Update the description and references to reflect (hah) MS08-068
git-svn-id: file:///home/svn/framework3/trunk@5890 4d416f70-5f16-0410-b530-b9f4589650daunstable
parent
10266c8e51
commit
435ea807a4
|
@ -53,6 +53,13 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
The SMB authentication relay attack was first reported by Sir Dystic on
|
||||
March 31st, 2001 at @lanta.con in Atlanta, Georgia.
|
||||
|
||||
On November 11th 2008 Microsoft released bulletin MS08-068. This bulletin
|
||||
includes a patch which prevents the relaying of challenge keys back to
|
||||
the host which issued them, preventing this exploit from working in
|
||||
the default configuration. It is still possible to set the SMBHOST
|
||||
parameter to a third-party host that the victim is authorized to access,
|
||||
but the "reflection" attack has been effectively broken.
|
||||
|
||||
},
|
||||
'Author' =>
|
||||
[
|
||||
|
@ -73,6 +80,9 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
},
|
||||
'References' =>
|
||||
[
|
||||
[ 'MSB', 'MS08-068'],
|
||||
[ 'CVE', '2008-4037'],
|
||||
[ 'URL', 'http://blogs.technet.com/swi/archive/2008/11/11/smb-credential-reflection.aspx'],
|
||||
[ 'URL', 'http://en.wikipedia.org/wiki/SMBRelay' ],
|
||||
[ 'URL', 'http://www.microsoft.com/technet/sysinternals/utilities/psexec.mspx' ],
|
||||
[ 'URL', 'http://www.xfocus.net/articles/200305/smbrelay.html' ]
|
||||
|
|
Loading…
Reference in New Issue