lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
From: tmayr at kitcon.net (Thorsten Mayr)
Subject: AW: Windows RPC 4 ? [Exploit]

afaik this sploit only bypasses stuff like OverflowGuard or StackDefender.
a patched system will not be vulnerable... Ran the manipulated code, never made it through.....
The code equals the first rpc/dcom split codes...
Spent some time with the code - as far as I can say it is no threat at all ;)

But if one knows better - I will be pleased to be teached better

Rgds
Thorsten




> -----Urspr?ngliche Nachricht-----
> Von: full-disclosure-admin@...ts.netsys.com 
> [mailto:full-disclosure-admin@...ts.netsys.com] Im Auftrag von Stephen
> Gesendet: Montag, 10. November 2003 21:31
> An: full-disclosure@...ts.netsys.com
> Betreff: Re: [Full-Disclosure] Windows RPC 4 ? [Exploit]
> 
> 
> yes here is the .exe file (attached) 
> 
> compiled from the k-otik's source 
> http://www.k-otik.com/exploits/11.07.rpcexec.c.php
> 
> and some offsets added by the othor ...
> 
> 
> 
> --- PhilZ  wrote:
> > It's not a new RPC hole :-)
> > 
> > It's an exploit for MS03-039.
> 
> 
> __________________________________
> Do you Yahoo!?
> Protect your identity with Yahoo! Mail AddressGuard 
> http://antispam.yahoo.com/whatsnewfree
> 
> 
> __________________________________
> Do you Yahoo!?
> Protect your identity with Yahoo! Mail AddressGuard 
> http://antispam.yahoo.com/whatsnewfree
> 


Powered by blists - more mailing lists