Windows SMB2 'SRV2.SYS' Remote Denial of Service Exploit (and screen shots on Windows 2008 SP2)

There’s a simple exploit code on SMB2 protocol (implemented in the newer OSes of Microsoft) that can easily remote BSDO a Windows server or client. SRV2.SYS fails to handle malformed SMB headers for the NEGOTIATE PROTOCOL REQUEST functionality. The NEGOTIATE PROTOCOL REQUEST is the first … “Windows SMB2 'SRV2.SYS' Remote Denial of Service Exploit (and screen shots on Windows 2008 SP2)”

Read More

MSN and MS-Agent exploits

There are two rated high vulnerabilities exist in Microsoft software that’s publicly disclosed and have the patches released! One of them affecting Windows OS is explained in http://www.microsoft.com/technet/security/bulletin/ms07-051.mspx for MS Agent vulnerability which pretty much affects those using Windows 2000 with SP4 (most likely a … “MSN and MS-Agent exploits”

Read More

URGENT! – Serious security flaws with all Microsoft Exchange versions

In a recent ISA Server 2006 Level 400 class, we discussed a vulnerability on Exchange server that could lead to remote code execution. The particular remote attack is listed in CVE http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0213 and rated high in it’s severity. If you have customers or run Exchange … “URGENT! – Serious security flaws with all Microsoft Exchange versions”

Read More

W32.Rinbot – Exploitation of Windows DNS and other vulnerabilities

It comes as no surprise that the exploitation of the MS DNS issue is out and around. According to Symantec, this particular worm executes several vulenrability checks (much like a security scanner) and exploits those that are vulnerable. In short, the process is completely automated … “W32.Rinbot – Exploitation of Windows DNS and other vulnerabilities”

Read More

Vista updates

Yesterday (Apr 10, 2007), Microsoft released 4 to 5 updates for Vista. I downloaded and patched the CSRSS manually and got 4 updates on WindowsUpdate program. Also, there’s a couple of high criticality vulnerabilities on Windows and anyone running Windows should immediately run Windows update. … “Vista updates”

Read More

iPod virus?

Kaspersky recently detected a potential program/virus dubbed Podloso that could be used and infect a linux based iPod’s executables with the extension .elf. Right now, i guess there’s no “real” virus *yet* that could spread automatically and do bad stuff to your cute-lil-ipod. The best … “iPod virus?”

Read More