[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: [Full-disclosure] WMF: New Metasploit Framework Module
From: H D Moore <fdlist () digitaloffense ! net>
Date: 2005-12-31 7:35:16
Message-ID: 200512310135.16474.fdlist () digitaloffense ! net
[Download RAW message or body]
We just released a new version of the Metasploit Framework exploit module
for the Escape/SetAbortFunc code execution flaw. This module now pads the
Escape() call with random WMF records. You may want to double check your
IDS signatures -- most of the ones I saw today could be easily bypassed
or will false positive on valid graphic files.
Available via msfupdate, the 2.5 snapshot, or straight from the web site:
http://metasploit.com/projects/Framework/exploits.html#ie_xp_pfv_metafile
-HD
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic