Full Disclosure mailing list archives

SV: MS03-039 has been released - critical

From: "Peter Kruse" <kruse () krusesecurity dk>
Date: Wed, 10 Sep 2003 23:20:20 +0200

Hi,

"The new DoS vulnerability was disclosed by a hacking group 
in China on July 25, 2003, and functional exploit code is 
already in use on the Internet. "


This is well known. However it´s not the BoF exploit.

Yet again, the detailed advisory from Eeye makes it fairly easy to write
a working exploit. Although I haven´t seen a PoC yet I would expect it
to be release shortly. It´s a bit harder to exploit than the previous
RPC Dcom weakness but it´s certainly possible.

Please note that Eeye has already released an update for Retina Security
Scanner and I suppose every script kid, cracker or hacker should be able
to sniff to code from Retina going to a remote vulnerable host. You
think? CHAM, yeah?

I suggest we update RPC - again.

Med venlig hilsen // Kind regards

Peter Kruse
Kruse Security
http://www.krusesecurity.dk


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

MS03-039 has been released - critical Ryan, Pete (Sep 10)
- Re: MS03-039 has been released - critical Exibar (Sep 10)
  - Re: MS03-039 has been released - critical Mike Tancsa (Sep 10)
    - Re: MS03-039 has been released - critical Exibar (Sep 10)
    - Re: MS03-039 has been released - critical Exibar (Sep 10)
    - Re: MS03-039 has been released - critical Exibar (Sep 10)
    - SV: MS03-039 has been released - critical Peter Kruse (Sep 10)
    - RE: MS03-039 has been released - critical Marc Maiffret (Sep 10)
    - RE: [inbox] RE: MS03-039 has been released - critical Exibar (Sep 10)
    - RE: [inbox] RE: MS03-039 has been released - critical Jade E. Deane (Sep 10)
    - The role of explicit advisories (was: MS03-039 has been released - critical) l8km7gr02 (Sep 11)
    - Re: MS03-039 has been released (DoS) sploit ? Elv1S (Sep 10)
    - Re: Re: MS03-039 has been released (DoS) sploit ? Yannick Van Osselaer (Sep 10)
    - RE: [inbox] Re: MS03-039 has been released (DoS) sploit ? Exibar (Sep 10)
  - Re: MS03-039 has been released - critical Jordan Wiens (Sep 10)
  - Re: MS03-039 has been released - critical Maarten (Sep 10)
- <Possible follow-ups>
- RE: MS03-039 has been released - critical Robert Ahnemann (Sep 10)

(Thread continues...)