search menu icon-carat-right cmu-wordmark

CERT/CC Blog

Vulnerability Insights

Latest Posts

Plain Text Email in Outlook Express

Plain Text Email in Outlook Express

• CERT/CC Blog
Will Dormann

Reading email messages in plain text seems like a reasonable thing to do to improve the security of your email client. Plain text takes less processing than HTML, which should help minimize your attack surface, right? As it turns out, Outlook Express (and its derivatives) is doing more than you think when it is configured with the "Read all messages in plain text" option enabled....

Read More
Managing IPv6 - Part 2

Managing IPv6 - Part 2

• CERT/CC Blog
Ryan Giobbi

Past entries have addressed both securing and disabling IPv6. This entry describes ways that administrators can secure their networks and generate test cases to test those settings....

Read More
Managing IPv6 - Part 1

Managing IPv6 - Part 1

• CERT/CC Blog
Ryan Giobbi

This entry is the first in a series about securely configuring the IPv6 protocol on selected operating systems. Although this entry focuses on how to disable IPv6, we are not recommending that everyone immediately disable IPv6. However, if critical parts of your infrastructure (firewall, IDS, etc.) do not yet fully support the IPv6 protocol, consider disabling IPv6 until those components can be upgraded....

Read More
Internet Explorer Kill-Bits

Internet Explorer Kill-Bits

• CERT/CC Blog
Will Dormann

The Kill-Bit (or "killbit") is a Microsoft Windows registry value that prevents an ActiveX control from being used by Internet Explorer. More information is available in Microsoft KB article 240797. If a vulnerability is discovered in an ActiveX control or COM object, a common mitigation is to set the killbit for the control, which will cause Internet Explorer to block use of the control. Or will it?...

Read More
Mitigating Slowloris

Mitigating Slowloris

• CERT/CC Blog
Ryan Giobbi

Slowloris is a denial-of-service (DoS) tool that targets web servers. We have some suggestions about mitigation techniques and workarounds to protect your server. However, use caution if you implement any of these suggestions because they will likely have some unintended side effects....

Read More
Vulnerabilities and Attack Surface

Vulnerabilities and Attack Surface

• CERT/CC Blog
Will Dormann

Two recent US-CERT Vulnerability Notes describe similar issues in the Adobe Reader and Foxit Reader PDF viewing applications. The vulnerabilities, that both applications failed to properly handle JPEG2000 (JPX) data streams, were discovered as part of our Vulnerability Discovery initiative. The two vulnerability notes are quite similar, except for one aspect: attack surface....

Read More
Release of Dranzer ActiveX Fuzzing Tool

Release of Dranzer ActiveX Fuzzing Tool

• CERT/CC Blog
Will Dormann

Hi, it's Will. As previously mentioned, we have been investigating and discovering ActiveX vulnerabilities over the past few years. Today we released the Dranzer tool that we have developed to test ActiveX controls. We've been using the Dranzer ActiveX fuzz testing tool for over three years, and we've found a large number of vulnerabilities with it. I've tagged a few of the US-CERT Vulnerability notes with the "Dranzer" keyword to show the sort of vulnerabilities...

Read More
Bypassing Firewalls with IPv6 Tunnels

Bypassing Firewalls with IPv6 Tunnels

• CERT/CC Blog
Ryan Giobbi

Hello, it's Ryan. We've talked about IPv6 in blog entries and vulnerability notes before. But instead of focusing on IPv6 vulnerabilities, this blog entry will show how functional IPv6 tunneling protocols can be used to bypass IPv4-only firewalls and ACLs. If you'd like a demonstration, watch this video that we created....

Read More