| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: exibar at thelair.com (Exibar) Subject: Immunity's paper? The Exploit that's in the wild right now is an exploit for the DoS. Very doubtful that this gets turned into a worm. I'm worried about one of the BoF vulnerabilities getting turned into an exploit. Haven't seen that yet though... Thanks everyone for getting me the links to those papers and DoS exploit code too! Exibar ----- Original Message ----- From: "Jerry Heidtke" <jheidtke@...h.edu> To: "Exibar" <exibar@...lair.com>; <full-disclosure@...ts.netsys.com> Sent: Monday, September 15, 2003 11:25 AM Subject: RE: [Full-Disclosure] Immunity's paper? > > See http://www.immunitysec.com/papers/msrpcheap.pdf and > http://www.immunitysec.com/papers/msrpcheap2.pdf. > > Exploit code for one of the vulnerabilities in RPCSS is "in the wild". > No indications of a worm being released yet, but it's only a matter of > time. If we had a pool going, I'd pick that square for tomorrow (9/16). > > Jerry > > -----Original Message----- > From: Exibar [mailto:exibar@...lair.com] > Sent: Monday, September 15, 2003 9:18 AM > To: full-disclosure@...ts.netsys.com > Subject: [Full-Disclosure] Immunity's paper? > > > Does anyone have this paper that the quoted Microsoft PSS advisory > mentions > or a link to it? I'd love to give it a read... > > thanks all! > Exibar > The PSS Security team is issuing this alert to advise customers that on > Saturday 9/13/03 a research company called Immunity published a paper > providing guidance on how to exploit the vulnerabilities patched by > Microsoft Security Bulletin MS03-039. To date we've had no reports of > actual > exploit code being publicly available or being used actively in a worm > or > virus. > > Customers that have applied the patch as advised in Microsoft Security > Bulletin MS03-039 are protected from exploit code developed using the > guidance provided in this paper. Customers who have not deployed the > patch > or taken additional mitigating actions to protect their environment > should > be aware that the existence of sample code does make it easier for an > active > exploit to be developed. We are therefore strongly urging customers to > immediately deploy the patch in their environments and take additional > mitigation steps, as described in the bulletin, to protect themselves. > > Information on Microsoft Security Bulletin MS03-039 and its associated > patch, mitigating factors and workarounds can be found here: > > http://www.microsoft.com/technet/security/bulletin/ms03-039.asp > > PSS Security Team > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > > Confidentiality Notice: This e-mail message, including any attachments, > is for the sole use of the intended recipient(s) and may contain > confidential and privileged information. Any unauthorized review, use, > disclosure or distribution is prohibited. If you are not the intended > recipient, please contact the sender by reply e-mail and destroy all > copies of the original message. > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists