{"id":244,"date":"2007-05-09T21:24:48","date_gmt":"2007-05-10T01:24:48","guid":{"rendered":"http:\/\/blogs.law.harvard.edu\/zeroday\/2007\/05\/09\/great-reading-list-on-web-exploits\/"},"modified":"2007-05-09T21:24:48","modified_gmt":"2007-05-10T01:24:48","slug":"great-reading-list-on-web-exploits","status":"publish","type":"post","link":"https:\/\/archive.blogs.harvard.edu\/zeroday\/2007\/05\/09\/great-reading-list-on-web-exploits\/","title":{"rendered":"Great Reading List on Web Exploits"},"content":{"rendered":"<p>I was reading up on inet-lux and found a <a href=\"http:\/\/translate.google.com\/translate?hl=en&amp;sl=ru&amp;u=http:\/\/forum.pro-hack.ru\/index.php%3Fact%3DPrint%26client%3Dprinter%26f%3D15%26t%3D1636&amp;sa=X&amp;oi=translate&amp;resnum=3&amp;ct=result&amp;prev=\/search%3Fq%3Dinet-lux%26hl%3Den%26lr%3D%26sa%3DG\">great blog post<\/a> in spanish which provides a must read references list.  I ended up here reading about a java based botnet tool I found while researching appeals today.  I hope to have more on that later but have not had time to decompile it.  Anyone want to donate an IDA Pro license?<\/p>\n<p>[1]:<br \/>Microsoft Security Bulletin MS06-014<br \/>Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution (911562)<br \/>http:\/\/www.microsoft.com\/technet\/security\/bulletin\/ms06-014.mspx<\/p>\n<p>Microsoft Security Bulletin MS03-011<br \/>Flaw in Microsoft VM Could Enable Compromise System (816093)<br \/>http:\/\/www.microsoft.com\/technet\/security\/bulletin\/ms03-011.mspx<\/p>\n<p>Microsoft Internet Explorer Javascript Window () Vulnerability:<br \/>Microsoft Security Bulletin MS05-054<br \/>Cumulative Security for Update Internet Explorer (905915)<br \/>http:\/\/www.microsoft.com\/technet\/security\/bulletin\/ms05-054.mspx<\/p>\n<p>Microsoft Security Bulletin MS06-006<br \/>Vulnerability in Windows Average Player Plug-in with Non-Microsoft Internet<br \/>Browsers Could Allow Remote Code Execution (911564)<br \/>http:\/\/www.microsoft.com\/technet\/security\/bulletin\/ms06-006.mspx<\/p>\n<p>Mozilla Foundation Security Advisory 2005-50<br \/>Exploitable crash in InstallVersion.com pareTo (Firefox, Mozilla Suite)<br \/>http:\/\/www.mozilla.org\/security\/announce\/2005\/mfsa2005-50.html<\/p>\n<p>Microsoft Security Advisory (917077)<br \/>Vulnerability in the way HTML Objects Handle Unexpected Method Calls Could Allow Remote Code Execution<br \/>http:\/\/www.microsoft.com\/technet\/security\/advisory\/917077.mspx<\/p>\n<p>Microsoft Security Bulletin MS06-006<br \/>Vulnerability in Windows Average Player Plug-in with Non-Microsoft Internet Browsers Could Allow Remote Code Execution (911564)<br \/>http:\/\/www.microsoft.com\/technet\/security\/Bulletin\/MS06-006.mspx<\/p>\n<p>IE ms-its: and mk: @MSITStore: vulnerability:<br \/>Microsoft Security Bulletin MS04-013<br \/>Cumulative Security for Update Outlook Express (837009)<br \/>http:\/\/www.microsoft.com\/technet\/security\/bulletin\/ms04-013.mspx<\/p>\n<p>&#8211; [2]:<br \/>http:\/\/www.enciclopediavirus.com\/virus\/vervirus.php?id=3456<\/p>\n<p>Source: http:\/\/www.rzw.com.ar<br \/>___<\/p>\n","protected":false},"excerpt":{"rendered":"<p>I was reading up on inet-lux and found a great blog post in spanish which provides a must read references list. I ended up here reading about a java based botnet tool I found while researching appeals today. I hope to have more on that later but have not had time to decompile it. Anyone [&hellip;]<\/p>\n","protected":false},"author":214,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[394,275],"tags":[],"class_list":["post-244","post","type-post","status-publish","format-standard","hentry","category-spyware","category-vulnerabilities"],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/archive.blogs.harvard.edu\/zeroday\/wp-json\/wp\/v2\/posts\/244","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/archive.blogs.harvard.edu\/zeroday\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/archive.blogs.harvard.edu\/zeroday\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/zeroday\/wp-json\/wp\/v2\/users\/214"}],"replies":[{"embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/zeroday\/wp-json\/wp\/v2\/comments?post=244"}],"version-history":[{"count":0,"href":"https:\/\/archive.blogs.harvard.edu\/zeroday\/wp-json\/wp\/v2\/posts\/244\/revisions"}],"wp:attachment":[{"href":"https:\/\/archive.blogs.harvard.edu\/zeroday\/wp-json\/wp\/v2\/media?parent=244"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/zeroday\/wp-json\/wp\/v2\/categories?post=244"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/zeroday\/wp-json\/wp\/v2\/tags?post=244"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}