Microsoft Out of Band Patch - 28th July 2009
So, today, Microsoft released an out of band patch, two issue, one for Internet Explorer... Microsoft Security Advisory (MS09-034): Microsoft Internet Explorer contains programming errors that may allow a remote attacker to execute code on a vulnerable system. Rules to detect a
Only whitehat journalists need Metasploit to hack oracle
I'm astounded at the number of crazy articles concerning the release of Oracle exploits for PATCHED vulnerabilities. How is it that oracle in particular gets this kind of response, when Metasploit has been doing this with other vendors for years and years? Never mind the fact
Adobe 0-day update
We love adobe. We love the u30. We love 32 bit values that are encoded as somewhere between 1 and 5 bytes. This is certainly a file format which has outlasted it's day in the sun. (56k modems) Here Adobe mentions a CVE. Keep that in mind. Yesterday, they locked a bug you mi
Rule release for today - July 22nd 2009
Adobe Acrobat and Reader Buffer Overflow: Adobe Acrobat and Adobe Reader suffer from a programming error that may allow a remote attacker to execute code on an affected system. The problem occurs during the processing of a flash file embedded in a pdf document. Rules to detect
Don’t read this post
So Lurene is mad at me, me being Matt W. The reason for this is the following conversation. Me: Hey you guys see the US-CERT notice on ISC dhclient overflow? Lurene: Yup, working on coverage right now for release today. Lurene: You do know this vuln is awesome right? Me: How so?
Rule release for today - July 21st 2009
A few new rules and some modifications to improve rule performance in today's release. Apple iTunes Buffer Overflow (CVE-2009-0950): Apple iTunes contains a programming error that may allow a remote attacker to execute code on a vulnerable system. Rules to detect attacks ta
Vulnerability Report July 2009
This is a Beta version of our Vulnerability Report. We haven't done this, or anything like it before and we got it together pretty quickly. We're learning as we go. We would really appreciate some thoughts, tips and suggestions on it.
How do I become a Ninja?
Earlier this week, we posted this blog item: Ask the VRT a question. We had a few people write in and ask us questions about Snort, Snort rules and the other obvious Snort related questions. Then, we got something interesting... mish asks "How do I become a Ninja?" (H
Rule release for today - July 16th 2009
For those of you following our twitter feed, you now know why we were laughing last night... ISC DHCLIENT Buffer Overflow (CVE-2009-0692): The ISC DHCLIENT daemon suffers from a programming error that may allow a remote attacker to capitalize on a stack overflow and execute code