Wireless exploits coming to Metasploit 3…

Friday, October 27th, 2006

and the script kiddies rejoiced… It reads as though Metasploit 3 will make it easier than ever for script kiddies everywhere to take full advantage of the local wireless hotspots. Of course, metasploit has it’s good uses by people legitimately testing systems that they are responsible for, for vulnerabilities. But, it does make it very […]

Another WMF exploit??

Monday, August 7th, 2006

Security Focus has a brief that refers to a WMF zero-day vulnerability that affects Windows XP SP2. I suspect this may get a bit of coverage throughout the day. It appears as though there are actually 3 issues cited.    Send article as PDF   

Qemu 0.8.1 (with kqemu 1.3.0pre7)

Tuesday, June 6th, 2006

While I was testing out the “single cut and paste” linux vnc remote desktop sharing script and x11vnc binary…. I spent a fair amount of time booting up livecd’s n qemu to test various distributions/ages of linux setups to see how compatible things were. I had not checked in at the qemu site in quite […]

WordPress trackback problem FINALLY SOLVED….

Saturday, April 8th, 2006

For around 3-4 months now I’ve had a REALLY annoying problem with the wordpress install on this site. Trackbacks suddenly stopped working. Somewhere around my 800th post or so while the WMF vulnerability was circulating (between Christmas and New Years) and I was typing furiously – poof…. suddenly trackbacks stopped going out. (Incoming trackbacks seemed […]

Microsoft was aware of the WMF vulnerability “for years”

Tuesday, January 17th, 2006

Bugtraq has an interesting post which picks up on a note in Stephen Toulouse’s latest entry on the WMF vulnerability. When I first read the post I was more interested in the way he was responding to allegations of the flaw being an intentional backdoor, but the above bugtraq post points out and makes points […]

WMF patch is the first patch for Microsoft Vista

Sunday, January 15th, 2006

It seems the WMF patch that was recently released for Windows 2000 and XP (and 2003) has been ported to Microsoft Windows Vista Beta…. This makes it the first security patch for Vista. eweek has an article on the issue. So, if you’re beta testing Vista, get it updated ASAP. Hopefully though, if you’re beta-testing […]

Another Win98 patch for WMF vulnerability

Sunday, January 15th, 2006

There’s another patch for those Win98 users that are nervous about the WMF vulnerability that was announced at the tail end of the year. This site has made the patched version of gdi32.dll available to any and all. Their patch is open source. They basically say “it works for them…” no warranties. Steve Gibson has […]

MS responds to “intentional backdoor”, WMF claim

Friday, January 13th, 2006

Microsoft is disputing claims by Steve Gibson, that the WMF vulnerability was an intentionally placed backdoor. There is a response to the claims in the Microsoft Security Incident Response blog. Apparently since the SetAbortProc procedure relates to printing, previous versions of Windows ignored the call unless printing was involved. (Why did windows start paying attention […]

WMF vulnerability not an accident? Was it an intentional backdoor?

Friday, January 13th, 2006

I’m not quite sure if I’m willing to attribute to design, what I could attribute to a mistake… but, slashdot has pointed out that Steve Gibson in his latest Security Now! podcast (link is to transcript), is suggesting that it appears as though the WMF vulnerability of recent weeks appears (to him) to have been […]

Codeweavers fixes WMF vulnerability in Crossover Office

Tuesday, January 10th, 2006

There has been a bugfix release to Crossover Office, released by Codeweavers. Crossover Office is an offshoot of the Wine project, which is a windows compatibility suite for Linux, to allow Windows applications to run under modern Linux operating systems. It was found recently that wine suffered from the WMF vulnerability just the same as […]

Google
 
Web www.averyjparker.com