| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <009f01c38e95$a339c790$dd03973f@LUFKIN.DPSOL.COM> From: purdy at tecman.com (Curt Purdy) Subject: [inbox] Re: MS RPC remote exploit. > --- Sudharsha Wijesinghe <sudharsha@...italhouse.lk> > wrote: > > According to MS there cant be any Remote exploit on > > MS RPC except for a > > DOS attack using 139/135/445. > > How ever the code is available for a shell code. > > has any one tried this exploit? > > no remote exploit ? > > http://www.k-otik.com/exploits/10.09.rpc2universal.c.php > http://www.k-otik.com/exploits/09.20.rpcdcom2ver1.1.c.php > http://lists.netsys.com/pipermail/full-disclosure/2003-Septemb er/009848.html What about dcom.exe that hit the streets before MS even released the first 032 patch. With it, you could own a box in 2 minutes. I can only imagine how many thousands of bots were deployed before blaster hit, as the kiddies were hitting their keyboards just as fast as their little fingers could type. Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA Information Security Engineer DP Solutions ---------------------------------------- If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked. -- White House cybersecurity adviser Richard Clarke
Powered by blists - more mailing lists