The worm-type exploitation has started. More information at
http://www.f-secure.com/weblog/archives/1526.html
The worm component has reportdly detection name Exploit.Win32.MS08-067.g and
the kernel component Rootkit.Win32.KernelBot.dg, in turn.
Symantec uses Worm category too and the name
Hello Fionnbharr,
Please see my response to your comments in-line.
On Fri, Oct 31, 2008 at 8:31 AM, Fionnbharr [EMAIL PROTECTED] wrote:
This isn't new. It isn't even a technique.
http://www.bluecoat.com/support/securityadvisories/icap_patience
A very recent example of this kind of
#
# Author: Beenu Arora
#
# Home : www.BeenuArora.com
#
# Email : [EMAIL PROTECTED]
#
# Share the c0de!
#
#
# Title: DriveCMS Article.php Sql
Kaspersky detect the new wave as
Exploit.Win32.MS08-067.g
and Microsoft as
Exploit:Win32/MS08067.gen!A
Sophos uses name Mal/Generic-A.
One of the reported file size is 16,384 bytes:
http://www.threatexpert.com/report.aspx?uid=919a973d-9fe1-4196-b202-731ebaaffa5d
Windows RPC vulnerability
Hi Fionnbharr,
Well, that's fair enough. tbh, I couldn't find older examples, but
this is one of the points of sending a post to the lists: other people
can review it and give feedback. I just sometimes wished people were
more constructive on FD.
Regarding the paper, well, it can be useful for
Sure, this attack vector has been 'discovered' by lots of people in
the past, or even concurrently, thats my point. It doesn't merit a
whole paper on it. Not to mention you're getting on the FUD/Kaminsky
bandwagon when GNUtards release a statement like 'New technique to
universally hijack
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
===
Bitsec Security Advisory: UW/Panda IMAP [dt]mail buffer overflow2008-11-03
===
iDefense Security Advisory 10.09.08
http://labs.idefense.com/intelligence/vulnerabilities/
Oct 09, 2008
I. BACKGROUND
The Common UNIX Printing System, more commonly referred to as CUPS,
provides a standard printer interface for various Unix based operating
systems. texttops is a part of CUPS
iDefense Security Advisory 10.09.08
http://labs.idefense.com/intelligence/vulnerabilities/
Oct 09, 2008
I. BACKGROUND
The Common UNIX Printing System, more commonly referred to as CUPS,
provides a standard printer interface for various Unix based operating
systems. imagetops is a part of CUPS