Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2010-11-15 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Mozilla Firefox 3.6.12 Remote Denial Of Service

Published: 2010-11-15
Last Updated: 2010-11-15 15:02:05 UTC
by Stephen Hall (Version: 1)
6 comment(s)

Thanks to our reader Seb for the heads up about a remote denial of service vulnerability within Firefox 3.6.12.

There are a number of sites showing the exploit code which has been developed by Italian members of the BackTrack project.

I'll not publish the code here as its easily found with your favourite search engine, but below is a screen shot showing the impact of the code on a fully patched Mac OSX 10.6.5 system.

 

Firefox Crash image 

 

Diary updated after contact with Emanuele Gentili. 

Keywords: firefox
6 comment(s)

Minibis hits beta with Version 2.1

Published: 2010-11-15
Last Updated: 2010-11-15 09:46:29 UTC
by Stephen Hall (Version: 1)
0 comment(s)

Christian Wojner over at CERT.at has announced that their automated malware analysis environment has been updated.

Version 2.1 is now available in beta form, and he commented that:

"Lots of cool new features, maximum customization, and easy and free to use.
You can even script the sample-execution itself now - that means no more
boundaries regarding sample-types. Scripts for .exe, .dll, .swf, .pdf,
.js as well as for visiting URLs are already on-board."

Futher details over at CERT.at

Keywords: minibis
0 comment(s)
Diary Archives