lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <41B1FD84D49E05448A4233378E6BF475163C1F@entmsgnt03.fm.frd.fmlh.edu>
From: jheidtke at fmlh.edu (Jerry Heidtke)
Subject: Immunity's paper?

See http://www.immunitysec.com/papers/msrpcheap.pdf and
http://www.immunitysec.com/papers/msrpcheap2.pdf.

Exploit code for one of the vulnerabilities in RPCSS is "in the wild".
No indications of a worm being released yet, but it's only a matter of
time. If we had a pool going, I'd pick that square for tomorrow (9/16).

Jerry

-----Original Message-----
From: Exibar [mailto:exibar@...lair.com] 
Sent: Monday, September 15, 2003 9:18 AM
To: full-disclosure@...ts.netsys.com
Subject: [Full-Disclosure] Immunity's paper?


Does anyone have this paper that the quoted Microsoft PSS advisory
mentions
or a link to it?  I'd love to give it a read...

thanks all!
  Exibar
The PSS Security team is issuing this alert to advise customers that on
Saturday 9/13/03 a research company called Immunity published a paper
providing guidance on how to exploit the vulnerabilities patched by
Microsoft Security Bulletin MS03-039. To date we've had no reports of
actual
exploit code being publicly available or being used actively in a worm
or
virus.

Customers that have applied the patch as advised in Microsoft Security
Bulletin MS03-039 are protected from exploit code developed using the
guidance provided in this paper. Customers who have not deployed the
patch
or taken additional mitigating actions to protect their environment
should
be aware that the existence of sample code does make it easier for an
active
exploit to be developed. We are therefore strongly urging customers to
immediately deploy the patch in their environments and take additional
mitigation steps, as described in the bulletin, to protect themselves.

Information on Microsoft Security Bulletin MS03-039 and its associated
patch, mitigating factors and workarounds can be found here:

http://www.microsoft.com/technet/security/bulletin/ms03-039.asp

PSS Security Team

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Confidentiality Notice: This e-mail message, including any attachments,
is for the sole use of the intended recipient(s) and may contain
confidential and privileged information.  Any unauthorized review, use,
disclosure or distribution is prohibited.  If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ