lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 1 Nov 2006 15:16:43 -0500
From: "Dude VanWinkle" <dudevanwinkle@...il.com>
To: "H D Moore" <fdlist@...italoffense.net>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Microsoft patches the WMI Object Broker bug

More here:

http://www.eweek.com/article2/0,1759,2048968,00.asp?kc=EWRSS03119TX1K0000594
http://tinyurl.com/w2gcz

An "extremely critical" vulnerability in Microsoft Visual Studio 2005
could put users at risk of remote code execution attacks, the company
confirmed Nov. 1.
ADVERTISEMENT

The Redmond, Wash., software maker issued a security advisory with
pre-patch workarounds and warned that the flaw is already being used
in zero-day attacks.

"We are aware of proof of concept code published publicly and of the
possibility of limited attacks that are attempting to use the reported
vulnerability," Microsoft said in the advisory.


and here: http://www.betanews.com/article/Microsoft_Scrambling_to_Patch_Exploit/1162401603
http://tinyurl.com/y394vx



This morning, Microsoft Security announced it has been alerted to
proof-of-concept code that may already have been referenced in the
creation of a malicious exploit.

Although details about the exploit itself have not yet be revealed,
according to this morning's advisory, the point of weakness is a
Windows library that is shipped with Visual Studio 2005, called
wmiscriptutils.dll. Apparently a call to this library, placed from
within a script executed in some installations of Internet Explorer 7
with default settings, on operating systems other than Windows Server
2003, can trigger possible unguarded remote malicious code execution.



On 11/1/06, H D Moore <fdlist@...italoffense.net> wrote:
> http://www.microsoft.com/technet/security/advisory/927709.mspx
>
> The Metasploit 2 module (ie_createobject)[1] has been exploiting this bug
> since it was released in August. Glad to see they finally noticed.
>
> Thanks to Aviv for noticing / sending me the link.
>
> -HD
>
> 1. http://metasploit.com/projects/Framework/exploits.html#ie_createobject
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists