Malware City/Blog/

Sep
18
Filed Under:
MISCELLANEOUS

SMB Vuln Headaches Continue

18 September 2009
Exploit Code for Unpatched Windows Flaw Released A security company which releases for-pay vulnerability info, Immunity Inc, has published a nice video showing just how easy it is to get a shell on a vulnerable host using their freshly-published exploit.

To rephrase that: there is a remote exploit against the SMB flaw we covered last week. While the exploit code is not in the wild per se, the capability to exploit this flaw can be obtained in exchange for a moderate amount of money. Reverse-engineering the clever trick used to transform the DoS attack into a full compromise is probably as simple as watching the SMB packets flow.

It's therefore highly probable that this exploit will start being used in the wild in the following days.






By Razvan Stoica
Razvan Stoica is a journalist turned teacher turned publicist and technology evangelist. When BitDefender isn't paying him to bring complex subjects to wide audiences, he enjoys writing fiction, skiing and biking.

Related

11-09-2009 | BitDefender's approach to cloud technology

07-08-2009 | Twitter™, Facebook® attacks

08-07-2009 | What’s new in the Conficker (Downadup) world?

10-06-2009 | Whopper Tuesday

Comments:

Headaches said on Mar-17-2011 05:15

Thanks for this blog.I enjoyed reading it.Thanks.Keep on posting.

Comment on this

Name:

Email:

Website:

Your email adress will not be published.