Dailydave mailing list archives
Re: MS05-027 exploits around?
From: "Bo Mendenhall" <Bo.Mendenhall () hsc utah edu>
Date: Tue, 11 Jul 2006 16:22:21 -0600
A product that does things similar to CANVAS has a MS05-027 exploit (*Does crashing the host count as exploiting it?) available that exploits microsoft-ds & netbios-ssn services on WinXP Home & Pro sp0-2. Also requires anonymous access to be enabled...I've started testing exactly what that means - and so far seem to have exploited (err...crashed) one out of three machines that Foundstone claimed did not have MS05-027.
"Hackling, Matthew (AU - Melbourne)" <mhackling () deloitte com au>
07/11/06 6:49 AM >>> Hello, We just found that one of our clients in missing the MS05-027 patch on numerous servers due to a oversight in an automated build procedure. Does anyone know of a publicly available exploit for this vulnerability? We've check the latest canvas release, had a good google, went to packetstorm, metasploit, secunia.com, eeye, qualys (credited with discovery) web sites et al. If we find a public exploit for this we'll have to press the big red button and set a few pagers ringing, so we're keen to know if anyone knows if a sploit is available. Kind Regards, Matthew Hackling B.Sc. (Security) CISSP Account Director Deloitte This email and any attachments to it are confidential. You must not use, disclose or act on the email if you are not the intended recipient. Liability limited by a scheme approved under Professional Standards Legislation. Deloitte is a member of Deloitte Touche Tohmatsu (a Swiss Verein). As a Swiss Verein (association), neither Deloitte Touche Tohmatsu nor any of its member firms has any liability for each other's acts or omissions. Each of the member firms is a separate and independent legal entity operating under the names "Deloitte", "Deloitte & Touche", "Deloitte Touche Tohmatsu", or other related names. Services are provided by the member firms or their subsidiaries and affiliates and not by the Deloitte Touche Tohmatsu Verein. _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- MS05-027 exploits around? Hackling, Matthew (AU - Melbourne) (Jul 11)
- Re: MS05-027 exploits around? felix-dailydave (Jul 11)
- Re: MS05-027 exploits around? mikeiscool (Jul 11)
- Re: MS05-027 exploits around? Jamie Riden (Jul 12)
- Re: MS05-027 exploits around? Pusscat (Jul 12)
- Re: MS05-027 exploits around? Jamie Riden (Jul 12)
- <Possible follow-ups>
- Re: MS05-027 exploits around? Bo Mendenhall (Jul 11)