Full Disclosure mailing list archives
Re: DCOM RPC exploit (dcom.c)
From: Blue Boar <BlueBoar () thievco com>
Date: Sun, 27 Jul 2003 13:00:38 -0700
security snot wrote:
I don't understand how having any of the poorly written public exploits for this vulnerability will help in the securing process in any way. Unless you mean that the threat of a worm is more realistic because now hackers, along with security professionals, both have access to some form of exploits they can use to create a worm with, and this threat is enough to convince Asian nations to update all their machines. Other than that, could you please explain how the distribution of such materials actually will "help prepare", as you say, for the upcoming worm?
Troll though this may be, I'll go ahead an answer for the benefit of anyone else who might have been curious about the same thing.
There's a decent chance the work will be based on an existing exploit. If one has made any effort (IDS rules, etc) to detect the exploit, then they will be prepared for the worm as well.
What kinds of evidence does the exploit leave behind? If one can try the exploit(s), then they can determine what an exploited machine looks like.
BB _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: DCOM RPC exploit (dcom.c), (continued)
- Re: DCOM RPC exploit (dcom.c) Robert Wesley McGrew (Jul 28)
- Re: DCOM RPC exploit (dcom.c) Robert Wesley McGrew (Jul 28)
- Re: DCOM RPC exploit (dcom.c) Ron DuFresne (Jul 27)
- Re: DCOM RPC exploit (dcom.c) Paul Schmehl (Jul 27)
- Re: DCOM RPC exploit (dcom.c) Knud Erik Højgaard (Jul 27)
- Re: DCOM RPC exploit (dcom.c) Paul Schmehl (Jul 27)
- Re: DCOM RPC exploit (dcom.c) Nathan Seven (Jul 27)
- Re: DCOM RPC exploit (dcom.c) security snot (Jul 27)
- Re: DCOM RPC exploit (dcom.c) Blue Boar (Jul 27)
- Re: DCOM RPC exploit (dcom.c) Chris Paget (Jul 27)
- Re: DCOM RPC exploit (dcom.c) Valdis . Kletnieks (Jul 27)
- Re: DCOM RPC exploit (dcom.c) w g (Jul 27)
- Re: DCOM RPC exploit w g (Jul 26)
- Re: DCOM RPC exploit (dcom.c) Valdis . Kletnieks (Jul 27)
- Re: DCOM RPC exploit (dcom.c) Neeko Oni (Jul 27)