnerability

Direct patch download links for MS10-002 KB978207

by File in: security

Microsoft had released the out of band patch to resolve Internet Explorer vulnerabilities, see KB978207 and MS10-002 for additional details. The patches for IE6, IE7, and IE8 are available on Windows Update and Microsoft Update.  Unfortunately for me, our business proxy blocks access to these sites.  We also have to go through a corporate vulnerability rating process, […]

New Internet Explorer 7 0-day exploit

by File in: security

SANS has reported a Microsoft IE7 0-day expoit that is now in the wild. This vulnerability is not adderssed by the forthcoming December 2008 patch Tuesday releases, or by the MS08-073 patch that was released on 12-09-2008. Analysis shows the current exploit checks for the following conditions: The user has to be running Internet Explorer […]

MS08-067 vulnerability, exploit, and reverse engineering in detail

by File in: security

Since Microsoft released the out of band patch detailed in MS08-067 yesterday, an exploit and worm have already been developed and seen in the wild.  Dave Aitel announced the exploit yesterday in his DailyDave mailing list. SecurityFocus has the exploit available for download here.  Alexander has also published his decompiled version of the vulnerable function.  Stephenl […]

Sun Java Multiple Security Vulnerabilities Rated Highly Critical

by File in: security

Sun has disclosed multiple security vulnerabilities within their Java product, which are summarized here.  The categories of vulnerabilities include: 1) Security Bypass 2) Exposure of system information 3) Exposure of sensitive information 4) DoS 5) System access The following Sun products are affected: Java Web Start 1.x Java Web Start 5.x Java Web Start 6.x […]

VMware Running on Windows Host Security Hole

by File in: security, Windows

If you are running VMware on a Windows host configured with host-to-guest shared folders, it is possible for a program running in the guest to gain access to the host’s complete file system and create or modify executable files in sensitive locations. A vulnerability exists in VMware’s shared folders mechanism that grants users of a […]

Out of the Box, the ASUS Eee PC is Incredibly Insecure

by File in: security

HDM pointed out on the Metasploit blog that the guys from RISE Security rooted an ASUS Eee PC quite easily. They used Metasploit to exploit a Samba vulnerability that was published in July 2007 – almost seven months ago. Why is ASUS shipping new products with vulnerabilities that are serious enough to allow attackers to […]

Major Websense Content Filter Bypass Vulnerability

by File in: firefox

I almost missed this Websense vulnerability, since it was published 12-21-2007, while I was on vacation. I’ve verified it works on one of my client’s networks using Firefox Portable 2.0.0.4, Websense 6.1.1, ISA Server 2004 Standard, and User Agent Switcher 0.6.10. Mr HinkyDink, who discovered the issue used Websense 6.3.1, so I’m sure other Websense […]