| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <000001c38e69$0770f760$0202a8c0@teliahomebase> From: kruse at krusesecurity.dk (Peter Kruse) Subject: SV: MS RPC remote exploit. Hi, Systems already updated are not vulnerable to this exploit. The new code is simply improved and is now more "universal". It doesn?t make use of static addresses for jumps which makes the improved code much more dangerous since it will be effective on a large range of different vulnerable Microsoft Windows operativ systems. Kind regards // Med venlig hilsen Peter Kruse CSIS / Kruse Security ApS http://www.krusesecurity.dk - www.csis.dk > -----Oprindelig meddelelse----- > Fra: full-disclosure-admin@...ts.netsys.com > [mailto:full-disclosure-admin@...ts.netsys.com] P? vegne af > Sudharsha Wijesinghe > Sendt: 9. oktober 2003 14:42 > Til: full-disclosure@...ts.netsys.com > Emne: [Full-Disclosure] MS RPC remote exploit. > > > According to MS there cant be any Remote exploit on MS RPC > except for a DOS attack using 139/135/445. How ever the code > is available for a shell code. has any one tried this exploit? > > Sudharsha > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html >
Powered by blists - more mailing lists