The following exploit code will simulate the MS08-067 vulnerability and cause the Server service to fail on vulnerable Windows systems.

-

Make your website safer. Use external penetration testing service. First report ready in one hour!

When it comes to uncertain economic times, organizations should double-check their internal policies and procedures, security experts say.

Patch applies to Windows 2000, Windows XP and Windows Server 2003 systems.

Alcatel-Lucent expands capabilities of its OmniAccess 3500 Nonstop Laptop Guardian product.

Sun Microsystems, Oracle and Novell each will release a new security tool to address identity and access management issues.

The U.S. Secret Service and U.S. Marshals Service have joined a consortium of academic institutions and corporate entities to combat identity theft and other identity management problems.

IT security firm McAfee Inc. has launched a comprehensive anti-cybercrime initiative that includes a response unit to assist victims of crime and grants for nonprofits that address cybercrime.

Malware disguised as social networking tops new list of emerging security threats.

GCN Lab Review: ZoneAlarm ForceField uses virtualization technology to keep your PC safe from malicious code and other monsters that lurk on the Web.

Number of records exposed in breaches at state and local agencies outstripped those reported at federal agencies in the first three-quarters of 2008.

SP 800-68 Revision 1 offers guidance in securing Windows XP Professional systems running Service Pack 2 or 3.

It's possible toexecute code without authentication with RPC request UUID 4b324fc8-1670-01d3-1278-5a47bf6ee188 to browser service via SERVER (LanmanServer) service, TCP/139, TCP/445. Reccomendation is to disable browser service. Applications: Windows 2000 Server, Windows 2000 Professional, Windows XP, Windows 2003 Server, Windows Vista, Windows 2008 Server (24.10.2008)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. CNCat: crossite scripting via description field. Applications: Smarty 2.6, CNCat 4.1, MySQL Quick Admin (24.10.2008)

Resources exhaustion on IAX request parsing. (24.10.2008)

Calling window.print() function in loop causes browser to hang. Uncontrollable memory allocation. Script can close window without user approval. Applications: Windows 2000 Server, Windows 2000 Professional, Windows XP, Windows 2003 Server, Windows Vista, Windows 2008 Server, Firefox 3.0, Chrome 0.2, Opera 9.52 (24.10.2008)

qioadmin utility allows local files read access. Applications: Veritas Storage Foundation 5.0 (23.10.2008)

Windows NT domain authentication bypass, IPv6 DoS, DoS because of memory leak in crypto accelerator Applications: PIX 7.0, PIX 7.1, PIX 7.2, PIX 8.0, PIX 8.1 (23.10.2008)

Memory corruptions, information hijack, crossite scripting. Applications: Windows 2000 Server, Windows 2000 Professional, Windows XP, Windows 2003 Server, Windows Vista, Windows 2008 Server (21.10.2008)

MS08-067 PoC (by stephen lawler)

Exploits Asterisk 1.4,1.6 et. al. Resource Exhaustion