New Windows Kernel Issue (MoKB)
Good morning/evening everyone.
Earlier today, we became aware of a new vulnerability that does not appear to have a workaround available. On the outset, it does look like a Denial of Service style bug, but leaves room for remote execution possibilities. From our take on it, the code must be run locally on the computer. So depending on the delivery mechanism for the exploiting code, you may have a very nice attack. We are investigating this flaw further and hope to report something further such as workarounds, or ways to help mitigate this issue.
source: http://projects.info-pull.com/mokb/MOKB-06-11-2006.html
Earlier today, we became aware of a new vulnerability that does not appear to have a workaround available. On the outset, it does look like a Denial of Service style bug, but leaves room for remote execution possibilities. From our take on it, the code must be run locally on the computer. So depending on the delivery mechanism for the exploiting code, you may have a very nice attack. We are investigating this flaw further and hope to report something further such as workarounds, or ways to help mitigate this issue.
source: http://projects.info-pull.com/mokb/MOKB-06-11-2006.html
Keywords:
0 comment(s)
Internet Explorer XML Vulnerability
Microsoft released a knowledge base article about a newly reported vulnerability in XMLHTTP 4.0 ActiveX Control. This Active-X control is required to interact with specific web sites using XML queries. We are not aware of any widely used applications of this technology. While it is similar to Ajax in scope, it does not look like it is required to use Ajax.
In line with Microsofts advisory, we recommend setting the respective kill bit to disable execution of this ActiveX control:
In line with Microsofts advisory, we recommend setting the respective kill bit to disable execution of this ActiveX control:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\(we had a mention of a possible PoC from the Month-of-Kernel-bugs project. but it looks like these are two distinct issues)
{88d969c5-f192-11d4-a65f-0040963251e5}]
"Compatibility Flags"=dword:00000400
Keywords:
0 comment(s)
sinFP-2.04 release
Well, it has been a pretty slow weekend at the ol' Storm Center. As someone who is always on the lookout for new and interesting tools, I did see an announcement of a tool that I am unfamiliar with, but plan to check out because it looks kind of interesting. It is called sinFP. It is an OS fingerprinting tool in Perl and version 2.04 was just released. The papers about it are in French (which I don't read), but the web page claims that it overcomes some limitations in nmap's OS fingerprinting. It also claims to be able to do OS fingerprinting of IPv6 traffic. If any of our readers have any experience with the tool, I'd like to hear from you. Also, if you know of any other interesting tools, please drop us a note at the contact page.
----------------------------------
Jim Clausing, jclausing --at-- isc dot sans dot org
----------------------------------
Jim Clausing, jclausing --at-- isc dot sans dot org
Keywords:
0 comment(s)
×
Diary Archives
Comments