[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <000001c377e1$5772e3c0$0202a8c0@teliahomebase>
From: kruse at krusesecurity.dk (Peter Kruse)
Subject: SV: MS03-039 has been released - critical
Hi,
> "The new DoS vulnerability was disclosed by a hacking group
> in China on July 25, 2003, and functional exploit code is
> already in use on the Internet. "
This is well known. However it?s not the BoF exploit.
Yet again, the detailed advisory from Eeye makes it fairly easy to write
a working exploit. Although I haven?t seen a PoC yet I would expect it
to be release shortly. It?s a bit harder to exploit than the previous
RPC Dcom weakness but it?s certainly possible.
Please note that Eeye has already released an update for Retina Security
Scanner and I suppose every script kid, cracker or hacker should be able
to sniff to code from Retina going to a remote vulnerable host. You
think? CHAM, yeah?
I suggest we update RPC - again.
Med venlig hilsen // Kind regards
Peter Kruse
Kruse Security
http://www.krusesecurity.dk
Powered by blists - more mailing lists