Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog - More 'sploit code released InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

More 'sploit code released

Published: 2006-09-21
Last Updated: 2006-09-21 20:53:26 UTC
by Chris Carboni (Version: 3)
0 comment(s)
Juha-Matti sent a note telling us that exploit code for the Internet Explorer VML Remote Buffer Overflow vulnerability Swa reported on in Tuesday's diary has been released on one of the usual sites.

The site contains a modified version of the code that was originally released on Tuesday that has now been tested on:
  • Windows XP SP1 + IE6 SP1
  • Windows XP SP0 + IE6
  • Windows 2000 SP4 + IE6 SP1
  • Windows 2000 SP4 + IE6

He also mentions that exploit code for the Windows Kernel Privilege Escalation vilnerability fixed by MS06-049
has been been released.

This code is said to have been tested on:
  • Windows 2000 PRO SP4 Chinese
  • Windows 2000 PRO SP4 Rollup 1 Chinese
  • Windows 2000 PRO SP4 English
  • Windows 2000 PRO SP4 Rollup 1 English
Joel:  Snort's VRT team published rules today that catches the new VML vulnerabilities.  At this time, in tune with the VRT license, they are subscription only.  They will be public in 5 days.  Read the news release: here.

0 comment(s)
Diary Archives