Home > Uncategorized > Security News #9

Security News #9

  • The big news is the major remote root hole in Samba. POC code was provided to the Samba folks, and there are rumors that a POC has also made it to the wild, though none are known publicly. Worse still, this hole appears to be five years old!
  • Two nice new posts over at the Penetration Testing Lab this week. One on how to disable the firewall and antivirus of a Windows machine after an exploit, and a demo of a simple attack on PostgreSQL.
  • Eric Romang describes what is now currently only a DOS attack against MySQL <5.5.21 or <5.1.61 on his blog.
  • It looks like Backtrack 5R2 is vulnerable to a privilege escalation attack via wicd. Before you get too excited though, be sure to read the Backtrack forum and response.
  • Are you interested in learning how malware is embedded in .pdf files? Take a look at the two part piece by Ryan Merritt.
Categories: Uncategorized
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: