In case you didn't catch it on bugtraq or full-disclosure or twitter :), please take a look at the advisory for Windows SMB NTLM Authentication Weak Nonce Vulnerability:
http://www.hexale.org/advisories/OCHOA-2010-0209.txt
It's basically a 14/17-year old vulnerability in the Windows implementation of the NLTM Authentication protocol... goes back to the Windows NT 4 days!
I´ll do a post later commenting on some of, what I think, are the most interesting and important facts said in the advisory that perhaps you didn't catch when reading it or were not clearly described.
Thank you!.
http://www.hexale.org/advisories/OCHOA-2010-0209.txt
It's basically a 14/17-year old vulnerability in the Windows implementation of the NLTM Authentication protocol... goes back to the Windows NT 4 days!
I´ll do a post later commenting on some of, what I think, are the most interesting and important facts said in the advisory that perhaps you didn't catch when reading it or were not clearly described.
Thank you!.