[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] EXPLOIT : RPC DCOM (MS03-039)

To: pdt@xxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] EXPLOIT : RPC DCOM (MS03-039)
From: Florian Weimer <fw@xxxxxxxxxxxxx>
Date: Wed, 17 Sep 2003 09:50:18 +0200

pdt@xxxxxxxxxxxxxx writes:

> Has anyone tested this exploit successfully?  I havn't been able to
> make it work as of yet.  I tried the Target 0 type and have the
> exact DLL versions referenced.  Just wondering if this is BS or
> there is some other dependency on my test systems that isn't quite
> lining up.

I'm not sure.  I've got credible reports from people who got a bit
further: the exploit corrupted some DLLs on the victim (making the
system unbootable).

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- RE: [Full-Disclosure] EXPLOIT : RPC DCOM (MS03-039)
  - From: pdt

Prev by Date: [Full-Disclosure] MDKSA-2003:091 - Updated kdebase packages fix vulnerabilities in KDM
Next by Date: RE: [Full-Disclosure] Verisign abusing .COM/.NET monopoly, BIND releases new
Previous by thread: RE: [Full-Disclosure] EXPLOIT : RPC DCOM (MS03-039)
Next by thread: RE: [Full-Disclosure] EXPLOIT : RPC DCOM (MS03-039)
Index(es):
- Date
- Thread