Go4Expert - View Single Post - MS10-046 exploit

katakana

Quote:

Originally Posted by Scripting
Yes, I know. It exploits a vulnerability in the handling of Windows Shortcut files (.LNK) that contain an icon resource pointing to a malicious DLL. This module creates a WebDAV service that can be used to run an arbitrary payload when accessed as a UNC path.

so it's allow the hacker to modify the service, am i right?

katakana Newbie Member
10Feb2012,13:35
	Quote: Originally Posted by Scripting Yes, I know. It exploits a vulnerability in the handling of Windows Shortcut files (.LNK) that contain an icon resource pointing to a malicious DLL. This module creates a WebDAV service that can be used to run an arbitrary payload when accessed as a UNC path. so it's allow the hacker to modify the service, am i right?