[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-Disclosure] EEYE: Microsoft RPC Heap Corruption Vulnerability - Part II
- To: "Chris DeVoney" <cdevoney@xxxxxxxxxxxxxxxx>, "'Full-Disclosure'" <full-disclosure@xxxxxxxxxxxxxxxx>
- Subject: RE: [Full-Disclosure] EEYE: Microsoft RPC Heap Corruption Vulnerability - Part II
- From: Jeff.Urnaza@xxxxxxxxxxxxxxxxx
- Date: Wed, 10 Sep 2003 16:05:02 -0700
Yes, the correct version is now available on eEye's site.
"Chris DeVoney"
<cdevoney@xxxxxxx To:
<Jeff.Urnaza@xxxxxxxxxxxxxxxxx>, "'Full-Disclosure'"
ngton.edu>
<full-disclosure@xxxxxxxxxxxxxxxx>
cc:
09/10/2003 03:36 Subject: RE: [Full-Disclosure]
EEYE: Microsoft RPC Heap Corruption
PM Vulnerability - Part II
On Wednesday, September 10, 2003 1:26 PM, Jeff.Urnaza@xxxxxxxxxxxxxxxxx
wrote:
> The version number in eEye's supposed *new* scanner is the
> same version number as the one they release for the previous
> RPC exploit, v1.0.4.
Pardon my interuption, but the version I downloaded about noon-ish PDT has
version 1.1.0 in both its Help-About and its file properties. It does
report
vulnerabilities to MS03-026 and -039.
cdv
------------------------
Chris DeVoney
Clinical Research Center Informatics
University of Washington
cdevoney@xxxxxxxxxxxxxxxx
206-598-6816
------------------------
-----------------------------------------
The information transmitted is intended only for the person or entity
to which it is addressed and may contain confidential and/or
privileged material. Any review, retransmission, dissemination or
other use of, or taking of any action in reliance upon, this
information by persons or entities other than the intended recipient
is prohibited. If you received this in error, please contact the
sender and delete the material from any computer.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html