lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
From: tomokazu444 at (Tomokazu Suzuki)
Subject: Re: Outbreak of a virus on campus, scanning tcp 80/6129/1025/3127

Joe Stewart wrote:

> Scans port 135 for MS03-039 "DCOM2" vulnerability
> Scans port 139 for MS03-049 Workstation vulnerability
> Scans port 1433 for weak MSSQL administrator passwords
> Scans port 2082 for CPanel vulnerability (OSVDB ID: 4205)
> Scans port 2745 for backdoor left by the Bagle Virus
> Scans port 3127 for MyDoom.A backdoor
> Scans port 5000 for MS01-059 UPnP vulnerability
> Scans port 6129 for Dameware vulnerability (OSVDB ID: 3042)
> Scans port 80 for MS03-007 WebDav vulnerability
> Scans ports 135, 445 and 1025 for MS03-032 vulnerability
> Scans ports 139 and 445 for weak Netbios passwords

Could it exploit MS03-032 vulnerability via 135, 445 and 1025 ?
The vulnerability exists in IE.


Powered by blists - more mailing lists