Category:BO Analysis

From SecurityForest



Description: This little documentary chronicles the last moments of another beautiful moth, stuck somewhere between the two live electrical cords of security and freedom. In particular, this is my look at how to exploit the latest Microsoft RPCSS bug.
Author: Dave Aitel
Download: msrpcheap.pdf (http://www.securityforest.com/downloads/educationtree/msrpcheap.pdf),msrpcheap2.pdf (http://www.securityforest.com/downloads/educationtree/msrpcheap2.pdf)
Rated: Image:0stars.gif
Description: In this paper, we will examine the root vulnerability in RealNetworks’ servers, which include: Helix Universal Server 9, RealSystem Server version 8, version 7 and RealServer G2. When this exploit is used against one of the vulnerable versions of RealNetworks’ Servers, it will provide a root shell listening on port 31337. Dave Aitel of Immunitysec is the one who found the bug and posted the vulnerability into various bulletin boards. Johnny Cyberpunk of THC (The Hackers Choice) is the one who has released the exploit code to the public.
Author: Michael H. Lastor
Download: REALSERVER_EXPLOIT_ANALYSIS.PDF (http://www.securityforest.com/downloads/educationtree/REALSERVER_EXPLOIT_ANALYSIS.PDF)
Rated: Image:0stars.gif
Description: PCT is referred to variously within Security Bulletin MS04-011 as the “Private Communications Transport”or “Private Communication Technology”protocol. For the purposes of this paper I selected this vulnerability and a corresponding exploit to examine in detail. We will take a look at both what makes this vulnerability a classic opportunity for exploitation and how its unique characteristics provide an insight into some basic security principles. I take the approach of an individual seeking to take advantage of this “opportunity”, and then look at two different scenarios of organizations dealing with an incident caused by an attack on the PCT vulnerability.
Author: David Schulhoff
Download: SSL_PCT_EXPLOITATION_ANALYSIS.PDF (http://www.securityforest.com/downloads/educationtree/SSL_PCT_EXPLOITATION_ANALYSIS.PDF)
Rated: Image:0stars.gif

Articles in category "BO Analysis"

There are 0 articles in this category.
Retrieved from "http://www.securityforest.com/wiki/index.php/Category:BO_Analysis"
Advertisement