Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

Yay for Windows 2000!

From: dave <dave () immunityinc com>
Date: Wed, 10 Jun 2009 16:39:36 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

It's fun to watch Kostya's exploit own it via MS09-022 (Spooler). This
month there were lots of great vulnerabilities disclosed, but obviously
spooler was an interesting one and got done first over here. I'm not
sure what the "metric" for GREAT is, but even a remote bug in Windows
2000 counts if it's neat enough. Underflow+Overflow+OBO = fun? I guess
GREAT is anything you can do before the SMS server can distribute
patches. :>

It'd be interesting as well to find out any products affected by that
MSRPC NDR marshalling bug. There's got to be some out there. unmidl.py
should be scriptable to find them too...

Also this blog is great, so read up!
http://seanhn.wordpress.com/

- -dave
'[0x57][0x61][0x6e][0x74][0x20][0x74][0x6f][0x20][0x77][0x6f]
[0x72][0x6b][0x20][0x77][0x69][0x74][0x68][0x20][0x73][0x6f]
[0x6d][0x65][0x20][0x70][0x65][0x65][0x72][0x73][0x3f][0x20]
[0x6a][0x6f][0x62][0x73][0x40][0x69][0x6d][0x6d][0x75][0x6e]
[0x69][0x74][0x79][0x69][0x6e][0x63][0x2e][0x63][0x6f][0x6d]'
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkowGggACgkQtehAhL0gheooMwCeNK4WAvbyFiF2z8lVxijE6mWk
WyUAn3zpTEtvjWWHvmPsHH3dQSzOfS/c
=XBHi
-----END PGP SIGNATURE-----
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
Previous By Date Next
Previous By Thread Next

Current thread: