| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: pauls at utdallas.edu (Schmehl, Paul L) Subject: DCOM RPC exploit (dcom.c) > -----Original Message----- > From: Robert Banniza [mailto:robert@...tprompt.net] > Sent: Tuesday, July 29, 2003 11:26 AM > To: full-disclosure@...ts.netsys.com > Subject: Re: [Full-Disclosure] DCOM RPC exploit (dcom.c) > > > Just received this from ISS minutes ago...Another RPC > vulnerability scanning tool: > >http://www.iss.net/support/product_utilities/ms03-026rpc.php > >Couple things we have noticed.... > >1) OS identification is pretty much hit and miss >2) We have seen where XP SP1 unpatched doesn't show vulnerable >(this patch was previously installed and then un-installed.) >However, machine is confirmed vulnerable. I did a simple comparison of the two tools on one VLAN. They both found the same hosts and they both agreed on which were patched and which were not patched. >Anyone else know what the last column of the output means? >i.e. '5.6' or '0.0'? I didn't see anything on their site explaining what those numbers mean and both patched and vulnerable machines produced both numbers, so I have no idea what they mean. Paul Schmehl (pauls@...allas.edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/~pauls/
Powered by blists - more mailing lists