as you wish, you'll never feel secure

Well, this will show you how the buffer overflow exploitation works against Easy Music Player.

The art of Exploitation from D0uBle ZerO Zer0 on Vimeo.

Powered by ScribeFire.

from The Register:

Linux developers have issued a critical update for the open-source OS after researchers uncovered a vulnerability in its kernel that puts most versions built in the past eight years at risk of complete takeover.

The bug involves the way kernel-level routines such as sock_sendpage react when they are left unimplemented. Instead of linking to a corresponding placeholder, (for example, sock_no_accept), the function pointer is left uninitialized. Sock_sendpage doesn’t always validate the pointer before dereferencing it, leaving the OS open to local privilege escalation that can completely compromise the underlying machine.

From all sorts of vulnerabilities of the Linux operating system, this is the most severe. Unfortunately, the details of the bug has been announced before the vendors patching their systems. The hacker can easily penetrate the system access that the previous user privileges to be root privileges. Fortunately, this vulnerabilities occurred in the local operating system, not remotely. We still can say “fortunately”

Update and Patch your system with the distro’s way.

Produk Microsoft Windows memiliki kelemahan terbaru yang dapat dieksploitasi dalam hitungan detik. Kelemahan itu terdapat pada service Server atau biasa kita kenal dengan service File and Printer Sharing untuk berbagi pakai direktori atau printer dengan sesama dalam jaringan LAN.

Cukup tragis memang, setelah sekian lama tidak ada kabar kelemahan dari service tersebut, kali ini kelemahan yang ditemukan cukup untuk membangunkan para pembuat worm yang telah lama tertidur. Dan bahayanya lagi, program tester untuk meng-eksploitasi kelemahan ini telah beredar di internet (milw0rm, metasploit, packetstorm).

Antivirus Anda siap-siap teriak-teriak karenanya

Update Windows Anda segera !