Scott's Weblog The weblog of an IT pro specializing in virtualization, networking, open source, and cloud computing

Available Exploit Code for RRAS Vulnerability

Exploit code that takes advantage of the security flaws patched by Microsoft’s recent MS06-025 security update has been made available (see also this article). The exploit code was made available as part of the Metasploit framework, an open source tool for penetration testing and vulnerability assessment.

Microsoft knocked the security researchers for releasing the exploit code, but H.D. Moore knocked back on his weblog, arguing the “accepted industry practice” of withholding exploit details until the vendor had time to address them.

Also important to note is a comment on that article from the Metasploit weblog, where it’s stated that Windows 2000 is not vulnerable to unauthenticated exploit via the flaws in RRAS, contrary to Microsoft’s security bulletin.

Fortunately, this exploit takes advantage of TCP port 139 and 445, both of which are commonly blocked by perimeter firewalls. While this won’t protect organizations from internal attacks or viral infections, it will lessen the possibility of an Internet-borne attack.

The actual Metasploit framework module is available here.

Be social and share this post!