Yet Another Web Attack Toolkit --> Exploit Multipackage 0.2 - PandaLabs
カジノのリンクの様に見えて、Exploitマルチパッケージへのリンクがあったそうです。
かなり高機能なマルチパッケージみたいですね、これ見ると攻撃者が使う脆弱性がよく分かりますね。
Last week we received an email message written in German which advertised a casino called Lux Imperial Casino. However, this message was not just spam but also included a malicious link to a toolkit called Exploit Multipackage.
If you want to know more information about the exploited vulnerabilities and how to update the system in order to avoid them, visit the following websites:
- Microsoft Security Bulletin MS03-011 [Flaw in Microsoft VM Could Enable System Compromise (816093)]
- Microsoft Security Bulletin MS06-014 [Vulnerability in the Microsoft Data Access Components Function Could Allow Code Execution (911562)]
- Microsoft Security Bulletin MS06-044 [Vulnerability in Microsoft Management Console Could Allow Remote Code Execution (917008)]
- Microsoft Security Bulletin MS07-017 [Vulnerabilities in GDI Could Allow Remote Code Execution (925902)]
- Microsoft Security Bulletin MS07-055 [Vulnerability in Kodak Image Viewer Could Allow Remote Code Execution (923810)]
- Yahoo! ActiveX GetFile () [Vulnerability in Yahoo! Messenger (8.1.0.421) CYFT FT60.DLL]
- QuickTime ActiveX [QuickTime <= 7.4.1 QTPlugin.ocx Multiple Remote Stack Overflow]