Get a Pentest and security assessment of your IT network.

News

MS15-034 Detection: Some Observations

MS15-034 can be exploited with a GET request with a specially crafted Range header. Multiple ranges are allowed, whitespace is allowed and numbers can have leading zeroes. If the rule looks for string -18446744073709551615, then using string – in the attack (extra space character added) will evade detection. If you are using rules that dont detect these cases properly, then attackers can easily evade detection.”]

Source: https://blog.didierstevens.com/2015/04/17/ms15-034-detection-some-observations/

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

Botnet authors use Evernote account as C&C Server

News

Canadian agency breached as hackers exploit CVE-2017-5638 flaw in Apache Struts 2