Home > Uncategorized > Security News #0x30

Security News #0x30

  • If you want to see a more detailed analysis of CVE 2012-4792, the most recent Internet Explorer vulnerability (and who wouldn’t?), check out the analysis of exodusintel. Microsoft has issued a fix-it for the vulnerability, and it is expected that the underlying problem will be patched on January 8. Don’t let the fix-it lull you into a false sense of security though; the folks at exodusintel say that they can bypass the fix-it and still exploit the vulnerability, an this has been added to the existing Metasploit module. The EMET looks to protect against this exploit; we also mention the analysis of Adam Swanger.
  • There is a vulnerability in Ruby on Rails (CVE 2012-5664) that allows for SQL injection at the language level, at least in some specialized circumstances. The original announcement of the problem is from Aaron Patterson, and news got picked up by Threatpost. The situation though is somewhat complex though; this is a vulnerability in certain dynamic finder methods. The folks at Phusion have a nice analysis of what is an is not vulnerable.
  • TurkTrust, a Turkish CA apparently accidentally released fraudulent certificates for Google websites. These certificates are being revoked.
  • The folks at Penetration Testing Lab have a nice piece on post-exploitation techniques on a Linux system in Metasploit.
  • I had not seen this method of avoiding UAC calls before; it is definitely something I need to try! In a nutshell, create the task you want to run, export it to XML, modify the logon type to S4U, and then export it back as a task.
Categories: Uncategorized
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: