lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
From: R.Ferris at napier.ac.uk (Ferris, Robin)
Subject: Latest MS Vulnerbilities

Jasper

The key Vulnerability here for the majority of non-home users is MS04-007. 

It is almost a garanteed that there will be a sploit out for this by next
week or over the weekend. 

The nature of this vun. is such that it could cause a massive issue for the
internet. 

As it was found by eeye and the fact that they publish such detailed info on
the vun.'s they find, combined with the fact that they found this on the
25th September last year I would happily stand by this summary in the face
of anything.

Robin

-----Original Message-----
From: Jasper Blackwell [mailto:jasper599@...mail.com]
Sent: 11 February 2004 10:44
To: full-disclosure@...ts.netsys.com
Subject: [Full-Disclosure] Latest MS Vulnerbilities


Hi All,

MS have just released a new crop of serious vulnerabilities, MS04-004, 
MS04-006, MS04-007. I am assuming at the moment that there isn't any 
viruses, worms or exploit code in general circulation yet that exploit these

holes. Although I imagine that people are working on it by now ;). Anyway I 
am just wondering if anyone knows any different, are there actual malware or

exploits for these vulnerabilities already in use?

Assuming there aren't what's the odds on there being some by next week, I 
guess the odds are pretty good :).

Jasp

_________________________________________________________________
Tired of 56k? Get a FREE BT Broadband connection 
http://www.msn.co.uk/specials/btbroadband

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


Powered by blists - more mailing lists