lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
From: Jeff.Urnaza at averydennison.com (Jeff.Urnaza@...rydennison.com)
Subject: EEYE: Microsoft RPC Heap Corruption Vulnerability
 - Part II

Yes, the correct version is now available on eEye's site.



                                                                                                                          
                      "Chris DeVoney"                                                                                     
                      <cdevoney@...ashi        To:       <Jeff.Urnaza@...rydennison.com>, "'Full-Disclosure'"             
                      ngton.edu>                <full-disclosure@...ts.netsys.com>                                        
                                               cc:                                                                        
                      09/10/2003 03:36         Subject:  RE: [Full-Disclosure] EEYE: Microsoft RPC Heap Corruption        
                      PM                        Vulnerability - Part II                                                   
                                                                                                                          
                                                                                                                          




On Wednesday, September 10, 2003 1:26 PM, Jeff.Urnaza@...rydennison.com
wrote:

> The version number in eEye's supposed *new* scanner is the
> same version number  as the one they release for the previous
> RPC exploit, v1.0.4.

Pardon my interuption, but the version I downloaded about noon-ish PDT has
version 1.1.0 in both its Help-About and its file properties. It does
report
vulnerabilities to MS03-026 and -039.


cdv

------------------------
Chris DeVoney
Clinical Research Center Informatics
University of Washington
cdevoney@...ashington.edu
206-598-6816
------------------------







-----------------------------------------
The information transmitted is intended only for the person or entity
to which it is addressed and may contain confidential and/or
privileged material. Any review, retransmission, dissemination or
other use of, or taking of any action in reliance upon, this
information by persons or entities other than the intended recipient
is prohibited. If you received this in error, please contact the
sender and delete the material from any computer.


Powered by blists - more mailing lists