8 min
Metasploit
New Metasploit Exploit: Crystal Reports Viewer CVE-2010-2590
In this blog post we would like to share some details about the exploit for
CVE-2010-2590 [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2590],
which we released in the last Metasploit update
[/2012/12/19/weekly-metasploit-update]. This module exploits a heap-based buffer
overflow, discovered by Dmitriy Pletnev, in the
CrystalReports12.CrystalPrintControl.1 ActiveX control included in
PrintControl.dll. This control is shipped with the Crystal Reports Viewer, as
installed by default wi
18 min
New 0day Exploits: Novell File Reporter Vulnerabilities
Today, we present to you several new vulnerabilities discovered in Novell File
Reporter 1.0.2, which "helps organizations more effectively manage network
storage by providing administrators the ability to access comprehensive network
storage information so that they can determine the best means of addressing
their storage content". Following our standard disclosure policy, we notified
both Novell and CERT.
Vulnerabilities Summary
The four vulnerabilities presented have been found in the same co
7 min
Exploits
New 0day Exploit: Novell ZENworks CVE-2012-4933 Vulnerability
Today, we present to you a flashy new vulnerability with a color-matching
exploit straight from our super secret R&D safe house here in Metasploit
Country. Known as CVE-2012-4933
[http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4933], it applies to
Novell ZENworks Asset Management 7.5, which "integrates asset inventory,
software usage, software management and contract management to provide the most
complete software asset management tool available". Following our standard
disclosure polic
5 min
The Stack Cookies Bypass on CVE-2012-0549
In this blog post we would like to share some details about the Oracle AutoVue
exploit for CVE-2012-0549
[http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0549] which we've
recently added to the Metasploit Framework. This module exploits a buffer
overflow flaw, discovered by Brian Gorenc.
The problem arises when you call the SetMarkupMode function from the AutoVue
control (clsid B6FCC215-D303-11D1-BC6C-0000C078797F) with a long sMarkup
parameter. The buffer overflow, even when triggered
4 min
Exploits
My First Week at Metasploit
Hi all. I would like to take a minute to share some of my feelings about my
first week here as a full-time Metasploit exploit developer, and share some
exploit modules.
First of all, I would like to thank everyone on the the Metasploit team for
being so nice to me from the first week, and for helping me with anything I
need. They are definitely going easy on me during my first days! Their support
allowed me to build two exploits for the team during my first week here:
* batic_svg_java exploit