5 min
Metasploit
Pentesting in the Real World: Going Bananas with MongoDB
This is the 4th in a series of blog topics by penetration testers, for
penetration testers, highlighting some of the advanced pentesting techniques
they'll be teaching in our new Network Assault and Application Assault
certifications, opening for registration this week. For more information, check
out the training page at
www.rapid7.com/services/training-certification/penetration-testing-training.jsp
[http://www.rapid7.com/services/training-certification/penetration-testing-training.jsp]
Prefa
7 min
Exploitable vulnerabilities #1 (MS08-067)
Description
In November of 2003 Microsoft standardized its patch release cycle. By releasing
its patches on the second Tuesday of every month Microsoft hoped to address
issues that were the result of patches being release in a non uniform fashion.
This effort has become known as Patch-Tuesday. From the implementation of
Patch-Tuesday (November, 2003) until December, 2008 Microsoft released a total
of 10 patches that were not release on a Patch-Tuesday also known as
“out-of-band” patches. The 10t