Vulnerability contest - Find the oldest bug!

Hello,

Time for a digital lynch. Enjoy an article/rant about the recent bout of very old vulnerabilities being found in operating systems and how they impact our computer usage. Not. As always, don't take my tirades too seriously.

http://www.dedoimedo.com/computers/vulnerability-contest.html


Cheers,
Mrk

 

not fair, you had fun writing it why can't some of us have fun taking it seriously
wise proviso nevertheless

 

Interesting to think about, Mrk. How about a sub-category in your contest?:

Old bugs (patched) still used in current exploits

----
rich

 

Old bugs, desktop or server? I guess desktop.
That could work too.
Mrk

 

OK, for old bugs patched, yet still used in current exploits, I nominate this from 2006 against IE6:

Microsoft Security Bulletin MS06-014
Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution
http://www.microsoft.com/technet/security/bulletin/ms06-014.mspx

It's a very simple VBS script, where file (2.exe) is downloaded and renamed to svchost.exe:

​

The code creates a path to svchost.exe and attempts to execute it. Here, security in place intercepts the download of 2.exe so that svchost.exe cannot execute, and an error message appears:

​

In 2008 when the MBR rootkit, Mebroot, resurfaced, f-secure listed MS06-014 at the top of the list of exploits containing mebroot:

MBR Rootkit, A New Breed of Malware
http://www.f-secure.com/weblog/archives/00001393.html

A search of the current malware domain lists and blade-defender.org's list of exploits shows that almost all of the exploit packs contain this vulnerability, such as:

Fragus exploit pack
Liberty Exploit Kit
Siberia Exploit Pack
Elenore Exploit Pack

Why do cybercriminals continue to use an old vulnerability long since patched?

Why indeed, if it continues to be one of the most successful money-making vulnerabilities, knowing that the majority of users don't patch, nor have security in place to stop such nonsense!

Until IE6 is replaced world-wide, I suspect this vulnerability will continue to appear in exploits.


----
rich

 

Nonsense indeed ... Now, how does a five-year-old exploit scale up to a 17 year old vulnerability? What's the weighting factor?
Mrk

 

I presume one of these is the 17 year old bug/vulnerability you refer to ? I think i found another

Microsoft Abandons an Old Windows Bug

http://www.pcworld.com/article/184515/microsoft_abandons_an_old_windows_bug.html


Ancient Windows flaw found after 17 years

http://www.theinquirer.net/inquirer/news/1587918/ancient-windows-flaw


And what about this, i guess it might count too ?


Administrator Access is the highest...right? WRONG!

http://www.theeldergeek.com/forum/index.php?showtopic=21594


Quote Mrkvonic

Does that include this ?

You can't talk to our Rmus like that

3.4 - 1

You didn't say any bugs etc had to be older that 17 years

 

Well, I asked if there could be a sub-category of "patched vulnerabilities that are still used in exploits," and I assumed from your answer, Yes; hence, my entry.

The "weighting factor" is that here is a old vulnerability that is still being exploited. Vulnerabilities -- a dime a dozen-- are never very interesting to me unless they become used in exploits!


----
rich

 

Nonsense agreement was to Rmus' nonsense statement about how simple it is to block these kinds of things, no disrespect was meant. Anyhow, yes, my contest rules were a bit vague
Mrk

 

Yes, we've agreed over the years how easy it is to block these things! Also, in many cases, your dictum applies,

"You have to try hard to get infected!"

----
rich

 

The best analogy I have is computer infection = STD infection. Really no need to have one
Mrk