Threat Level: green Handler on Duty: Pasquale Stirparo

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2005-07-02 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

New IE Exploit PoC; phpBB notes; new book

Published: 2005-07-02
Last Updated: 2005-07-03 22:57:37 UTC
by Jim Clausing (Version: 1)
0 comment(s)

New IE Exploit PoC



On Thursday, Microsoft released a describing a new unpatched vulnerability in javaprxy.dll. FrSIRT also released a bulletin yesterday. Microsoft updated their bulletin last night with some additional workarounds including requiring prompting for all ActiveX controls and/or disabling the javaprxy entirely. For those of you who must continue to use IE as a browser, we highly recommend that you look at these workarounds. This morning the folks at FrSIRT released a proof-of-concept that results in a shell open on a high TCP port, so we expect active exploitation attempts in the very near future.

phpBB notes


In case it wasn't clear in our diaries earlier this week, we are seeing active exploit attempts against the viewtopic vulnerability in phpBB 2.0.15, so if you haven't upgraded to 2.0.16, you need to do so immediately.

New book: Forensics


This isn't really a book review, but I picked up the latest (I believe) book in the Hacking Exposed series, Hacking Exposed Computer Forensics. So far, as with all the others that I've read in the series, it seems very well done with a lot of excellent information. Speaking of forensics, there was an interesting comment made on the forensics mailing list, I'm wondering what others think. Tobin Craig states "Can I suggest that the proliferation of substandard [forensic] examiners is the result of
treating computer forensics as an offshoot of information security?" and "Perhaps it might be
time for the information security arena to stop regarding computer forensics as
a subset of IT investigation, and see it instead as a completely separate
entity." I'm not sure that I entirely agree (nor entirely disagree) with these sentiments, but I'd like to hear from our readers.

Happy Holidays


To our Canadian friends, I hope you had a great holiday yesterday. For our American readers, I hope Monday is a great day for barbecues and fireworks.

Obligatory Tour de France comment: Also, congrats to Lance on an excellent prologue (a strong second place), I doubt that this is where Jan planned to be as the Tour begins. Ah, well. The next 3 weeks should be fun.


-----------------------

Jim Clausing, gro.snas.csi@gnisualcj
Keywords:
0 comment(s)
Diary Archives