[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20031010215122.13320.qmail@sf-www2-symnsj.securityfocus.com>
Date: 10 Oct 2003 21:51:22 -0000
From: K-OTiK Security <Special-Alerts@...tik.com>
To: bugtraq@...urityfocus.com
Subject: Re: Bad news on RPC DCOM vulnerability
In-Reply-To: <1155962754.20031010184852@...URITY.NNOV.RU>
as confirmed by 3APA3A and security labs, it seems that the public exploit *works* even if the patch MS03-039 is *installed*
This is a highly critical vulnerability - users MUST block vulnerable ports !
Regards.
K-OTik Staff /\\/ http://wwww.k-otik.com
>From: 3APA3A <3APA3A@...URITY.NNOV.RU>
>
>Dear bugtraq@...urityfocus.com,
>
>There are few bad news on RPC DCOM vulnerability:
>
>1. Universal exploit for MS03-039 exists in-the-wild, PINK FLOYD is
>again actual.
>2. It was reported by exploit author (and confirmed), Windows XP SP1
>with all security fixes installed still vulnerable to variant of the
>same bug. Windows 2000/2003 was not tested. For a while only DoS exploit
>exists, but code execution is probably possible. Technical details are
>sent to Microsoft, waiting for confirmation.
>
>Dear ISPs. Please instruct you customers to use personal fireWALL in
>Windows XP.
Powered by blists - more mailing lists