Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Incidents
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: WMF Vulnerability Summary

from [Paul Laudanski] Network Security [Permanent Link]
Subject: Re: WMF Vulnerability Summary
Date: Fri, 6 Jan 2006 00:54:44 -0500 (EST) 
On Tue, 3 Jan 2006, Paul Asadoorian wrote:

I would imagine that most, like myself, are busy trying to make sense  
of the WMF vulnerability, perform risk assessments, and recommend  
appropriate actions for your organization.  I have attempted to  
summarize the WMF information that is flooding security sites all over:

http://www.pauldotcom.com/2006/01/wmf_vulnerability_exploits_jus.html


Excellent summary.  For those that need more details in an FAQ setting, 
here is the link:

http://castlecops.com/a6445-WMF_Exploit_FAQ.html

It covers both alternative workarounds and the MS official patch.  In 
total 40 questions and answers that were assembled in the forum setup for 
Ilfak's hotfix:

http://castlecops.com/f212-Hexblog.html

-- 
Paul Laudanski, Microsoft MVP Windows-Security
[cal] http://events.castlecops.com
[de] http://de.castlecops.com
[en] http://castlecops.com
[wiki] http://wiki.castlecops.com
[family] http://cuddlesnkisses.com
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  WMF Vulnerability Summary, Paul Asadoorian
Next by Date:  Defacing Groups using PHP Include Attacks as Vector, bugtraq
Previous by Thread:  WMF Vulnerability Summary, Paul Asadoorian
Next by Thread:  Defacing Groups using PHP Include Attacks as Vector, bugtraq
Indexes:  [Date] [Thread] [Top] [All Lists]