[<prev] [next>] [day] [month] [year] [list]
Message-ID: <15533237421C6E4296CC33A2090B224A05C073@UTDEVS02.campus.ad.utdallas.edu>
From: pauls at utdallas.edu (Schmehl, Paul L)
Subject: RE: Re: Bad news on RPC DCOM vulnerability
> -----Original Message-----
> From: webheadport80@...scape.net [mailto:webheadport80@...scape.net]
> Sent: Monday, October 13, 2003 9:30 AM
> To: full-disclosure@...ts.netsys.com
> Subject: Re: [Full-Disclosure] RE: Re: Bad news on RPC DCOM
> vulnerability
>
> The reason I'd like confirmation is that my Microsoft corp
> contact told me that Microsoft, back in Redmond, said this
> exploit doesn't work on ms03-039... I'd like to confirm/deny
> this claim. Especially, since they haven't updated their sec
> bulletin on ms03-039 for this vulnerability.
>
> Any feedback from folks who have successfully gotten this
> exploit to work on a PATCHED ms03-039 w2k box would be
> GREATLY APPRECIATED!!!
>
Microsoft has acknowledged that the DoS exists on a fully patched
Windows box (not publicly.)
Paul Schmehl (pauls@...allas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/~pauls/
Powered by blists - more mailing lists