lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.WNT.4.51.0307262006240.664@lara.gremlinhunters.co.uk>
From: chrisp at ngssoftware.com (Chris Paget)
Subject: DCOM RPC exploit  (dcom.c)

<sarcasm>

I'd just like to thank FlashSky, Benjurry, and H D Moore for releasing this
code.  Really guys, sterling job.  Now the skript kiddies and VXers have got
virtually no work to do in order to write a worm that exploits this.

</sarcasm>

Personally, I'm tempted to set up my firewall to NAT incoming requests on port
135 to either www.metasploit.com or www.xfocus.org.  I know this is the
full-disclosure list, but working exploit code for an issue this huge is taking
it a bit far, especially less than 2 weeks after the advisory comes out.

Cheers, fellas.  When the worm comes out, I'll be thinking of you.

Chris



On Sat, 26 Jul 2003, fulldisclosure@...holic.org wrote:

> 03-026 working exploit
>
>
> -----------------------------------------
>
> This email was sent using FREE Catholic Online Webmail.
> http://webmail.catholic.org/
>
>
>
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ