Dailydave mailing list archives

Re: MSRPC vulnerability 1 billion and six?

From: Dave Aitel <daveaitel () tmail com>
Date: Thu, 17 Nov 2005 14:40:58 -0500

There's still endpoints you can connect to by default. For example myuserenum tool works remotely against sp2 just fine.

I'm guessing you send a large integer to function 0x30 in srvsvc via\\browser, and xpsp2 falls to basically the same bug. I haven't had timeto test it yet though.

-dave

Current thread:

Re: MSRPC vulnerability 1 billion and six?, (continued)
- - - Re: MSRPC vulnerability 1 billion and six? H D Moore (Nov 17)
    - Re: MSRPC vulnerability 1 billion and six? Dave Aitel (Nov 17)
- Re: MSRPC vulnerability 1 billion and six? Dave Aitel (Nov 17)
- Re: MSRPC vulnerability 1 billion and six? H D Moore (Nov 17)
  - Re: MSRPC vulnerability 1 billion and six? Dave Aitel (Nov 17)
- Re: MSRPC vulnerability 1 billion and six? halvar (Nov 17)
  - Re: MSRPC vulnerability 1 billion and six? Dave Aitel (Nov 17)
  - Re: MSRPC vulnerability 1 billion and six? Thomas Lakofski (Nov 20)
- Re: MSRPC vulnerability 1 billion and six? Blue Boar (Nov 17)
  - Re: MSRPC vulnerability 1 billion and six? H D Moore (Nov 17)
  - Re: MSRPC vulnerability 1 billion and six? Dave Aitel (Nov 17)