Network Security: Detailed info on [Full-disclosure] setSlice exploited in the wild

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Bugtraq

Subject:	[Full-disclosure] setSlice exploited in the wild - massively
Date:	Sat, 30 Sep 2006 04:48:23 -0500 (CDT)

Subject:

[Full-disclosure] setSlice exploited in the wild - massively

Date:

Sat, 30 Sep 2006 04:48:23 -0500 (CDT)

Exploit code is available publicly: http://www.milw0rm.com/exploits/2440 SANS diary: http://isc.sans.org/diary.php?storyid=1742 And this is so massively exploited, it makes VML look cute. There's a rootkit, some other malware, and haxdor! (a phishing trojan horse) Thanks to Roger Thompson at explabs.com for first reporting it. Gadi. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

<Prev in Thread]	Current Thread	[Next in Thread>
[Full-disclosure] setSlice exploited in the wild - massively, Gadi Evron <=

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	Mercury SiteScope 8.2 (8.1.2.0) Cross Site Scripting (XSS) Vulnerability, ozkan . aziz
Next by Date:	[Full-disclosure] YouTube Persistent Messaging XSS Vulnerability, Darren Bounds
Previous by Thread:	Mercury SiteScope 8.2 (8.1.2.0) Cross Site Scripting (XSS) Vulnerability, ozkan . aziz
Next by Thread:	[Full-disclosure] YouTube Persistent Messaging XSS Vulnerability, Darren Bounds
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

Mercury SiteScope 8.2 (8.1.2.0) Cross Site Scripting (XSS) Vulnerability, ozkan . aziz

Next by Date:

[Full-disclosure] YouTube Persistent Messaging XSS Vulnerability, Darren Bounds

Previous by Thread:

Mercury SiteScope 8.2 (8.1.2.0) Cross Site Scripting (XSS) Vulnerability, ozkan . aziz

Next by Thread:

[Full-disclosure] YouTube Persistent Messaging XSS Vulnerability, Darren Bounds

Indexes:

[Date] [Thread] [Top] [All Lists]