chackraview.net

Very first exploit for the MS12-004 was seen in the wild on last Friday. As soon as the discovery of the exploit attempt was made, researchers were quick to post their analysis on the vulnerability. Metasploit module was also made available to public in its latest revision 14640. In this post I will share a [...]

As ever, the opinions expressed in this website are personal to me and do not necessarily reflect the opinions of my employer. As part of January’s Patch Tuesday, we released 7 patches targeting 8 individual vulnerabilities. Out of these 8 vulnerabilities, I will talk about CVE-2012-0003 – memory corruption vulnerability in Windows Media component that [...]

The newly proposed legislation acts SOPA (Stop Online Piracy Act) and PIPA (Protect Intellectual Property Act) are very much controversial and are potentially bound to damage the freedom of Internet. US department of Justice shut down megaupload.com under the SOPA legislation and alleged copyright infringement. To oppose these acts many sites including Wikipedia, GoDady, took [...]

NullSecurity.net publically released a security advisory on SEH overflow in WorldMail 3.0 IMPAD product. An attacker could exploit this issue to execute arbitrary code in the context of the application. This may facilitate to the compromise of the application and underlying system. Attackers do not need to authenticate to exploit this vulnerability making its threat [...]

Exploit-DB posted a new exploit code for old buffer overflow vulnerability in read/write request packet processing code of TFTP Server version 1.4. I thought it will be a nice rule writing practice to develop IDS detection rule for it. Below Snort rule will be help to detect the exploit attempt for this vulnerability. Snort provides [...]

Just before the end of 2011, new buffer overflow vulnerability was detected in telnetd in FreeBSD 7.3 through 9.0 allowing remote attackers to execute arbitrary code. This vulnerability was tracked under CVE-2011-4862 and exploited in the wild. We all know that telnet sends data in plain text over wire and can be easily eavesdropped. To [...]

Just before we say good bye to 2011, Microsoft released a security bulletin for escalation of privileges vulnerability in .Net Framework. NIST describe the vulnerability as – The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote authenticated users to obtain access [...]

This is a quick post about some of the analysis I did in the start of this week. This is a case of yet another exploit for CVE-2010-0806. I am seeing exploits for this vulnerability floating a lot from past couple of months. As described on mitre.org: “Use-after-free vulnerability in the Peer Objects component (aka [...]

CVE-2007-0024 is quite old and you might think, there would be no more active exploitation of this vulnerability as it was patched long back. I will say, think again. Today, I analyzed live attack while exploiting above vulnerability. Here is the gist of my analysis. Overview of CVE-2007-0024: An Integer overflow in the Vector Markup [...]

In my previous blog post, I talked about FakeAV malware and its new techniques to spread by disguising legitimate software download. In this post I will talk about a very simple technique to clean the FakeAV infection. Before I talk about the infection removal, let me list out all the measures taken by malware to prevent [...]