lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <AE46D0386422BF4FA18E1A9FB67161A004D08168@GOAEVS01.abf.ad.airborne.com>
From: Brad.Bemis at airborne.com (Brad Bemis)
Subject: DCOM Exploit MS03-026 attack vectors

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

It is not necessarily port 80, but TCP port 593 (RPC-over-HTTP) or any IIS
HTTP/HTTPS port if COM Internet Services are enabled.  

Thank you for your time and attention,

========================
Brad Bemis
========================
Email Notice: This communication may contain sensitive information. If you
are not the intended recipient, or believe that you have received this
communication in error; do not print, copy, retransmit, disseminate, or
otherwise use the information contained herein for any purpose. Please
alert the sender that you have received this message in error, and delete
the copy that you received.





- -----Original Message-----
From: Paul Tinsley [mailto:pdt@...khammer.org]
Sent: Wednesday, July 30, 2003 8:38 PM
To: full-disclosure@...ts.netsys.com
Subject: [Full-Disclosure] DCOM Exploit MS03-026 attack vectors



Microsoft owns up to the exploit being usable on 135, 139 and 445, I have
heard rumors of port 80 being vulnerable as well.  I was curious as to
whether anyone had seen anything using a port other than 135?  Everything I
have seen discussed here and elsewhere has been 135 specific.

 

Thanks,

Paul Tinsley

Email:   <pdt@...khammer.org>

Web:     http://www.jackhammer.org

Phone:   +1 615 973-5353

Pager:   +1 615 960-7766

Mail:    2228 Spartan Ct.

         Murfreesboro, TN 37128-5395

 


-----BEGIN PGP SIGNATURE-----

iQA/AwUBPynxwJDnOfS48mrdEQJaIwCg59OdO0iAY8DbnRGTfiSybBR37mEAn3iK
nKdaM9mEiU5RJJga0O/37HSA
=VOLZ
-----END PGP SIGNATURE-----

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030731/32d7d18d/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ