Full Disclosure mailing list archives
RE: DCOM Exploit MS03-026 attack vectors
From: "Paul Tinsley" <pdt () jackhammer org>
Date: Fri, 1 Aug 2003 07:49:49 -0600
I am aware of how that works, my question was as to whether anybody had seen attacks/code using a port other than 135? Sorry for any confusion. _____ From: Brad Bemis [mailto:Brad.Bemis () airborne com] Sent: Thursday, July 31, 2003 10:51 PM To: Paul Tinsley; full-disclosure () lists netsys com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 It is not necessarily port 80, but TCP port 593 (RPC-over-HTTP) or any IIS HTTP/HTTPS port if COM Internet Services are enabled. Thank you for your time and attention, ======================== Brad Bemis ======================== Email Notice: This communication may contain sensitive information. If you are not the intended recipient, or believe that you have received this communication in error; do not print, copy, retransmit, disseminate, or otherwise use the information contained herein for any purpose. Please alert the sender that you have received this message in error, and delete the copy that you received. - -----Original Message----- From: Paul Tinsley [mailto:pdt () jackhammer org] Sent: Wednesday, July 30, 2003 8:38 PM To: full-disclosure () lists netsys com Subject: [Full-disclosure] DCOM Exploit MS03-026 attack vectors Microsoft owns up to the exploit being usable on 135, 139 and 445, I have heard rumors of port 80 being vulnerable as well. I was curious as to whether anyone had seen anything using a port other than 135? Everything I have seen discussed here and elsewhere has been 135 specific. Thanks, Paul Tinsley Email: <pdt () jackhammer org> Web: http://www.jackhammer.org Phone: +1 615 973-5353 Pager: +1 615 960-7766 Mail: 2228 Spartan Ct. Murfreesboro, TN 37128-5395 -----BEGIN PGP SIGNATURE----- iQA/AwUBPynxwJDnOfS48mrdEQJaIwCg59OdO0iAY8DbnRGTfiSybBR37mEAn3iK nKdaM9mEiU5RJJga0O/37HSA =VOLZ -----END PGP SIGNATURE-----
Current thread:
- DCOM Exploit MS03-026 attack vectors Paul Tinsley (Jul 31)
- Re: DCOM Exploit MS03-026 attack vectors Nick FitzGerald (Aug 01)
- <Possible follow-ups>
- RE: DCOM Exploit MS03-026 attack vectors Brad Bemis (Jul 31)
- RE: DCOM Exploit MS03-026 attack vectors Paul Tinsley (Aug 01)
- RE: DCOM Exploit MS03-026 attack vectors Jasper Blackwell (Jul 31)
- Re: RE: DCOM Exploit MS03-026 attack vectors Richard Spiers (Aug 01)
- Re: RE: DCOM Exploit MS03-026 attack vectors Geoincidents (Aug 02)
- Re: RE: DCOM Exploit MS03-026 attack vectors Richard Spiers (Aug 01)
- RE: RE: DCOM Exploit MS03-026 attack vectors Parker, Jeff (MSE) (Aug 01)
- RE: DCOM Exploit MS03-026 attack vectors Bassett, Mark (Aug 01)
- RE: DCOM Exploit MS03-026 attack vectors Bryan K. Watson (Aug 01)
- Re: DCOM Exploit MS03-026 attack vectors Jeremiah Cornelius (Aug 01)
- Re: DCOM Exploit MS03-026 attack vectors Ron DuFresne (Aug 02)
- RE: DCOM Exploit MS03-026 attack vectors Bryan K. Watson (Aug 01)
- RE: DCOM Exploit MS03-026 attack vectors Nick FitzGerald (Aug 02)