Threat Level: green Handler on Duty: Kevin Liston

SANS ISC: Multiple 0-Days Reported! - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Multiple 0-Days Reported!

I'm getting really good feedback on our bug hunt.   I've had a couple of people report interesting vulnerabilities to ISC or me directly that they have discovered using the technique outline on the ISC Diary here (https://isc.sans.edu/diary/Help+eliminate+unquoted+path+vulnerabilities/14464).     The vulnerability reported can be used by malware instead of creating registry entries to survive a reboot.   In cases where the program run as a service they can be used for privilege escaltation.

As you are checking your programs, be sure to occationally check for instances of CALC.EXE running invisibly in the background.   Those are sometime the more interesting processes to look at.  :)

Thanks to everyone reporting vulnerabilites.  Be sure to post a comment on the bug hunt diary and read the comments from other people finding the bugs.

Join me in San Antonio Texas November 27th for SANS 504 Hacker Techniques, Exploits and Incident Response!  Register Today!!

Follow me on Twitter @MarkBaggett
Mark Baggett

Mark

81 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!