Re: [Full-disclosure] Microsuck delaying patch for SMB2 on purpose?

[Freddie Vicious]

This vulnerability is still unpatched and the exploit was written by Stephen
Fewer and H D Moore, not by Laurent Gaffie, the original bug finder.

On Wed, Sep 30, 2009 at 6:34 PM, Nick  wrote:

> A new exploit for the _Smb2ValidateProviderCallback() function has been
> released by the same person who created the Denial of Service exploit,
> except this one is able to execute code remotely. It seems that ms is sort
> of delaying the quick fix for this exploit. Whats even sadder is that they
> knew about it when they developed windows 7 but didn't care to patch windows
> vista.  If they dont release a patch soon, viruses will be all over the
> internet...
>
> Exploit code:
> http://packetstormsecurity.org/filedesc/smb2_negotiate_func_index.rb.txt.html
>
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



-- 
Best wishes,
Freddie Vicious
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Microsuck delaying patch for SMB2 on purpose?

[G. D. Fuego]

It sounds like you're talking about the tcp/ip stack flaws rather than  
the smb2 issue.




On Oct 1, 2009, at 9:09 AM, Rohit Patnaik  wrote:

I'm pretty sure that Microsoft has already released a fix for this.   
I know they've patched Vista and Windows 7, and they've decided  
publicly not to backport the fix to Windows XP.


--Rohit Patnaik

On Wed, Sep 30, 2009 at 8:34 PM, Nick  wrote:
A new exploit for the _Smb2ValidateProviderCallback() function has  
been released by the same person who created the Denial of Service  
exploit, except this one is able to execute code remotely. It seems  
that ms is sort of delaying the quick fix for this exploit. Whats  
even sadder is that they knew about it when they developed windows 7  
but didn't care to patch windows vista.  If they dont release a  
patch soon, viruses will be all over the internet...


Exploit code: 
http://packetstormsecurity.org/filedesc/smb2_negotiate_func_index.rb.txt.html



___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Microsuck delaying patch for SMB2 on purpose?

[Chris]

 "it seems"...and "I'm pretty sure"

Is this FD or some fantasyland where everybody can just make up shit?

If you don't KNOW and can't CONFIRM (with links or FACTS) then stfu.

  - Original Message -
  From: "Rohit Patnaik"
  To: Nick
  Cc: full-disclosure@lists.grok.org.uk
  Subject: Re: [Full-disclosure] Microsuck delaying patch for SMB2 on
  purpose?
  Date: Thu, 1 Oct 2009 08:09:22 -0500

  I'm pretty sure that Microsoft has already released a fix for this.
   I know they've patched Vista and Windows 7, and they've decided
  publicly not to backport the fix to Windows XP.
  --Rohit Patnaik

  On Wed, Sep 30, 2009 at 8:34 PM, Nick  wrote:

A new exploit for the _Smb2ValidateProviderCallback() function
has been released by the same person who created the Denial of
Service exploit, except this one is able to execute code
remotely. It seems that ms is sort of delaying the quick fix for
this exploit. Whats even sadder is that they knew about it when
they developed windows 7 but didn't care to patch windows vista. 
If they dont release a patch soon, viruses will be all over the
internet...

Exploit code:

http://packetstormsecurity.org/filedesc/smb2_negotiate_func_index.rb.txt.html



___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



  ___
  Full-Disclosure - We believe in it.
  Charter: http://lists.grok.org.uk/full-disclosure-charter.html
  Hosted and sponsored by Secunia - http://secunia.com/






-- 
___
Surf the Web in a faster, safer and easier way:
Download Opera 9 at http://www.opera.com

Powered by Outblaze
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Microsuck delaying patch for SMB2 on purpose?

[Sub]

windows xp does not support smb2, so there will never be a patch! ;)

Rohit Patnaik schrieb:
> I'm pretty sure that Microsoft has already released a fix for this.  I 
> know they've patched Vista and Windows 7, and they've decided publicly 
> not to backport the fix to Windows XP.
>
> --Rohit Patnaik
>
> On Wed, Sep 30, 2009 at 8:34 PM, Nick  > wrote:
>
> A new exploit for the _Smb2ValidateProviderCallback() function has
> been released by the same person who created the Denial of Service
> exploit, except this one is able to execute code remotely. It
> seems that ms is sort of delaying the quick fix for this exploit.
> Whats even sadder is that they knew about it when they developed
> windows 7 but didn't care to patch windows vista.  If they dont
> release a patch soon, viruses will be all over the internet...
>
> Exploit code:
> 
> http://packetstormsecurity.org/filedesc/smb2_negotiate_func_index.rb.txt.html
>
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
> 
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Microsuck delaying patch for SMB2 on purpose?

[Rohit Patnaik]

I'm pretty sure that Microsoft has already released a fix for this.  I know
they've patched Vista and Windows 7, and they've decided publicly not to
backport the fix to Windows XP.
--Rohit Patnaik

On Wed, Sep 30, 2009 at 8:34 PM, Nick  wrote:

> A new exploit for the _Smb2ValidateProviderCallback() function has been
> released by the same person who created the Denial of Service exploit,
> except this one is able to execute code remotely. It seems that ms is sort
> of delaying the quick fix for this exploit. Whats even sadder is that they
> knew about it when they developed windows 7 but didn't care to patch windows
> vista.  If they dont release a patch soon, viruses will be all over the
> internet...
>
> Exploit code:
> http://packetstormsecurity.org/filedesc/smb2_negotiate_func_index.rb.txt.html
>
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Microsuck delaying patch for SMB2 on purpose?

[Nick]

A new exploit for the _Smb2ValidateProviderCallback() function has been
released by the same person who created the Denial of Service exploit,
except this one is able to execute code remotely. It seems that ms is sort
of delaying the quick fix for this exploit. Whats even sadder is that they
knew about it when they developed windows 7 but didn't care to patch windows
vista.  If they dont release a patch soon, viruses will be all over the
internet...

Exploit code:
http://packetstormsecurity.org/filedesc/smb2_negotiate_func_index.rb.txt.html
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/