-
October 29th, 2006, 08:41 AM
#1
MS 0Day shows up on milw0rm
Hey Hey,
A new MS exploit showed up on milw0rm yesterday — http://www.milw0rm.com/exploits/2672 (Code is written in Python and quite easy to follow)…
Microsoft Windows NAT Helper Components (ipnathlp.dll) 0day Remote DoS Exploit
The exploit requires Internet Connection Sharing to be enabled and requires that the attacker be on the shared interface (from what I’ve seen in my playing thus far).
Malicious Person — Computer with ICS — Internet
I ran Windows Updates on an XP SP2 machine immediately prior to testing this… so it *SHOULD* have been fully up-to-date
I've got additional details (and will be adding more in the morning when I've had a chance to do some more serious debugging) available at http://www.computerdefense.org/?p=149
Peace,
HT
[Edit]
I've also submitted this to both SANS ISC and MSRC to ensure they're aware of it
[/Edit]
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|