Full Disclosure mailing list archives
AW: Windows RPC 4 ? [Exploit]
From: "Thorsten Mayr" <tmayr () kitcon net>
Date: Mon, 10 Nov 2003 22:12:24 +0100
afaik this sploit only bypasses stuff like OverflowGuard or StackDefender. a patched system will not be vulnerable... Ran the manipulated code, never made it through..... The code equals the first rpc/dcom split codes... Spent some time with the code - as far as I can say it is no threat at all ;) But if one knows better - I will be pleased to be teached better Rgds Thorsten
-----Ursprüngliche Nachricht----- Von: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] Im Auftrag von Stephen Gesendet: Montag, 10. November 2003 21:31 An: full-disclosure () lists netsys com Betreff: Re: [Full-Disclosure] Windows RPC 4 ? [Exploit] yes here is the .exe file (attached) compiled from the k-otik's source http://www.k-otik.com/exploits/11.07.rpcexec.c.php and some offsets added by the othor ... --- PhilZ wrote:It's not a new RPC hole :-) It's an exploit for MS03-039.__________________________________ Do you Yahoo!? Protect your identity with Yahoo! Mail AddressGuard http://antispam.yahoo.com/whatsnewfree __________________________________ Do you Yahoo!? Protect your identity with Yahoo! Mail AddressGuard http://antispam.yahoo.com/whatsnewfree
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- AW: Windows RPC 4 ? [Exploit] Thorsten Mayr (Nov 10)