Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

RE: PoC for the 2 new WMF vulnerabilities (DoS)
From: "Michael Bringle" <mbringle () pivx com>
Date: Mon, 9 Jan 2006 16:10:34 -0800

        Yes, I just tested and our PreEmpt product also protects against
those since December 7th.  It is quite scary that the MS patches don't
because of how simple this would have been to stop.  Don't they check
the command to be run against the set of valid commands?  Well I guess
that answer to that is no.  Maybe third time is a charm!  BTW thanks for
the PoC links.

Michael Bringle
Director of Engineering
PivX Solutions, Inc.
http://www.pivx.com/HomeOffice/

-----Original Message-----
From: full-disclosure-bounces () lists grok org uk
[mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of Andrey
Bayora
Sent: Monday, January 09, 2006 2:35 PM
To: full-disclosure () lists grok org uk
Subject: [Full-disclosure] PoC for the 2 new WMF vulnerabilities (DoS)

Hello list,

In case, someone interested:

Here is the PoC for the 2 new WMF vulnerabilities discovered by
cocoruder
(http://ruder.cdut.net) and does not covered by MS06-001.

You can download WMF images at:
http://www.securityelf.org/files/WMF-DoS.rar

Regards,
Andrey.



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]