lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <Law11-OE70n9rL6buZs0000ab6d@hotmail.com> From: se_cur_ity at hotmail.com (morning_wood) Subject: DCOM RPC - DEVESTATING IN SCOPE i think the severity of the RPC exploit cannot be diminished.. this is the worst remote root compromise i have ever seen and i am literlaly screaming at everyone i know to patch ASAP. the thought of media attention sonded plausable.. this should be on the nightly news for the next 2 days minumum. The ease and swiftness of the exploit makes it second to none in the potential damage.. as you point out.. > Then I ran the win32 binary I compiled from from the c code posted to this list > against that list of ips. > I assumed that most XP boxes would be SP1. > I got 6 command prompts. > I then ran the same binary looking for Xp with Sp0. > I got 156 command prompts. > i too have experienced these percentages in a block of ip addresses .. "shocked and awed" Donnie Werner http://e2-labs.com http://exploitlabs.com PATCH FOR RPC NOW !!! buh bye