MS10-046 exploit

katakana's Avatar, Join Date: Feb 2012
Newbie Member
hello i'm new, anyone here know about MS10-046 exploit?
0
Scripting's Avatar, Join Date: Jun 2010
John Hoder
Yes, I know. It exploits a vulnerability in the handling of Windows Shortcut files (.LNK) that contain an icon resource pointing to a malicious DLL. This module creates a WebDAV service that can be used to run an arbitrary payload when accessed as a UNC path.
0
katakana's Avatar, Join Date: Feb 2012
Newbie Member
Quote:
Originally Posted by Scripting View Post
Yes, I know. It exploits a vulnerability in the handling of Windows Shortcut files (.LNK) that contain an icon resource pointing to a malicious DLL. This module creates a WebDAV service that can be used to run an arbitrary payload when accessed as a UNC path.
so it's allow the hacker to modify the service, am i right?
0
Scripting's Avatar, Join Date: Jun 2010
John Hoder
Yes, exactly.
0
katakana's Avatar, Join Date: Feb 2012
Newbie Member
how to check or scan this vulnerability and how it's work?
0
Scripting's Avatar, Join Date: Jun 2010
John Hoder
I'm sure you can use Metasploit framework to exploit it. But if you want to get some info about this vulnerability, i'm sure you will find tons on google, try to search.