| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 30 Aug 2006 23:03:59 +0300 (EEST) From: Juha-Matti Laurio <juha-matti.laurio@...ti.fi> To: H D Moore <fdlist@...italoffense.net>, full-disclosure@...ts.grok.org.uk Cc: Subject: Re: NT4 worm My point was to clarify if these reports are especially related to NT4 machines and the reply states they are. I.e. when word 'NT4' was used in the title I made a conclusion that there was observations about infected NT4 machines. Absolutely the exploit will work on W2K boxes. BTW: Can someone confirm that Netapi32.dll (vulnerable component of MS06-040) is part of fully patched NT4.0 installation. Thanks. - Juha-Matti H D Moore <fdlist@...italoffense.net> wrote: > > The exploit for NT 4.0 is *exactly* the same packet as the one you would > also use on Windows 2000. I am suprised that this is considered a "NT 4" > worm and not a "Windows 2000 (+NT 4.0)" worm. Is something specific about > the exploit they use that prevents it from working on Windows 2000? > > -HD > > On Wednesday 30 August 2006 10:11, Juha-Matti Laurio wrote: > > Are the machines you have experience especially NT4.0 machines? > > It appears that one of the PoC's (public on Monday 28th Aug) lists the > > following information: "Systems Affected: > > * Microsoft Windows 2000 SP0-SP4 > > * Microsoft Windows XP SP0-SP1 > > * Microsoft Windows NT 4.0" > > > > but reportedly it is tested against XPSP1 and W2KSP4 systems. > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists