Full Disclosure mailing list archives

Re: DCOM RPC exploit (dcom.c)

From: Valdis.Kletnieks () vt edu
Date: Sun, 27 Jul 2003 00:52:14 -0400

On Sat, 26 Jul 2003 22:29:56 CDT, Ron DuFresne said:

I'm just trying to understand how corporate networks would/should be at
risk with this, why port 135 would not be filtered already limiting
exposure.  Is there a reason why it would not be that I'm missing?  The


It's the rare corporate net indeed that doesn't have a single remotely
exploitable copy of IE or Outlook left in its entire address space.

And Slammer proved quite well that having a firewall doesn't stop squat.

Attachment: _bin
Description:

Current thread:

Re: DCOM RPC exploit (dcom.c), (continued)
- - - Re: DCOM RPC exploit (dcom.c) Shanphen Dawa (Jul 26)
    - Re: DCOM RPC exploit (dcom.c) morning_wood (Jul 26)
    - Re: DCOM RPC exploit (dcom.c) Ron DuFresne (Jul 26)
    - Re: DCOM RPC exploit (dcom.c) Paul Schmehl (Jul 26)
    - Re: DCOM RPC exploit (dcom.c) Nick FitzGerald (Jul 26)
    - Re: DCOM RPC exploit (dcom.c) Ron DuFresne (Jul 27)
    - Re: DCOM RPC exploit (dcom.c) Paul Schmehl (Jul 27)
    - Re: DCOM RPC exploit (dcom.c) Nathan Seven (Jul 27)
    - Re: DCOM RPC exploit (dcom.c) Valdis . Kletnieks (Jul 27)
    - Re: DCOM RPC exploit (dcom.c) KF (Jul 27)
    - Re: DCOM RPC exploit (dcom.c) Valdis . Kletnieks (Jul 26)
    - Re: DCOM RPC exploit (dcom.c) manohar singh (Jul 27)
    - Re: DCOM RPC exploit (dcom.c) Etaoin Shrdlu (Jul 27)
    - Re: DCOM RPC exploit (dcom.c) Nick FitzGerald (Jul 27)
    - Re: DCOM RPC exploit (dcom.c) Jean-Baptiste Marchand (Jul 29)
    - Re: DCOM RPC exploit (dcom.c) Nick FitzGerald (Jul 29)
    - Re: DCOM RPC exploit (dcom.c) gregh (Jul 26)
    - Re: DCOM RPC exploit (dcom.c) Nick FitzGerald (Jul 26)
    - RE : DCOM RPC exploit (dcom.c) Nicolas Villatte (Jul 27)
    - Re: DCOM RPC exploit (dcom.c) Jason (Jul 26)
    - Re: DCOM RPC exploit (dcom.c) Chris Paget (Jul 26)

(Thread continues...)