Re: MS05-027 exploits around?

[Pusscat <pusscat () gmail com>]

Lately, MS has been  erring on the side of caution. They'll claim a bug is
remote execution while researchers can only produce a DoS for it; or they'll
claim something is preauth, when on most versions of windows access to that
particular named pipe does require auth.

PS - I know I've seen at least a PoC for this exploit; can't recall if I've
seen a reliable professional exploit though. I'd suggest erring on the side
of caution too.

PPS - Is the client in question CBA or AZN?  :)



On 7/11/06 9:19 PM, "Jamie Riden" <jamesr () europe com> wrote:

> On 12/07/06, mikeiscool <michaelslists () gmail com> wrote:
> > if ms has released a patch you'd expect that it's because they are
> > mildly concerned by it. this should be enough to suggest to you that
> > there is an exploit around, no?
>
> Just because MS has released a patch, doesn't mean there is an exploit.
> (And vice versa; just because there is an exploit, doesn't mean MS has
> released a patch :)
>
> > and really, should this be sent from your work account? are we to
> > assume deloitte cannot successfully patch their clients :D
>
> I think (hope?) the OP was thinking in terms of whether they should be
> pulling all-nighters (exploit available), or not (no exploit).
>
> cheers,
>  Jamie

~ Puss


_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave