[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Online Binary Planting Exposure Test

To: full-disclosure@xxxxxxxxxxxxxxxxx, lists@xxxxxxxx
Subject: Re: [Full-disclosure] Online Binary Planting Exposure Test
From: coderman <coderman@xxxxxxxxx>
Date: Wed, 1 Sep 2010 08:19:35 -0700

On Wed, Sep 1, 2010 at 4:20 AM, ACROS Lists <lists@xxxxxxxx> wrote:
>...
> Note that this test is NOT meant to answer whether you're vulnerable (at this 
> point
> where so many binary planting vulnerabilities exist out there you certainly 
> are
> vulnerable if you're on a Windows system). Rather, the test is meant to 
> determine
> whether your computer or network can be attacked from the Internet (using any 
> one of
> the known or unknown binary planting bugs).
>
> You should also know that any network-based countermeasure (such as blocking 
> SMB and
> WebDAV at the perimeter) will stop protecting you when you connect your 
> computer to
> another network, such as a hotel-provided or public wireless network. Running 
> the
> test in various setups you're using might therefore be a good idea.

zero configuration networking services on local wireless, wired
networks are a great resource among this class; you'll need a local
view to probe unless you add an endpoint local java scanner applet to
that page. ... </druthers>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] Online Binary Planting Exposure Test
  - From: ACROS Lists

Prev by Date: Re: [Full-disclosure] LDAP NULL Bind being picked up, making non PCI compliant
Next by Date: [Full-disclosure] [ MDVSA-2010:168 ] openssl
Previous by thread: Re: [Full-disclosure] Online Binary Planting Exposure Test
Next by thread: [Full-disclosure] [SecurityArchitect-008]: Xterm Local Buffer Overflow Vulnerability
Index(es):
- Date
- Thread