Security News #0x17
- Last month, Java issued an update for another Java vulnerability, (CVE 2012-1723), this one affecting versions up to and including Java 6 U32 and Java 7 U4. This week Metasploit released a module that exploits this vulnerability.
Apparently this flaw is also being exploited in the BlackHole exploit kit; some technical details are available on the ESET Threat Blog.
- We have already mentioned CVE 2012-1889, a vulnerability in the XML Core Services that can be exploited through Internet Explorer. Exploit code appeared in Metasploit on June 15; on July 10 Microsoft released their patch, MS12-043.
- If you are interested in security, then I cannot over emphasize how important it is to be able to build your own tools. Often you can get away with the standard stuff, but you will run into times when they are inadequate and you have to come up with your own. But, some say, how do I learn how to do this? Let me suggest that you start by taking a look at the ARP Spoofing script from WebstersProdigy. It is a nice, small (85 line!) Python script to do simple ARP Spoofing, and is well worth a look.
- AxtAxt has a nice blog post that describes how he found and could exploit a Java vulnerability (CVE 2011-3545) that relies on a flaw in the underlying native (C) code.
- There are a number of ways to make exploiting a program more difficult, from ASLR, to PIE. If you don’t know what these mean, you may want to stop by 7h3rAm’s blog, where he describes these various Linux exploit mitigation techniques.
- I have been a fan of Splunk, and we use it in our capstone class’ hands-on exercises. One limitation of the free version of Splunk however has been the fact that its authentication methods are almost nonexistent, making the service quite insecure. Well the folks at EyeIS have a nice blog post that shows how you can provide some measure of authentication for the free version of Splunk by using SSH tunnels.