[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Re: Bad news on RPC DCOM vulnerability
- To: "Brown, Bobby (US - Hermitage)" <bobbrown@deloitte.com>
- Subject: Re: [Full-Disclosure] Re: Bad news on RPC DCOM vulnerability
- From: Vladimir Parkhaev <vladimir@arobas.net>
- Date: Fri, 10 Oct 2003 20:46:34 -0400
Quoting Brown, Bobby (US - Hermitage) (bobbrown@deloitte.com):
> For us that can not interpret the site, what more information can be
> provided.
>
Funny enough, it is a russian translatiion of the original message you
replying to:
> ----- Original Message -----
> From: "3APA3A" <3APA3A@SECURITY.NNOV.RU>
> To: <bugtraq@securityfocus.com>; <full-disclosure@lists.netsys.com>;
> <NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM>
> Cc: <Secure@microsoft.com>
> Sent: Friday, October 10, 2003 6:48 PM
> Subject: Bad news on RPC DCOM vulnerability
>
>
> > Dear bugtraq@securityfocus.com,
> >
> > There are few bad news on RPC DCOM vulnerability:
> >
> > 1. Universal exploit for MS03-039 exists in-the-wild, PINK FLOYD is
> > again actual.
> > 2. It was reported by exploit author (and confirmed), Windows XP SP1
> > with all security fixes installed still vulnerable to variant of the
> > same bug. Windows 2000/2003 was not tested. For a while only DoS exploit
> > exists, but code execution is probably possible. Technical details are
> > sent to Microsoft, waiting for confirmation.
> >
> > Dear ISPs. Please instruct you customers to use personal fireWALL in
> > Windows XP.
> >
> > --
> > http://www.security.nnov.ru
> > /\_/\
> > { , . } |\
> > +--oQQo->{ ^ }<-----+ \
> > | ZARAZA U 3APA3A }
> > +-------------o66o--+ /
> > |/
> > You know my name - look up my number (The Beatles)
> >
> >
> >
>
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html