This is an exploit for the chunked encoding buffer overflow described in MS03-051 and originally reported by Brett Moore. This particular modules works against versions of Windows 2000 between SP0 and SP3. Service Pack 4 fixes the issue.

This Metasploit module exploits a stack overflow in the NetApi32 NetpManageIPCConnect function using the Workstation service in Windows 2000 SP4 and Windows XP SP2. In order to exploit this vulnerability, you must specify a the name of a valid Windows DOMAIN. It may be possible to satisfy this condition by using a custom dns and ldap setup, however that method is not covered here. Although Windows XP SP2 is vulnerable, Microsoft reports that Administrator credentials are required to reach the vulnerable code. Windows XP SP1 only requires valid user credentials. Also, testing shows that a machine already joined to a domain is not exploitable.

This is an exploit for the chunked encoding buffer overflow described in MS03-051 and originally reported by Brett Moore. This particular modules works against versions of Windows 2000 between SP0 and SP3. Service Pack 4 fixes the issue.

A vulnerability in the Windows kernel can be triggered via SMB in Microsoft Windows versions ranging from Windows 2000 through to Windows 7. This vulnerability allows an attacker to trigger a kernel pool corruption by sending a specially crafted SMB_COM_TRANSACTION2 request. Successful exploitation of this issue may result in remote code execution with kernel privileges, while failed attempts will result in a denial of service condition.

A vulnerability in Windows DHCP was found on Windows OS versions ranging from Windows 2000 through to Windows server 2003. This vulnerability allows an attacker to remotely overwrite DNS, Gateway, IP Addresses, routing, WINS server, WPAD, and server configuration with no user interaction. Successful exploitation of this issue will result in a remote network configuration overwrite. Microsoft acknowledged the issue but has indicated no plans to publish a patch to resolve it.

Gets the password out of encrypted ZIP files

SUSE/Portus version 2.2 suffers from a persistent cross site scripting vulnerability.

This Metasploit module exploits a stack overflow in the NetApi32 CanonicalizePathName() function using the NetpwPathCanonicalize RPC call in the Server Service. It is likely that other RPC calls could be used to exploit this service. This exploit will result in a denial of service on on Windows XP SP2 or Windows 2003 SP1. A failed exploit attempt will likely result in a complete reboot on Windows 2000 and the termination of all SMB-related services on Windows XP. The default target for this exploit should succeed on Windows NT 4.0, Windows 2000 SP0-SP4+, Windows XP SP0-SP1 and Windows 2003 SP0.

This Metasploit module exploits a stack overflow in the RPCSS service, this vulnerability was originally found by the Last Stage of Delirium research group and has bee widely exploited ever since. This Metasploit module can exploit the English versions of Windows NT 4.0 SP3-6a, Windows 2000, Windows XP, and Windows 2003 all in one request :)

This exploits a buffer overflow in the ISAPI ISM.DLL used to process HTR scripting in IIS 4.0. This Metasploit module works against Windows NT 4 Service Packs 3, 4, and 5. The server will continue to process requests until the payload being executed has exited. If you've set EXITFUNC to 'seh', the server will continue processing requests, but you will have trouble terminating a bind shell. If you set EXITFUNC to thread, the server will crash upon exit of the bind shell. The payload is alpha-numerically encoded without a NOP sled because otherwise the data gets mangled by the filters.

Europe’s concern about its reliance on Russian fossil fuels may spur governments to prioritize alternative energy, the head of Neste Oil Oyj said.

As a businessman exploring investments, I need simple answers, however complicated the problem. I wish to know: Are microgrids economical? How much investment is needed and for what? What are the factors that principally affect profitability, within the system and in the environment? If microgrids are not profitable at the present, when will they be? I recognize that understanding microgrids as a system requires complicated mathematics and modeling. I’m sympathetic to and respect those who do that.

The European Union is seeking to speed up the creation of a common energy market to help its shift to a low-carbon economy and boost security of energy supplies amid a natural-gas dispute between Russia and Ukraine.

Snohomish County Public Utility District announced it is abandoning plans to develop the 600-kW Admiralty Inlet Pilot tidal project in Washington's Puget Sound.

Let's review some notable news headlines from the month of November.

The National Hydropower Association and Ocean Renewable Energy Coalition have announced the formation of the Marine Energy Council, which will offer a new home for marine energies at NHA.

The U.S. Department of Commerce just announced that it will add high tariffs for solar modules imported from China. The Canadian government is also investigating the adoption of similar measures, following recent complaints filed by Ontario-based solar manufacturers. With the solar industry in hypergrowth, it’s not a surprise that these governments are interested in boosting new jobs, protecting their economies, and fostering the solar sector. The problem is that tariffs are a short-sighted approach that actually attack the future of North American solar on its home soil, and likely destroy more jobs than they create.

The Detroit Power Outage brought eight hours of hardship to Detroit on Dec. 2 — hardship that could have been averted with microgrids.

California Governor Jerry Brown proposed spending $59 billion to fix crumbling roads and raising the state’s renewable energy mandate to 50 percent.

Sweden and Norway agreed to boost their target for renewable energy production amid concerns the additional capacity will exacerbate a power glut and strain the region’s electricity grid.

Sen. Troy Fraser (R-Horseshoe Bay) has filed a bill that would eliminate Texas’ Renewable Portfolio Standard (RPS) – a policy that has catapulted Texas to world leadership in wind energy and strengthened Texas’ energy diversity. In addition to terminating the RPS at the end of the year, SB 931would make it more difficult to build renewable energy infrastructure. The argument behind the bill is that because Texas has achieved its RPS goals it’s time to move on. Sounds reasonable, right? Well…

In a lopsided 23-3 vote, the U.S. Senate Finance Committee voted yesterday to extend a number of renewable energy production tax credits through the end of 2016. The vote allows developers of wind, geothermal, biomass, landfill gas, incremental hydroelectric, and ocean energy to take advantage of federal tax credits for projects begun before December 31, 2016.

Chief among big renewable winners was the wind energy industry, which received extensions to the Production Tax Credit (PTC) and the Investment Tax Credit (ITC). If passed, wind farms would qualify for a 2.3-cent-per-kilowatt-hour (kWh) credit through the end of 2016.