Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: MS SMB zero-day? SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
MS SMB zero-day?
Quite a few people have written in to give us a heads-up on ,
which references an email on the DailyDave list:

At this time, it is unclear what, if anything, is the issue.
This may be as simple as the GREENAPPLE tool, which exploited
the vulnerability found in MS05-011, being released in next
month's CANVAS update. Or, this may be a new variant of the
same. Or, this might be something entirely different.
Or, this may be nothing at all.

Personally, I don't think there's anything to this other than
what the message on DailyDave says: "Sinan Eren wrote a
working version of GREENAPPLE,
a remote kernel overflow in SMB
for Windows 2000. It's available now to Immunity
Partners, but
it will be in the June Immunity CANVAS release, which

will be interesting."


21 Posts
May 25th 2006

Sign Up for Free or Log In to start participating in the conversation!