lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <01de01c3f648$7fc12b30$a105bb0a@corp.ad.timeinc.com>
Date: Wed, 18 Feb 2004 12:56:13 -0500
From: "Joshua Levitsky" <jlevitsk@...hie.com>
To: "WebHead" <webheadport80@...oo.com>, <bugtraq@...urityfocus.com>
Subject: Re: Microsoft ASN.1 (Half a sploit)


Windows 98 SE;

Starting nmap 3.48 ( http://www.insecure.org/nmap/ ) at 2004-02-18 12:52 EST
PORT    STATE SERVICE
139/tcp open  netbios-ssn
427/tcp open  svrloc

[root@dsg root]# ./MS04-007-dos 10.187.5.57 139

[root@dsg root]# nmap 10.187.5.57

Starting nmap 3.48 ( http://www.insecure.org/nmap/ ) at 2004-02-18 12:52 EST
PORT    STATE SERVICE
139/tcp open  netbios-ssn

--
Joshua Levitsky, MCSE, CISSP
System Engineer
http://www.foist.org/
[5957 F27C 9C71 E9A7 274A 0447 C9B9 75A4 9B41 D4D1]


----- Original Message ----- 
From: "WebHead" <webheadport80@...oo.com>
To: <bugtraq@...urityfocus.com>
Sent: Tuesday, February 17, 2004 12:38 AM
Subject: Re: Microsoft ASN.1 (Half a sploit)


> In-Reply-To: <20040215130958.17364.qmail@....securityfocus.com>
>
> FYI...
>
> The DoS exploit for ms04-007 works successfully on WS03 /W2K3 and W2K
AdvServer with SP3.
>
> WebHead
>
>
>
> >Received: (qmail 15182 invoked from network); 16 Feb 2004 16:42:00 -0000
> >Received: from outgoing3.securityfocus.com (205.206.231.27)
> >  by mail.securityfocus.com with SMTP; 16 Feb 2004 16:42:00 -0000
> >Received: from lists2.securityfocus.com (lists2.securityfocus.com
[205.206.231.20])
> > by outgoing3.securityfocus.com (Postfix) with QMQP
> > id 7F664A30D6; Mon, 16 Feb 2004 11:09:14 -0700 (MST)
> >Mailing-List: contact bugtraq-help@...urityfocus.com; run by ezmlm
> >Precedence: bulk
> >List-Id: <bugtraq.list-id.securityfocus.com>
> >List-Post: <mailto:bugtraq@...urityfocus.com>
> >List-Help: <mailto:bugtraq-help@...urityfocus.com>
> >List-Unsubscribe: <mailto:bugtraq-unsubscribe@...urityfocus.com>
> >List-Subscribe: <mailto:bugtraq-subscribe@...urityfocus.com>
> >Delivered-To: mailing list bugtraq@...urityfocus.com
> >Delivered-To: moderator for bugtraq@...urityfocus.com
> >Received: (qmail 20023 invoked from network); 15 Feb 2004 07:01:17 -0000
> >Date: 15 Feb 2004 13:09:58 -0000
> >Message-ID: <20040215130958.17364.qmail@....securityfocus.com>
> >Content-Type: text/plain
> >Content-Disposition: inline
> >Content-Transfer-Encoding: binary
> >MIME-Version: 1.0
> >X-Mailer: MIME-tools 5.411 (Entity 5.404)
> >From: K-OTiK Security <Special-Alerts@...tik.com>
> >To: bugtraq@...urityfocus.com
> >Subject: Re:  Microsoft ASN.1 (Half a sploit)
> >
> >In-Reply-To: <200402132315.i1DNFYAa067379@...lserver1.hushmail.com>
> >
> >Note that the SANS said "This Exploit appears to work only against
Windows 2000 Professional..."
> >
> >We say : works against Windows 2000 & Windows XP
> >
> >other versions ? 2k3 ?
> >
> >References
> >http://www.k-otik.com/exploits/02.14.MS04-007-dos.c.php
> >http://isc.sans.org/diary.html
> >
> >Regards.
> >K-OTik Staff
> >http://www.k-otik.com
> >
> >
> >
>



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ