HackingTheUniverse

You are browsing the archives of vulnerability.

The SMBv2 vulnerability that has been lurking for several weeks now has exploit code available from both Canvas and Metasploit:
Remote exploit released for Windows Vista SMB2 worm hole - [zdnet.com]
[Canvas]
Security researchers at penetration testing firm Immunity have created a reliable remote exploit capable of spawning a worm through an unpatched security hole in Microsoft’s dominant [...]

NIST (National Institute of Standards and Technology) has provided Federal Agencies with all the tools they need to get cyber-security done right. But obviously, it’s not being done right yet at most agencies. Why not?

Failure to understand the threat level - this was certainly once the top problem… maybe not so much anymore with all [...]

This is a chronology of the development of awareness about a new zer0-day vulnerability in MS IIS WebDAV. (so far…)
Microsoft IIS 6.0 WebDAV Remote Authentication Bypass - [seclists.org]
This is the original disclosure/advisory as discovered by “Kingcope” on May 12, 2009.
Vulnerability Details
This vulnerability allows remote attackers to bypass access restrictions on vulnerable installations of Internet Information [...]

Microsoft has announced a patch for fourteen vulnerabilities in PowerPoint that includes one which has been already used by exploit code in the wild (a “zero-day” exploit). MS09-017 is the patch designation.
Microsoft Security Bulletin MS09-017 - Critical - [microsoft.com]
Executive Summary
This security update resolves a publicly disclosed vulnerability and several privately reported vulnerabilities in Microsoft [...]

The following link includes a video that demonstrates how it is possible to launch exploit code with the new PDF vulnerability simply by selecting the file icon, switching to thumbnail view, or just hovering over the file icon. Each of these actions triggers a Windows Explorer shell extension which reads information from the PDF [...]

Network scanning usually begins with discovering ranges of IP addresses and then specific systems within those ranges. Once the live systems have been located, they are scanned for responding ports and an attempt is made to identify the services running on the ports and the versions of the services. Once this map is [...]

Going beyond simply reading a web page and extracting helpful information from it, google can be used to find much more information that can aid an attacker.

Searching for target information - the attacker often begins by doing simple searches and building some kind of knowledge record or map of what they have learned. This [...]

Control Analysis
Likelihood Determination
Impact Analysis
Risk Determination

Defining the security requirements, including risk assessment and security controls. Security planning involves documenting these requirements and preventative controls.
(…more)