lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <OFC29ED48A.D9CFC757-ON85256D9D.006EB815@fund.bisys.com>
From: Jeffrey.Stebelton at bisys.com (Jeffrey.Stebelton@...ys.com)
Subject: MS03-039 has been released - critical

Yes.
                                                                            
                                                                            
                                                                            
                                                                            
               Superseded patches:                                          
               The fix provided by this patch supersedes the one included   
               in Microsoft Security Bulletin MS03-026 as well as           
               MS01-048                                                     
                                                                            
                                                                            
                                                                            



Jeff Stebelton
BISYS Network Security Group
614-470-8249



                                                                                                                                                  
                      "Robert Ahnemann"                                                                                                           
                      <rahnemann@...inity-mortgag        To:       <full-disclosure@...ts.netsys.com>                                             
                      e.com>                             cc:                                                                                      
                      Sent by:                           Subject:  RE: [Full-Disclosure] MS03-039 has been released - critical                    
                      full-disclosure-admin@...ts                                                                                                 
                      .netsys.com                                                                                                                 
                                                                                                                                                  
                                                                                                                                                  
                      09/10/2003 02:30 PM                                                                                                         
                                                                                                                                                  
                                                                                                                                                  




I ran the test program (as linked by MS) to see if the network showed as
patched.  I haven't patched any of the machines with the 039 code, but
all are patched with the 026 one (original one as of July 16th)  Does
this exploit still work (as in leave a vuln) if we have patched 026?
Might be a dumb question, but I bet other people are thinking it too.

-----Original Message-----
From: Exibar [mailto:exibar@...lair.com]
Sent: Wednesday, September 10, 2003 12:42 PM
To: full-disclosure@...ts.netsys.com
Subject: Re: [Full-Disclosure] MS03-039 has been released - critical

anyone know of a 'sploit for this one yet?  Or even proof of concept
code?


----- Original Message -----
From: "Ryan, Pete" <pete.ryan@...mson.com>
To: <full-disclosure@...ts.netsys.com>
Sent: Wednesday, September 10, 2003 12:23 PM
Subject: [Full-Disclosure] MS03-039 has been released - critical


>
>
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur
ity/
> bulletin/MS03-039.asp
>
> -Pete
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html




This email and any files transmitted with it are confidential and intended
solely  for the use of the individual or entity to whom they are addressed.
Any other  use of this information is strictly prohibited. If you have
received this email in  error please notify the system manager via email at
mailadmin@...ys.com and delete the file immediately.  Thank you for your
cooperation.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ