Skip to content

Author: Nick Babkin

Utilise your Nexpose scanner results to quickly find IIS 6.0 (CVE2017-7269)

According to recent vulnerability bulletins, IIS 6.0 set up on a Windows Server 2003 machine with WebDAV service enabled could be vulnerable to remote code execution.

See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7269

Since that IIS is widely used in the Internet it’s better to check that your services are safe.

New attack vector in CVE2017-5638

Yesterday HP research (Link) posted some interesting stuff regarding a new way to exploit vulnerable Struts2 (CVE2017-5638) by injecting malicious payload into filename of Content-Disposition header. This type of payload can be used to avoid rules deployed to catch payloads in Content-Type header.

Again, mitigation is pretty much the same – just upgrade your Struts. Here’s dirty code to check if any of your domains is vulnerable to this.

Life of security engineer in big and small companies: differences and what you may expect

Should I work for big company or small would be better – that’s number one question not only for many people starting their career in cybersecurity, but for mature and high-skilled professionals as well. I was lucky to have had an experience in both types of companies (my first one had more than 100 000 employees, and now we’re even less than 300), so let me share my view on this.

by Nick Babkin, (c) 2016-2017