Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: RE: Probable new MS DCOM RPC worm for Windo ws

From: "Ferris, Robin" <R.Ferris () napier ac uk>
Date: Fri, 26 Sep 2003 16:42:01 +0100
would it have been possable to actually replace these files manually and the
PC therefore be "patched" so to speak?

-----Original Message-----
From: Gary Flynn [mailto:flynngn () jmu edu]
Sent: 26 September 2003 15:40
To: Ferris, Robin
Cc: 'full-disclosure () lists netsys com'
Subject: Re: [Full-disclosure] RE: Probable new MS DCOM RPC worm for
Windo ws




Ferris, Robin wrote:


I have not yet verified if the files were installed or not and thats a

very

good point. I didnt and still dont know what files it changed or installed
for the ms03-026. What are they?


MS03-026:
http://support.microsoft.com/?kbid=823980



However the eeye scanner has always proved to be correct thus far, in all
the cases that I have tried it on. As we use a standard image here it

would

be odd that the patch is "ineffective" in that configuration (PATH?) I

think

it is because the patch as has been noted is not always effective. 


-- 
Gary Flynn
Security Engineer - Technical Services
James Madison University

Please R.U.N.S.A.F.E.
http://www.jmu.edu/computing/runsafe

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: