lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: exibar at thelair.com (Exibar)
Subject: MS03-039 has been released - critical

Isn't this a bit different than simply a DoS though?

  Although, now that I'm thinking about it,  this one combines ms03-026 with
the DoS that was found to be the RPC service failing.  M$ makes it sound
like this is 100% but if your patched with MS03-026, your safe from all but
the DoS.  Is that what everyone else reads into the alert as well?

   Exibar
----- Original Message -----
From: "Mike Tancsa" <mike@...tex.net>
To: "Exibar" <exibar@...lair.com>; <full-disclosure@...ts.netsys.com>
Sent: Wednesday, September 10, 2003 2:54 PM
Subject: Re: [Full-Disclosure] MS03-039 has been released - critical


>
> http://xforce.iss.net/xforce/alerts/id/152 says,
>
> "The new DoS vulnerability was disclosed by a hacking group in China on
> July 25, 2003, and functional exploit code is already in use on the
> Internet. "
>
>          ---Mike
>
>
> At 01:41 PM 10/09/2003, Exibar wrote:
> >anyone know of a 'sploit for this one yet?  Or even proof of concept
code?
> >
> >
> >----- Original Message -----
> >From: "Ryan, Pete" <pete.ryan@...mson.com>
> >To: <full-disclosure@...ts.netsys.com>
> >Sent: Wednesday, September 10, 2003 12:23 PM
> >Subject: [Full-Disclosure] MS03-039 has been released - critical
> >
> >
> > >
> > >
>
>http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security
/
> > > bulletin/MS03-039.asp
> > >
> > > -Pete
> > >
> > > _______________________________________________
> > > Full-Disclosure - We believe in it.
> > > Charter: http://lists.netsys.com/full-disclosure-charter.html
> >
> >_______________________________________________
> >Full-Disclosure - We believe in it.
> >Charter: http://lists.netsys.com/full-disclosure-charter.html
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ