Archive for August, 2009

Microsoft IIS FTP 5.0 Remote SYSTEM Exploit

A remote Microsoft FTP server exploit was released today by Kingcope, and can be found at http://milw0rm.com/exploits/9541, A quick examination of the exploit showed some fancy manipulations in a highly restrictive environment that lead to a”useradd” type payload. The main issue was the relatively small payload size allowed by the…

Read More

BackTrack 4 Pre Final Kernel Update

We have pushed a new kernel to the repository and updated several drivers. The upgrade process is a bit convoluted, but has been streamlined for the future. For now, run these commands from your backtrack box to update to the latest kernel and drivers: apt-get update apt-get install -d linux-image…

Read More

Kernel whoops in BackTrack 4

The latest Linux Kernel ‘sock_sendpage()’ NULL Pointer Dereference Vulnerability did not spare BackTrack 4 either.  We’ve taken this opportunity to upgrade the BackTrack 4 kernel and include the required security patch. The patched kernel source and image can be downloaded here : BackTrack 4 Kernel Image (2.6.30.4) BackTrack 4 Kernel…

Read More