Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Citrix Vulnerability

Published: 2007-01-25
Last Updated: 2007-01-26 20:02:45 UTC
by Pedro Bueno (Version: 1)
0 comment(s)
This is for Citrix users: Time to Patch!
Another vulnerability was disclosed that affects the Citrix presentation plataform.
This one, discovered by the ZeroDayInitiative is a buffer overflow vulnerability and received the CVE ID of CVE-2007-0444 (not much info there) and affects the Citrix Presentation  Server 4.0, Metaframe XP 1.0 and  Metaframe Presentation  Server 3.0.
If sucessfuly exploited, an attacker will be able to run code as System.
Exploit for this vulnerability is available, so I really recommend the usual test and patch procedure!
Citrix has information about this vulnerability and the proper measures to take.

Update:

Here you can find more info regarding this CVE number.
Keywords:
0 comment(s)

Malware Analysis Quiz 7 - results

Published: 2007-01-25
Last Updated: 2007-01-26 14:02:27 UTC
by Pedro Bueno (Version: 1)
0 comment(s)
Today I just posted the results of my latests quiz, the Malware Analysis Quiz 7. The quizes are available here . The latest quiz and results are available here . This one was related to the Themida packer (of course that they didnt know that before:) ) already discussed in our diaries. Even for those that do not follow the quizes, I recommend some reading to learn with those that sucessfuly finished this one!
Keywords:
0 comment(s)
Diary Archives