HackingTheUniverse

You are browsing the archives of vulnerability.

NIST 800-40 “Creating a Patch and Vulnerability Management Program” describes the functions and processes that a patch and vulnerability management program should cover in order to maintain effective security. Importance of patch management As operating systems, applications and utility tools continue to manifest exploitable flaws, rapid application of security patches becomes critical to security. Attackers [...]

The SMBv2 vulnerability that has been lurking for several weeks now has exploit code available from both Canvas and Metasploit: Remote exploit released for Windows Vista SMB2 worm hole – [zdnet.com] [Canvas] Security researchers at penetration testing firm Immunity have created a reliable remote exploit capable of spawning a worm through an unpatched security hole [...]

NIST (National Institute of Standards and Technology) has provided Federal Agencies with all the tools they need to get cyber-security done right. But obviously, it’s not being done right yet at most agencies. Why not? Failure to understand the threat level – this was certainly once the top problem… maybe not so much anymore with [...]

This is a chronology of the development of awareness about a new zer0-day vulnerability in MS IIS WebDAV. (so far…) Microsoft IIS 6.0 WebDAV Remote Authentication Bypass – [seclists.org] This is the original disclosure/advisory as discovered by “Kingcope” on May 12, 2009. Vulnerability Details This vulnerability allows remote attackers to bypass access restrictions on vulnerable [...]

Microsoft has announced a patch for fourteen vulnerabilities in PowerPoint that includes one which has been already used by exploit code in the wild (a “zero-day” exploit). MS09-017 is the patch designation. Microsoft Security Bulletin MS09-017 – Critical – [microsoft.com] Executive Summary This security update resolves a publicly disclosed vulnerability and several privately reported vulnerabilities [...]

This blog entry at Tenable by Paul Asadoorian describes how to most efficiently use both nmap and nessus together without duplicating effort. Using Nmap Results With Nessus Batch Scanning – [tenablesecurity.com] Conclusion If you have previously scanned your network with Nmap and saved the results in grepable Nmap output, you can save the step of [...]

The following link includes a video that demonstrates how it is possible to launch exploit code with the new PDF vulnerability simply by selecting the file icon, switching to thumbnail view, or just hovering over the file icon. Each of these actions triggers a Windows Explorer shell extension which reads information from the PDF file, [...]

Network scanning usually begins with discovering ranges of IP addresses and then specific systems within those ranges. Once the live systems have been located, they are scanned for responding ports and an attempt is made to identify the services running on the ports and the versions of the services. Once this map is filled in, [...]

Going beyond simply reading a web page and extracting helpful information from it, google can be used to find much more information that can aid an attacker. Searching for target information – the attacker often begins by doing simple searches and building some kind of knowledge record or map of what they have learned. This [...]

Control Analysis
Likelihood Determination
Impact Analysis
Risk Determination