[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bad news on RPC DCOM vulnerability

To: bugtraq@securityfocus.com
Subject: Re: Bad news on RPC DCOM vulnerability
From: K-OTiK Security <Special-Alerts@k-otik.com>
Date: 10 Oct 2003 21:51:22 -0000

In-Reply-To: <1155962754.20031010184852@SECURITY.NNOV.RU>


as confirmed by 3APA3A and security labs, it seems that the public exploit 
*works* even if the patch MS03-039 is *installed*

This is a highly critical vulnerability - users MUST block vulnerable ports !

Regards.

K-OTik Staff /\\/ http://wwww.k-otik.com



>From: 3APA3A <3APA3A@SECURITY.NNOV.RU>
>
>Dear bugtraq@securityfocus.com,
>
>There are few bad news on RPC DCOM vulnerability:
>
>1.  Universal  exploit  for  MS03-039  exists in-the-wild, PINK FLOYD is
>again actual.
>2.  It  was  reported  by exploit author (and confirmed), Windows XP SP1
>with  all  security  fixes  installed still vulnerable to variant of the
>same bug. Windows 2000/2003 was not tested. For a while only DoS exploit
>exists,  but  code execution is probably possible. Technical details are
>sent to Microsoft, waiting for confirmation.
>
>Dear  ISPs.  Please  instruct  you customers to use personal fireWALL in
>Windows XP.

Prev by Date: TRACKtheCLICK Script Injection Vulnerabilities
Next by Date: *ADDENDUM* New AIM Expliot/Worm/Adware-script (realphx.com related)
Previous by thread: RE: Bad news on RPC DCOM vulnerability
Next by thread: Re: Bad news on RPC DCOM vulnerability
Index(es):
- Date
- Thread