[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] ISS Security Brief: "MS Blast" MSRPC DCOM WormPropagation (fwd)

To: full-disclosure@lists.netsys.com
Subject: RE: [Full-Disclosure] ISS Security Brief: "MS Blast" MSRPC DCOM WormPropagation (fwd)
From: Nick FitzGerald <nick@virus-l.demon.co.uk>
Date: Wed, 13 Aug 2003 20:36:14 +1200

"Dennis Heaton" <dennish@comcast.net> wrote:

> On the car radio today I heard that the Maryland Dept. of Motor Vehicles was
> shutdown completely as well as numerous other state and federal agencies in
> the USA.

Wow -- really?

They cannot do _any business whatsoever_ if they cannot expose a  pile 
of crap like MS RPC to the Internet?  Code that MS now openly admits 
should never be exposed to "hostile environments"?  Who was responsible 
for such horrendous mis-design?

Is that monumentally stupid or what?

Or was a case of this type of thing:

   http://vmyths.com/rant.cfm?id=241&page=4

Or was it mis-reporting?

Regards,

Nick FitzGerald

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- RE: [Full-Disclosure] ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd)
  - From: Joey <joey2cool@yahoo.com>

References:
- Re: [Full-Disclosure] ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd)
  - From: Jonathan Rickman <jonathan@xcorps.net>
- RE: [Full-Disclosure] ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd)
  - From: "Dennis Heaton" <dennish@comcast.net>

Prev by Date: RE: [Full-Disclosure] ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd)
Next by Date: [Full-Disclosure] DameWare Mini-RC Shatter
Prev by thread: Re: [Full-Disclosure] ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd)
Next by thread: RE: [Full-Disclosure] ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd)
Index(es):
- Date
- Thread