[<prev] [next>] [day] [month] [year] [list]
Message-ID: <200307271640.h6RGe91A011117@mailgate.mailbox.co.za>
From: jenbradley at webmail.co.za (Jennifer Bradley)
Subject: DCOM RPC exploit (dcom.c)
I don't think you were reading the advisories properly... ;)
MSDE (Microsoft SQL Server Desktop Edition) was vulnerable, which many
products use, including Office, Visual Studio .NET, etc. Just to
refresh your memory, here's a list of products that contain MSDE
http://www.sqlsecurity.com/forum/applicationslistgridall.aspx
So, it is not a corner-case at all, not even in the slightest bit.
VPNs are common enough these days, so the chances of someone VPNing
into a network with an infected or infectable computer is actually
pretty high.
In the same vein, it looks like if a worm is released, it will most
probably be easily transferable into any corporate domain that has
VPNs as well, since every un-patched Windows is vulnerable.
jb
On Sun, 27 Jul 2003 00:41:22 -0700 (PDT) Nathan Seven
(scosol@...oo.com) wrote:
>--- Paul Schmehl <pauls@...allas.edu> wrote:
>>
>> Are you really serious? Recall Slammer? There were
>> networks that were
>> locked down pretty tight. Slammer couldn't get in,
>> right? Then one
>> developer who got his unpatched copy of SQL inside
>> the network, by
>> logging in through VPN with his infected laptop,
>> took the entire network
>> down.
>
>Are *you* serious?
>
>Running MSSQL server on my laptop that I also use to
>VPN in is IMO a pretty fucking corner-case...
>
>=====
>--
>live- http://www.thedenofsin.org/
>to- AIM: IMFDUP
>penetrate- http://eAnger.org/
>_may the bitches set you free_
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________________________________
LOOK GOOD, FEEL GOOD - WWW.HEALTHIEST.CO.ZA
Cool Connection, Cool Price, Internet Access for R59 monthly @ WebMail
http://www.webmail.co.za/dialup/
Powered by blists - more mailing lists