lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: anthony.aykut at frame4.com (Anthony Aykut)
Subject: MS03-039 has been released - critical

MS03-026 patched against 1 buffer overflow.
MS03-039 patches against 3 new buffer overflows.

That means there are 4 problems in all. All 4 problems occur via DCOM over
RPC. All 4 problems could be attacked in a similar fashion. All 4 problems
(as they are likely to occur in an Internet-wide attack) can be thwarted by
disabling DCOM. 2 of the 3 new problems can be turned into worms.

If you applied MS03-026, you can still be attacked via the 3 problems
patched by MS03-039.

MS03-039 corrects all 4 known DCOM/RPC problems (that's what they mean when
they say it "supercedes" MS03-026.)

If you haven't patched, and are going to patch, patch with MS03-039.

Anthony

-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com]On Behalf Of Robert
Ahnemann
Sent: Wednesday, September 10, 2003 20:31
To: full-disclosure@...ts.netsys.com
Subject: RE: [Full-Disclosure] MS03-039 has been released - critical


I ran the test program (as linked by MS) to see if the network showed as
patched.  I haven't patched any of the machines with the 039 code, but
all are patched with the 026 one (original one as of July 16th)  Does
this exploit still work (as in leave a vuln) if we have patched 026?
Might be a dumb question, but I bet other people are thinking it too.

-----Original Message-----
From: Exibar [mailto:exibar@...lair.com]
Sent: Wednesday, September 10, 2003 12:42 PM
To: full-disclosure@...ts.netsys.com
Subject: Re: [Full-Disclosure] MS03-039 has been released - critical

anyone know of a 'sploit for this one yet?  Or even proof of concept
code?


----- Original Message -----
From: "Ryan, Pete" <pete.ryan@...mson.com>
To: <full-disclosure@...ts.netsys.com>
Sent: Wednesday, September 10, 2003 12:23 PM
Subject: [Full-Disclosure] MS03-039 has been released - critical


>
>
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur
ity/
> bulletin/MS03-039.asp
>
> -Pete
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ