Since exploit code has already been posted to Full-Disclosure, we are going to
release an advisory with more technical details about the vulnerability. Enjoy:
http://www.determina.com/security.research/vulnerabilities/ani-header.html
Alex
signature.asc
Description: OpenPGP digital signature
hackers blitz into Tk-Maxx - unfortunate...
http://news.bbc.co.uk/1/hi/business/6508983.stm
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Things will only get worse!
On 3/30/07, James Rankin [EMAIL PROTECTED] wrote:
hackers blitz into Tk-Maxx - unfortunate...
http://news.bbc.co.uk/1/hi/business/6508983.stm
___
Full-Disclosure - We believe in it.
Charter:
Jan Wrobel wrote:
I don't know if this rule detects all possible exploits or just one
particular type. Here is a Firekeeper version of the rule, which can
be used to detect sites hosting malicious files:
alert (msg:BLEEDING-EDGE CURRENT EVENTS MS ANI exploit; body_content:|54
53 49 4C 03
-disclosure@lists.grok.org.uk; bugtraq@securityfocus.com
Subject: Re: [Full-disclosure] 0-day ANI vulnerability in Microsoft
Windows(CVE-2007-0038)
Jan Wrobel wrote:
I don't know if this rule detects all possible exploits or just one
particular type. Here is a Firekeeper version of the rule, which can
On Thu, 29 Mar 2007, Alexander Sotirov wrote:
Today Microsoft released a security advisory about a vulnerability in the
Animated Cursor processing code in Windows:
http://www.microsoft.com/technet/security/advisory/935423.mspx
It seems like the vulnerability is already exploited in the
Today Microsoft released a security advisory about a vulnerability in the
Animated Cursor processing code in Windows:
http://www.microsoft.com/technet/security/advisory/935423.mspx
It seems like the vulnerability is already exploited in the wild: