Microsoft IIS 5/6 FTP 0Day released

A new 0-day exploit been released. It is targeting Win2K's Microsoft IIS 5/6 FTP service.

Your server is vulnerable if you are:

• Running Microsoft IIS 5/6 FTP service on Windows 2000.
• Allowing anonymous access with WRITE access.

References:

• SANS: Microsoft IIS 5/6 FTP 0Day released.
• Exploit at Milw0rm.

Crypto Attacks: It’s the implementation stupid

This is a great write up on analyzing the Moxie Marlinspike’s latest sslstrip tool (introduced in BH09). The tool does exploit a vulnerability in most of the current browser that could break SSL connection.

The root cause of this vulnerability is at:

This vulnerability relies on the fact that character strings within X.509 certificates are ASN.1 encoded, but software written in the C programming language typically manipulates character strings as null terminated character arrays. ASN.1 strings are stored using a form of Type-Length-Value (TLV) encoding. C strings are simply terminated by a null byte (\x00).

Enjoy the article here!

Facebook CSRF Attack

This attack has caused personal information leakage. The detail of the attack can be found from:

• Facebook personal info leak
• Facebook CSRF attack - Full Disclosure

Here's the anatomy of the attack.