chackraview.net

Very first exploit for the MS12-004 was seen in the wild on last Friday. As soon as the discovery of the exploit attempt was made, researchers were quick to post their analysis on the vulnerability. Metasploit module was also made available to public in its latest revision 14640. In this post I will share a [...]

As ever, the opinions expressed in this website are personal to me and do not necessarily reflect the opinions of my employer. As part of January’s Patch Tuesday, we released 7 patches targeting 8 individual vulnerabilities. Out of these 8 vulnerabilities, I will talk about CVE-2012-0003 – memory corruption vulnerability in Windows Media component that [...]

NullSecurity.net publically released a security advisory on SEH overflow in WorldMail 3.0 IMPAD product. An attacker could exploit this issue to execute arbitrary code in the context of the application. This may facilitate to the compromise of the application and underlying system. Attackers do not need to authenticate to exploit this vulnerability making its threat [...]

Just before the end of 2011, new buffer overflow vulnerability was detected in telnetd in FreeBSD 7.3 through 9.0 allowing remote attackers to execute arbitrary code. This vulnerability was tracked under CVE-2011-4862 and exploited in the wild. We all know that telnet sends data in plain text over wire and can be easily eavesdropped. To [...]

On 16th July, 2010 a researchers found out a new shortcut to Pawn Remote System in an unusual way. They crafted a way to exploit windows shortcut files, commonly referred as .lnk file in order to gain unauthorized access to remote computer. Users need not even click the shortcut file, if s/he views it in [...]