[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SV: [Full-Disclosure] MS03-039 has been released - critical

To: "'Mike Tancsa'" <mike@xxxxxxxxxx>, "'Exibar'" <exibar@xxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: SV: [Full-Disclosure] MS03-039 has been released - critical
From: "Peter Kruse" <kruse@xxxxxxxxxxxxxxxx>
Date: Wed, 10 Sep 2003 23:20:20 +0200

Hi,

> "The new DoS vulnerability was disclosed by a hacking group 
> in China on July 25, 2003, and functional exploit code is 
> already in use on the Internet. "

This is well known. However it´s not the BoF exploit.

Yet again, the detailed advisory from Eeye makes it fairly easy to write
a working exploit. Although I haven´t seen a PoC yet I would expect it
to be release shortly. It´s a bit harder to exploit than the previous
RPC Dcom weakness but it´s certainly possible.

Please note that Eeye has already released an update for Retina Security
Scanner and I suppose every script kid, cracker or hacker should be able
to sniff to code from Retina going to a remote vulnerable host. You
think? CHAM, yeah?

I suggest we update RPC - again.

Med venlig hilsen // Kind regards

Peter Kruse
Kruse Security
http://www.krusesecurity.dk


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- RE: [Full-Disclosure] MS03-039 has been released - critical
  - From: Marc Maiffret

References:
- Re: [Full-Disclosure] MS03-039 has been released - critical
  - From: Mike Tancsa

Prev by Date: [Full-Disclosure] Buffer overflow in MySQL
Next by Date: RE: [Full-Disclosure] MS03-039 has been released - critical
Previous by thread: Re: [Full-Disclosure] MS03-039 has been released - critical
Next by thread: RE: [Full-Disclosure] MS03-039 has been released - critical
Index(es):
- Date
- Thread