lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20030731192138.7D4703811E@mail.secnap.net>
From: scheidell at secnap.net (Michael Scheidell)
Subject: RPC DCOM Patches

> The MS website says that the patch can only be applied to Windows 2000 
> systems with SP3 or SP4.  Has anybody tried to run the patch on an SP2 
> system?  Are NT 4 Workstations vulnerable too, or just NT 4 Servers?

one more thing to rember.. the ms03-026 will only patch the remote
exploit!  you can still DOS them, patched or not.

Only workaround is to firewall the boxes, and to protect form internal
damave, turn dcom off with dcomconfg.exe

-- 
Michael Scheidell
SECNAP Network Security, LLC 
Sales: 866-SECNAPNET / (1-866-732-6276)
Main: 561-368-9561 / www.secnap.net

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ