I’ve recently had some time on my hands (knee injury), so I decided to implement a couple of Metasploit modules. This first module allows remote attackers to execute arbitrary code by exploiting the Snort service via crafted SMB traffic. The vulnerability is due to a boundary error within the DCE/RPC preprocessor when reassembling SMB Write… Read more »
Posts Tagged: vulnerability
Hey corporations: Provide a easy way to disclose vulnerabilities to you!
Lately I’ve seen several cases where people openly discuss discovered web vulnerabilities in big corporations’ web sites, and often disclosing technical details because the person that discovered didn’t find or didn’t bother looking hard enough for a phone number or email address to the relevant security response team. Even though some of the cases above are… Read more »