Re: MS05-027 exploits around?

[mikeiscool <michaelslists () gmail com>]

On 7/11/06, Hackling, Matthew (AU - Melbourne)
<mhackling () deloitte com au> wrote:
> Hello,
>
> We just found that one of our clients in missing the MS05-027 patch on
> numerous servers due to a oversight in an automated build procedure.
>
> Does anyone know of a publicly available exploit for this vulnerability?
>
> We've check the latest canvas release, had a good google, went to
> packetstorm, metasploit, secunia.com, eeye, qualys (credited with discovery)
> web sites et al.
>
> If we find a public exploit for this we'll have to press the big red button
> and set a few pagers ringing, so we're keen to know if anyone knows if a
> sploit is available.

if ms has released a patch you'd expect that it's because they are
mildly concerned by it. this should be enough to suggest to you that
there is an exploit around, no?

and really, should this be sent from your work account? are we to
assume deloitte cannot successfully patch their clients :D


> Kind Regards,
>
> Matthew Hackling B.Sc. (Security) CISSP
> Account Director
> Deloitte

-- mic
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave