Category Archives: Vulnerabilities

phpBB2 Retirement Plan Announced

Filed under Vulnerabilities

<%image(20080506-phpbb_logo.png|204|94|phpBB2 goes bye bye)%>

For those of you using phpBB2 (which last I checked was still one of the most popular open source forum software out there), you had better start to think about upgrading to the latest version, phpBB3 “Olympus”.

I have always had a love/hate relationship with phpBB…it has been the most popular target for attackers in the last couple years in terms of forum hacking so as a webmaster you really needed to keep up with phpBB security patches. There were some rather serious vulnerabilities discovered multiple times over the years so I am not sad to see the 2.0 branch bite the dust. It almost reminds me of how WordPress is being targeted because of it’s recent surge in popularity right now. Anyway, it is good to see the phpBB development team taking secure coding much more seriously with the new version 3.0.

Flash, Adobe Reader and Java…Oh My!

Filed under Vulnerabilities

<%image(20080415-exploit_hat.jpg|112|107|Put your exploit hat on!)%>.

Breaking News!

90% of all Windows machines are vulnerable to Adobe Flash vulnerabilities…(not really breaking news by any means for security professionals, right?). But for the average home user I certainly hope it is. You see articles all the time talking about the latest client-side vulnerabilities and usually they are just talking about one specific vulnerability. What about all the other client-side software that users fail to either patch or keep up-to-date. Shall I give you examples besides Adobe Flash? How’s this for starters?

Internet Explorer, Firefox, Opera, Skype, Windows Media Player, Quicktime, Adobe Reader, Java, Microsoft Office…the list goes on and on.

The scary thing is that the “average” user really has no clue on why this software should be updated and patched- even when they are prompted by the application to “Update me now!”. Most users will just click “cancel” and go about their business…and if their business includes checking their email, lets not hope there is a malicious PDF waiting for them in their inbox…or a link taking them to the latest Excel exploit. This is currently the most popular attack vector right now and until either applications get smarter about how they update themselves, programmers learn secure coding practices, and users become security aware, these types of attacks will “keep on coming”. Oh, and don’t forget about 0day vulnerabilities like the ones discovered in the pwn to own contest at CanSecWest.

New Windows TCP/IP Vulnerability (MS08-001)

Filed under Vulnerabilities

Lots of talk on the net recently about the first “critical” vulnerability (MS08-001) released by Microsoft this year. If exploited, this vulnerability can allow an attacker to run arbitrary code on a remote system bypassing personal firewalls and in the case of Vista, the kernel protection mechanisms. Note that one caveat to this is that the attacker has to be on the same subnet as the victim machines.

Microsoft says that “there are a number of factors that make exploitation of this issue difficult and unlikely in real-world conditions”. However, researchers over at Immunity Inc. (these are the guys that make CANVAS, an automated pen testing product) demonstrated how this vulnerability could be exploited via this flash demo. Immunity only has released the exploit to it’s customers of the CANVAS product and admits that the exploit is not 100% reliable…yet. Now that everyone knows that an exploit is “possible”, it’s only a matter of time before someone releases working, reliable exploit code in the wild. Patch now!