| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200308112322.h7BNM5Kb014522@caligula.anu.edu.au> From: avalon at caligula.anu.edu.au (Darren Reed) Subject: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) I don't know if this covers what's already been said about DCOM worms... Forwarded message: > From alert-admin@....net Tue Aug 12 08:42:31 2003 > Message-Id: <200308112219.h7BMJYo24058@...iss.net> > To: alert@....net > From: X-Force <xforce@....net> > Subject: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation > Sender: alert-admin@....net > Errors-To: alert-admin@....net > X-BeenThere: alert@....net > X-Mailman-Version: 2.0.8 > Precedence: bulk > List-Help: <mailto:alert-request@....net?subject=help> > List-Post: <mailto:alert@....net> > List-Subscribe: <https://atla-mm1.iss.net/mailman/listinfo/alert>, > <mailto:alert-request@....net?subject=subscribe> > List-Id: ISS security alert advisories <alert.iss.net> > List-Unsubscribe: <https://atla-mm1.iss.net/mailman/listinfo/alert>, > <mailto:alert-request@....net?subject=unsubscribe> > List-Archive: <https://atla-mm1.iss.net/mailman/private/alert/> > Date: Mon, 11 Aug 2003 18:19:34 -0400 (EDT) > Content-Length: 3029 > > -----BEGIN PGP SIGNED MESSAGE----- > > Internet Security Systems Security Brief > August 11, 2003 > > "MS Blast" MSRPC DCOM Worm Propagation > > Synopsis: > > ISS X-Force has captured active samples of an automated Internet worm that > propagates via the MS RPC DCOM vulnerability documented in ISS X-Force > Alert titled "Flaw in Microsoft Windows RPC Implementation" > (http://xforce.iss.net/xforce/alerts/id/147). This worm is currently > propagating aggressively across the Internet. > > Impact: > > Any vulnerable desktop or server connected to the Internet may be > vulnerable to attack. All Windows 2000, Windows XP and Windows NT 4.0 > computers that have not been patched are vulnerable to attack from the > automated worm, or manual attack. X-Force believes that hundreds of > thousands of computers may still be vulnerable. Unsuccessful propagation > attempts may crash vulnerable computers, or render them unstable. > Successful worm outbreaks have been known to cause significant localized > network latency, and widespread denial of service. > > For the complete ISS X-Force Security Alert, please visit: > http://xforce.iss.net/xforce/alerts/id/150 > > ______ > > About Internet Security Systems (ISS) > Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a > pioneer and world leader in software and services that protect critical > online resources from an ever-changing spectrum of threats and misuse. > Internet Security Systems is headquartered in Atlanta, GA, with > additional operations throughout the Americas, Asia, Australia, Europe > and the Middle East. > > Copyright (c) 2003 Internet Security Systems, Inc. All rights reserved > worldwide. > > Permission is hereby granted for the electronic redistribution of this > document. It is not to be edited or altered in any way without the > express written consent of the Internet Security Systems X-Force. If you > wish to reprint the whole or any part of this document in any other > medium excluding electronic media, please email xforce@....net for > permission. > > Disclaimer: The information within this paper may change without notice. > Use of this information constitutes acceptance for use in an AS IS > condition. There are NO warranties, implied or otherwise, with regard to > this information or its use. Any use of this information is at the > user's risk. In no event shall the author/distributor (Internet Security > Systems X-Force) be held liable for any damages whatsoever arising out > of or in connection with the use or spread of this information. > X-Force PGP Key available on MIT's PGP key server and PGP.com's key server, > as well as at http://www.iss.net/security_center/sensitive.php > Please send suggestions, updates, and comments to: X-Force > xforce@....net of Internet Security Systems, Inc. > > -----BEGIN PGP SIGNATURE----- > Version: 2.6.2 > > iQCVAwUBPzgWTDRfJiV99eG9AQHkdAP7BPhuanDAaLYanBfNnNIdA/KnxATeElA9 > Xa9Udl/mEXG6Qvzd0t0UzVRWiACmJ69DXoM6FNwER0eOJ+pCDYmydPfMKLxGfNSo > VvI3K9xpvpNCY3VS5OsHIn85Gjiy0tmRByR1SMV7gNJOBmcX4kRXNiJGxi1WLzq/ > pCTkGUzayAQ= > =kUpi > -----END PGP SIGNATURE----- >
Powered by blists - more mailing lists