lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <3F3991BB.9183.4D691FD6@localhost>
From: nick at virus-l.demon.co.uk (Nick FitzGerald)
Subject: MSblast worm

Simon Glassman <simon@...box.co.uk> wrote:

[restructured to proper quoting order]

> On Tuesday 12 August 2003 11:53 am, Jasper Blackwell wrote:
> > Does anyone know if this MSblast worm affects Win NT machines, or is it
> > just infecting 2000 and XP.
> 
> 	This is affecting the following machines.
> 
> Windows NT 4.0 server
> Windows NT 4.0 Terminal Server Edition
> Windows 2000
> Windows XP 32 Bit Edition
> Windows XP 64 Bit Edition
> Windows Server 2003 32 Bit Edition
> Windows Server 2003 64 Bit Edition
> 
> More info have a look at 
> http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-026.asp

The worm does not infect anything but W2K and XP machines (and even 
then, not "flawlessly").

NT 4.0 WS (not mentioned in the advisory as it had reached "end of 
life"), NT 4.0 Server & TS, W2K, XP and 2K3 all contain the DCOM 
vulnerability and (apart from NT 4.0 WS) are thus mentioned in the
MS03-026 security bulletin.  That does not mean they are affected or 
infected by the worm, or by any specific exploit (the nature of the 
overflow at the heart of the vulnerability is such that exploiting it 
requires knowledge of a memory location holding specific opcodes and 
these tend to rarely be available in a fixed location regardless of OS, 
SP, hotfix, etc level).


Regards,

Nick FitzGerald


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ