Full Disclosure mailing list archives

Re: MSblast worm

From: tom () doctorunix com
Date: Tue, 12 Aug 2003 08:59:57 -0500

The version we have here does not spread to W2000 boxes until they get SP3
installed.  Then they are immediately compromised.  NT4 did not infect.

tc

Quoting Mike.Keighley () lexicon co uk:

Ah, yes.  The vulnerability does indeed exist in NT.
But with respect, what Jasper asks is whether the *MSblast worm* affects
NT ?
The exploit code and discussions on here seem to suggest it targets only
2000 and XP.

Does *this exploit* target NT successfully ?  Not that I have seen /
heard.
Could an exploit be written which exploits NT ?  Oh yes.

--
Mike

Simon Glassman <simon () bsdbox co uk> wrote:

This is affecting the following machines.
Windows NT 4.0 server
Windows NT 4.0 Terminal Server Edition
Windows 2000
Windows XP 32 Bit Edition
Windows XP 64 Bit Edition
Windows Server 2003 32 Bit Edition
Windows Server 2003 64 Bit Edition
More info <snip> security/bulletin/MS03-026.asp

On Tuesday 12 August 2003 11:53 am, Jasper Blackwell wrote:
Does anyone know if this MSblast worm affects Win NT machines,
or is it just infecting 2000 and XP.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html





-------------------------------------------------
This mail sent through IMP: http://horde.org/imp/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

MSblast worm Jasper Blackwell (Aug 12)
- Re: MSblast worm Johan Denoyer (Aug 12)
  - Re: MSblast worm Matthew Murphy (Aug 12)
  - Re: MSblast worm Robert Lemos (Aug 12)
- Re: MSblast worm Simon Glassman (Aug 12)
  - Re: MSblast worm Nick FitzGerald (Aug 12)
  - Re: MSblast worm KF (Aug 12)
- <Possible follow-ups>
- Re: MSblast worm Mike . Keighley (Aug 12)
  - Re: MSblast worm tom (Aug 12)
- RE: RE: MSblast worm Jasper Blackwell (Aug 12)