http://praetorianprefect.com Information security, a little slower...a little deeper Fri, 16 Mar 2012 05:46:23 +0000 en hourly 1 http://wordpress.org/?v=3.3.1 http://praetorianprefect.com/archives/2010/03/iepeers-a-new-internet-explorer-zero-day-vulnerability/ http://praetorianprefect.com/archives/2010/03/iepeers-a-new-internet-explorer-zero-day-vulnerability/#comments Wed, 10 Mar 2010 23:01:30 +0000 Prefect http://praetorianprefect.com/?p=3511 Microsoft's recent blog post for new security advisory 981374 referencing a new zero day vulnerability in Internet Explorer versions 6 and 7. New details have emerged since, and the exploit has moved from being what was described as part of "limited targeted attacks" to being widely accessible and available as a new module for the Metasploit framework.]]> http://praetorianprefect.com/archives/2010/03/iepeers-a-new-internet-explorer-zero-day-vulnerability/feed/ 8 http://praetorianprefect.com/archives/2010/03/press-f1-for-help-pwned/ http://praetorianprefect.com/archives/2010/03/press-f1-for-help-pwned/#comments Tue, 02 Mar 2010 17:39:54 +0000 MJP http://praetorianprefect.com/?p=3444 http://praetorianprefect.com/archives/2010/03/press-f1-for-help-pwned/feed/ 3 http://praetorianprefect.com/archives/2010/01/the-aurora-ie-exploit-in-action/ http://praetorianprefect.com/archives/2010/01/the-aurora-ie-exploit-in-action/#comments Sat, 16 Jan 2010 00:42:41 +0000 Prefect http://praetorianprefect.com/?p=3065 big news hit earlier this week, the attack vector that allowed bad actors presumably from China into the networks of Google, Juniper, Adobe, and some 30 other firms was an Internet Explorer zero day, a use after free vulnerability on an invalid pointer reference affecting IE 6, 7, and 8 but only used in IE 6 according to Microsoft.]]> http://praetorianprefect.com/archives/2010/01/the-aurora-ie-exploit-in-action/feed/ 76 http://praetorianprefect.com/archives/2010/01/windows-smb-crash-video/ http://praetorianprefect.com/archives/2010/01/windows-smb-crash-video/#comments Thu, 14 Jan 2010 05:27:07 +0000 Prefect http://praetorianprefect.com/?p=2997 on November 11th, 2009 we confirmed Laurent Gaffié's remote exploit for Windows that causes a kernel crash. The operating system actually freezes creating a denial of service when for example a user is tricked into clicking on a link to a malicious SMB share on a web page. The SMB client goes into an infinite loop when processing this malformed request according to Microsoft. The video below demonstrates this effect, having a user click a web site link and showing the crash.]]> http://praetorianprefect.com/archives/2010/01/windows-smb-crash-video/feed/ 7 http://praetorianprefect.com/archives/2010/01/juniper-kernel-crash-scapy-code/ http://praetorianprefect.com/archives/2010/01/juniper-kernel-crash-scapy-code/#comments Sun, 10 Jan 2010 21:45:30 +0000 Jeremy Rossi http://praetorianprefect.com/?p=2962 exploit code has been published elsewhere, there is little reason not to answer this question.]]> http://praetorianprefect.com/archives/2010/01/juniper-kernel-crash-scapy-code/feed/ 0 http://praetorianprefect.com/archives/2010/01/junos-juniper-kernel-crash-video/ http://praetorianprefect.com/archives/2010/01/junos-juniper-kernel-crash-video/#comments Fri, 08 Jan 2010 01:28:52 +0000 Prefect http://praetorianprefect.com/?p=2863 our post yesterday detailing the information in Juniper bulletin PSN-2010-01-623 and our thoughts on its somewhat understated effect. Since our post yesterday, the bulletin has been updated, becoming more specific about the versions affected (basically excluding JUNOS version 10.x and versions no longer supported by Juniper). We have tested all 256 permutations of the Options field in the TCP header, and reproduced the kernel crash, which is demonstrated in the video below.]]> http://praetorianprefect.com/archives/2010/01/junos-juniper-kernel-crash-video/feed/ 20 http://praetorianprefect.com/archives/2010/01/junos-juniper-flaw-exposes-core-routers-to-kernal-crash/ http://praetorianprefect.com/archives/2010/01/junos-juniper-flaw-exposes-core-routers-to-kernal-crash/#comments Wed, 06 Jan 2010 22:23:17 +0000 Prefect http://praetorianprefect.com/?p=2812 http://praetorianprefect.com/archives/2010/01/junos-juniper-flaw-exposes-core-routers-to-kernal-crash/feed/ 20 http://praetorianprefect.com/archives/2009/11/how-to-crash-windows-7-and-server-2008/ http://praetorianprefect.com/archives/2009/11/how-to-crash-windows-7-and-server-2008/#comments Wed, 11 Nov 2009 21:16:28 +0000 MJP http://praetorianprefect.com/archives/2009/11/how-to-crash-windows-7-and-server-2008/ his blog, demonstrating a much too easy way to remotely crash a Windows 7 or Windows Server 2008 machine. The crash is caused by sending a NetBIOS header which specifies that the SMB packet is 4 bytes smaller or larger than it actually is. In this code sample below, you can see that the header has the length of the packet set to 9a rather than 9e (4 bytes smaller).]]> http://praetorianprefect.com/archives/2009/11/how-to-crash-windows-7-and-server-2008/feed/ 25