Monday, August 31, 2009

Microsoft IIS 5/6 FTP 0Day released

A new 0-day exploit been released. It is targeting Win2K's Microsoft IIS 5/6 FTP service.

Your server is vulnerable if you are:
  • Running Microsoft IIS 5/6 FTP service on Windows 2000.
  • Allowing anonymous access with WRITE access.
References:

Thursday, August 27, 2009

Crypto Attacks: It’s the implementation stupid

This is a great write up on analyzing the Moxie Marlinspike’s latest sslstrip tool (introduced in BH09). The tool does exploit a vulnerability in most of the current browser that could break SSL connection.

The root cause of this vulnerability is at:
This vulnerability relies on the fact that character strings within X.509 certificates are ASN.1 encoded, but software written in the C programming language typically manipulates character strings as null terminated character arrays. ASN.1 strings are stored using a form of Type-Length-Value (TLV) encoding. C strings are simply terminated by a null byte (\x00).

Enjoy the article here!

Monday, August 24, 2009

Facebook CSRF Attack

This attack has caused personal information leakage. The detail of the attack can be found from:
Here's the anatomy of the attack.