lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 10 Oct 2003 20:46:34 -0400 From: Vladimir Parkhaev <vladimir@...bas.net> To: "Brown, Bobby (US - Hermitage)" <bobbrown@...oitte.com> Cc: bugtraq@...urityfocus.com, full-disclosure@...ts.netsys.com Subject: Re: Re: Bad news on RPC DCOM vulnerability Quoting Brown, Bobby (US - Hermitage) (bobbrown@...oitte.com): > For us that can not interpret the site, what more information can be > provided. > Funny enough, it is a russian translatiion of the original message you replying to: > ----- Original Message ----- > From: "3APA3A" <3APA3A@...URITY.NNOV.RU> > To: <bugtraq@...urityfocus.com>; <full-disclosure@...ts.netsys.com>; > <NTBUGTRAQ@...TSERV.NTBUGTRAQ.COM> > Cc: <Secure@...rosoft.com> > Sent: Friday, October 10, 2003 6:48 PM > Subject: Bad news on RPC DCOM vulnerability > > > > Dear bugtraq@...urityfocus.com, > > > > There are few bad news on RPC DCOM vulnerability: > > > > 1. Universal exploit for MS03-039 exists in-the-wild, PINK FLOYD is > > again actual. > > 2. It was reported by exploit author (and confirmed), Windows XP SP1 > > with all security fixes installed still vulnerable to variant of the > > same bug. Windows 2000/2003 was not tested. For a while only DoS exploit > > exists, but code execution is probably possible. Technical details are > > sent to Microsoft, waiting for confirmation. > > > > Dear ISPs. Please instruct you customers to use personal fireWALL in > > Windows XP. > > > > -- > > http://www.security.nnov.ru > > /\_/\ > > { , . } |\ > > +--oQQo->{ ^ }<-----+ \ > > | ZARAZA U 3APA3A } > > +-------------o66o--+ / > > |/ > > You know my name - look up my number (The Beatles) > > > > > > > > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists